Loading ...
Sorry, an error occurred while loading the content.

Segmentation Fault (core dumped)

Expand Messages
  • Adrian Diezig
    Hi, I developped a webservice on which a can invoke the functions on Standard Port 80 without any problems. When I do the same command (qip-WS-client.pl) but
    Message 1 of 1 , May 17, 2006
    • 0 Attachment
      Hi,

      I developped a webservice on which a can invoke the functions on Standard
      Port 80 without any problems.
      When I do the same command (qip-WS-client.pl) but with an SSL connection to
      this webservice, I receive every time a "Segmentation Fault (core dumped)"
      Message:


      bash-2.05# perl /opt/qip-WS/soap/qip-WS-client.pl
      SOAP::Transport::HTTP::Client::send_receive: HTTP::Request=HASH(0x134574)
      SOAP::Transport::HTTP::Client::send_receive: POST https://SB00796/qip
      HTTP/1.1
      Accept: text/xml
      Accept: multipart/*
      Accept: application/soap
      Content-Length: 510
      Content-Type: text/xml; charset=utf-8
      SOAPAction: "urn:QIPv1#GetObject"

      <?xml version="1.0" encoding="UTF-8"?><soap:Envelope
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
      soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><GetObject
      xmlns="urn:QIPv1"><c-gensym3
      xsi:type="xsd:string">abc123</c-gensym3><c-gensym5
      xsi:type="xsd:string">wstest</c-gensym5></GetObject></soap:Body></soap:Envel
      ope>
      Segmentation Fault (core dumped)


      It is also possible to connect with a Browser trough SSL to the Server.

      On the server, the following Components are installed (mod_ssl and mod_perl
      were build staticaly in Apache.

      mod_ssl/2.2.2
      OpenSSL/0.9.8a
      mod_perl/2.0.2
      Perl/v5.8.7
      SOAP-Lite/0.67



      /opt/qip/opt/qip-WS/soap/qip-WS-client.pl :


      # -- SOAP::Lite -- guide.soaplite.com -- Copyright (C) 2001 Paul
      Kulchenko --
      use SOAP::Lite +trace =>
      [qw(debug transport)];
      # [qw(all)];


      use SOAP::Lite
      on_fault => sub { my($soap, $res) = @_;
      die ref $res ? $res->faultstring : $soap->transport->status, "\n";
      };

      my $soap = SOAP::Lite
      -> uri('urn:QIPv1')
      -> proxy('https://SB00796/qip');


      my $secret="xyz";

      #my $getObject = $soap->hibye();

      print "SetObject:\t", join(" | ", $soap->SetObject($secret, "wstest",
      "sbb.ch","wstest", "10.0.2.160")->paramsall), "\n";
      print "GetObject:\t", join(" | ", $soap->GetObject($secret,
      "wstest")->paramsall), "\n";



      SSL Configuration on Apache:

