From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Dec 17 11:05:34 2014 Return-Path: Delivered-To: freebsd-ports-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 767301358 for ; Wed, 17 Dec 2014 11:05:34 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5CD4D5E2 for ; Wed, 17 Dec 2014 11:05:34 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id sBHB5YUH024506 for ; Wed, 17 Dec 2014 11:05:34 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 196059] New: www/nginx: nginx worker crashes with HTTPS request using TLS => 1.0 Date: Wed, 17 Dec 2014 11:05:34 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports Tree X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: marek@mky.waw.pl X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: osa@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Dec 2014 11:05:34 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196059 Bug ID: 196059 Summary: www/nginx: nginx worker crashes with HTTPS request using TLS => 1.0 Product: Ports Tree Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: osa@FreeBSD.org Reporter: marek@mky.waw.pl Flags: maintainer-feedback?(osa@FreeBSD.org) Assignee: osa@FreeBSD.org Overview: I am using nginx 1.6.2 with php-fpm 5.3.35 and enabled HTTPS. All installed on FreeBSD 10.1 / amd64. When I try to access the site using TLS1.0 or greater, the server worker crashes. Steps to Reproduce: I reproduced this bug successfully on the Virtual Machine. Here is the steps: - install FreeBSD (tested on 10.0 and 10.1) - install packages: nginx php5 curl - configure nginx to work with php-fpm (I used this tutorial: http://wiki.nginx.org/PHPFcgiExample) - create any .php page, I used simple index.php with phpinfo(): - create self signed or get CA signed certificate (no matter for this) - launch the HTTPS enabled site - test with curl (see below) Actual Results: I tested this site using curl with several SSL parameters: 1. curl -k --sslv3 https://testpage.server.domain/ Result: - curl showed generated page from phpinfo() 2. curl -k --tlsv1.0 https://testpage.server.domain/ Result: - curl: (52) Empty reply from server - dmesg: pid 59695 (nginx), uid 80: exited on signal 11 3. curl -k --tlsv1.1 https://testpage.server.domain/ Result: - same as above 4. curl -k --tlsv1.2 https://testpage.server.domain/ Result: - same as above Expected Results: Any test mentioned above should not crash the nginx. Build Date & Hardware: FreeBSD 10.1-RELEASE #0 r274401: Tue Nov 11 21:02:49 UTC 2014 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 All packages from latest pkg repository: curl-7.39.0_1 Non-interactive tool to get files from FTP, GOPHER, HTTP(S) servers nginx-1.6.2_1,2 Robust and small WWW server php5-5.4.35 PHP Scripting Language Additional Builds and Platforms: Virtual Machine on Microsoft Hyper-V. Same FreeBSD and the packages. Additional Information: 1. I was unable to get core, after nginx crashes. I tried to incerase worker_limit_core in nginx.conf to 20480M but with no success: worker_rlimit_core 20480M; working_directory /var/crash/; # fstat /var/crash USER CMD PID FD MOUNT INUM MODE SZ|DV R/W NAME www nginx 96008 wd /var/crash 4 drwxrwxrwx 2 r /var/crash After nginx worker crashes, there is no core in /var/crash 2. There is no access log or error log when nginx worker crashes. 3. The server works correctly with static html content (all the tests mentioned above have passed). --- Comment #1 from Bugzilla Automation --- Auto-assigned to maintainer osa@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug.