toodr |
05-12-2019 09:46 AM |
https openssl-1.1 php ? and curl ? problem in current
I have 4 machines running Slackware current + Eric's Plasma 5.
3 of them are updated to the latest upfates (11.5.2019)
1 is updated to 29.3.2019
All 3 machines (updated to the latest packages) cannot complete this command:
curl -L https://cpanmin.us | perl - --sudo App::cpanminus
it gives me the following log
Code:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 151.101.194.217...
* TCP_NODELAY set
* Connected to cpanmin.us (151.101.194.217) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /usr/share/curl/ca-bundle.crt
CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [106 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [5054 bytes data]
The 4-th machine completes this command and here's the log:
Code:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 151.101.66.217...
* TCP_NODELAY set
* Connected to cpanmin.us (151.101.66.217) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /usr/share/curl/ca-bundle.crt
CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [106 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [5054 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Fastly, Inc.; CN=osff.map.fastly.net
* start date: Feb 26 16:45:23 2019 GMT
* expire date: Jan 23 00:27:00 2020 GMT
* subjectAltName: host "cpanmin.us" matched cert's "cpanmin.us"
* issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign CloudSSL CA - SHA256 - G3
* SSL certificate verify ok.
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Using Stream ID: 1 (easy handle 0x1bb9f30)
} [5 bytes data]
> GET / HTTP/2
> Host: cpanmin.us
> User-Agent: curl/7.64.1
> Accept: */*
>
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
} [5 bytes data]
< HTTP/2 200
< content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
< x-content-type-options: nosniff
< x-frame-options: deny
< x-xss-protection: 1; mode=block
< etag: "8c7e1856a41eaf4c8eac9f094ad8c2e9ddab724a"
< content-type: text/plain; charset=utf-8
< cache-control: max-age=300
< x-geo-block-list:
< x-github-request-id: E5EA:085E:4FCE0:63153:5CD7492D
< via: 1.1 varnish
< fastly-debug-digest: bba650958a21f2868bfac60b2c744937a01da1469e3f622a590ee63ad3806ab1
< access-control-allow-origin: *
< x-fastly-request-id: 9cae737c21490eb866cce7e9b4c3043e100544ee
< expires: Sat, 11 May 2019 22:19:10 GMT
< source-age: 0
< accept-ranges: bytes
< date: Sun, 12 May 2019 10:28:56 GMT
< via: 1.1 varnish
< age: 44087
< x-served-by: cache-hhn1547-HHN, cache-hhn1529-HHN
< x-cache: MISS, HIT
< x-cache-hits: 0, 1
< x-timer: S1557656937.721078,VS0,VE9
< vary: Authorization,Accept-Encoding
< content-length: 302780
<
{ [2172 bytes data]
100 295k 100 295k 0 0 560k 0 --:--:-- --:--:-- --:--:-- 562k
* Connection #0 to host cpanmin.us left intact
* Closing connection 0
--> Working on App::cpanminus
Fetching http://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7044.tar.gz ... OK
Configuring App-cpanminus-1.7044 ... OK
Building and testing App-cpanminus-1.7044 ... OK
Successfully installed App-cpanminus-1.7044
1 distribution installed
Additionally one of the updated machines is a https server with nextcloud (https) instalation. It stopped servicing the https requests and fills the /var/log/messages log with the following messages :
kernel: traps: php[21750] general protection ip:7f9ca2608633 sp:7fffcc278b10 error:0 in libcrypto.so.1.1[7f9ca2506000+1aa000]
(a lot of them)
and in /var/log/httpd/error_log :
Code:
[Sun May 12 17:39:19.700428 2019] [ssl:info] [pid 22370] [client 192.168.1.1:44710] AH01964: Connection to child 6 established (server server:443)
[Sun May 12 17:39:19.701181 2019] [ssl:debug] [pid 22370] ssl_engine_kernel.c(2320): [client 192.168.1.1:44710] AH02043: SSL virtual host for servername server found
[Sun May 12 17:39:19.701282 2019] [ssl:debug] [pid 22370] ssl_engine_kernel.c(2320): [client 192.168.1.1:44710] AH02043: SSL virtual host for servername server found
[Sun May 12 17:39:19.701298 2019] [core:debug] [pid 22370] protocol.c(2314): [client 192.168.1.1:44710] AH03155: select protocol from , choices=h2,http/1.1 for server server
[Sun May 12 17:39:19.761667 2019] [ssl:info] [pid 22371] [client 192.168.1.1:44711] AH01964: Connection to child 8 established (server server:443)
[Sun May 12 17:39:19.762492 2019] [ssl:debug] [pid 22371] ssl_engine_kernel.c(2320): [client 192.168.1.1:44711] AH02043: SSL virtual host for servername server found
[Sun May 12 17:39:19.762608 2019] [ssl:debug] [pid 22371] ssl_engine_kernel.c(2320): [client 192.168.1.1:44711] AH02043: SSL virtual host for servername server found
[Sun May 12 17:39:19.762625 2019] [core:debug] [pid 22371] protocol.c(2314): [client 192.168.1.1:44711] AH03155: select protocol from , choices=h2,http/1.1 for server server
[Sun May 12 17:39:20.401493 2019] [ssl:info] [pid 22372] [client 192.168.1.1:47636] AH01964: Connection to child 9 established (server server:443)
[Sun May 12 17:39:20.402228 2019] [ssl:debug] [pid 22372] ssl_engine_kernel.c(2320): [client 192.168.1.1:47636] AH02043: SSL virtual host for servername server found
[Sun May 12 17:39:20.463327 2019] [core:notice] [pid 2463] AH00052: child pid 22370 exit signal Segmentation fault (11)
[Sun May 12 17:39:20.463392 2019] [core:notice] [pid 2463] AH00052: child pid 22371 exit signal Segmentation fault (11)
[Sun May 12 17:39:20.463401 2019] [core:notice] [pid 2463] AH00052: child pid 22372 exit signal Segmentation fault (11)
Some package should be recompiled but which one (or more ?)
|