      VirtualHost _default_:443>
      # ServerName qip-ws-backup.sbb.ch:443
      # General setup for the virtual host
      DocumentRoot "/opt/qip-WS/apache/qip-ws-443"
      #
      # SSL Virtual Host Context
      # ServerAdmin you@...
      ErrorLog "/opt/qip-WS/apache/logs/error_log"
      TransferLog "/opt/qip-WS/apache/logs/access_log"
      # SSL Engine Switch:
      # Enable/Disable SSL for this virtual host.
      SSLEngine on
      # SSL Cipher Suite:
      # List the ciphers that the client is permitted to negotiate.
      # See the mod_ssl documentation for a complete list.
      SSLCipherSuite
      ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      # Server Certificate:
      # Point SSLCertificateFile at a PEM encoded certificate. If
      # the certificate is encrypted, then you will be prompted for a
      # pass phrase. Note that a kill -HUP will prompt again. Keep
      # in mind that if you have both an RSA and a DSA certificate you
      # can configure both in parallel (to also allow the use of DSA
      # ciphers, etc.)
      SSLCertificateFile
      "/opt/qip-WS/apache/conf/ssl.crt/qip-ws-backup.sbb.ch.crt"
      # SSLCertificateFile "/opt/qip-WS/apache/conf/server-dsa.crt"
      # Server Private Key:
      # If the key is not combined with the certificate, use this
      # directive to point at the key file. Keep in mind that if
      # you've both a RSA and a DSA private key you can configure
      # both in parallel (to also allow the use of DSA ciphers, etc.)
      SSLCertificateKeyFile
      /opt/qip-WS/apache/conf/ssl.key/qip-ws-backup.sbb.ch.key
      # SSLCertificateKeyFile /opt/qip-WS/apache/conf/server-dsa.key
      # Server Certificate Chain:
      # Point SSLCertificateChainFile at a file containing the
      # concatenation of PEM encoded CA certificates which form the
      # certificate chain for the server certificate. Alternatively
      # the referenced file can be the same as SSLCertificateFile
      # when the CA certificates are directly appended to the server
      # certificate for convinience.
      # SSLCertificateChainFile "/opt/qip-WS/apache/conf/server-ca.crt"
      # Certificate Authority (CA):
      # Set the CA certificate verification path where to find CA
      # certificates for client authentication or alternatively one
      # huge file containing all of them (file must be PEM encoded)
      # Note: Inside SSLCACertificatePath you need hash symlinks
      # to point to the certificate files. Use the provided
      # Makefile to update the hash symlinks after changes.
      # SSLCACertificatePath "/opt/qip-WS/apache/conf/ssl.crt"
      # SSLCACertificateFile "/opt/qip-WS/apache/conf/ssl.crt/ca-bundle.crt"
      # Certificate Revocation Lists (CRL):
      # Set the CA revocation path where to find CA CRLs for client
      # authentication or alternatively one huge file containing all
      # of them (file must be PEM encoded)
      # Note: Inside SSLCARevocationPath you need hash symlinks
      # to point to the certificate files. Use the provided
      # Makefile to update the hash symlinks after changes.
      # SSLCARevocationPath "/opt/qip-WS/apache/conf/ssl.crl"
      # SSLCARevocationFile "/opt/qip-WS/apache/conf/ssl.crl/ca-bundle.crl"
      # Client Authentication (Type):
      # Client certificate verification type and depth. Types are
      # none, optional, require and optional_no_ca. Depth is a
      # number which specifies how deeply to verify the certificate
      # issuer chain before deciding the certificate is not valid.
      # SSLVerifyClient require
      # SSLVerifyDepth 10
      # Access Control:
      # With SSLRequire you can do per-directory access control based
      # on arbitrary complex boolean expressions containing server
      # variable checks and other lookup directives. The syntax is a
      # mixture between C and Perl. See the mod_ssl documentation
      # for more details.
      # <Location />
      # SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
      # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
      # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
      # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
      # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
      # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
      # </Location>
      # SSL Engine Options:
      # Set various options for the SSL engine.
      # o FakeBasicAuth:
      # Translate the client X.509 into a Basic Authorisation. This means that
      # the standard Auth/DBMAuth methods can be used for access control. The
      # user name is the `one line' version of the client's X.509 certificate.
      # Note that no password is obtained from the user. Every entry in the user
      # file needs this password: `xxj31ZMTZzkVA'.
      # o ExportCertData:
      # This exports two additional environment variables: SSL_CLIENT_CERT and
      # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
      # server (always existing) and the client (only existing when client
      # authentication is used). This can be used to import the certificates
      # into CGI scripts.
      # o StdEnvVars:
      # This exports the standard SSL/TLS related `SSL_*' environment variables.
      # Per default this exportation is switched off for performance reasons,
      # because the extraction step is an expensive operation and is usually
      # useless for serving static content. So one usually enables the
      # exportation for CGI and SSI requests only.
      # o StrictRequire:
      # This denies access when "SSLRequireSSL" or "SSLRequire" applied even
      # under a "Satisfy any" situation, i.e. when it applies access is denied
      # and no other module can change it.
      # o OptRenegotiate:
      # This enables optimized SSL connection renegotiation handling when SSL
      # directives are used in per-directory context.
      # SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
      # <FilesMatch "\.(cgi|shtml|phtml|php)$">
      # SSLOptions +StdEnvVars
      # </FilesMatch>
      # SSL Protocol Adjustments:
      # The safe and default but still SSL/TLS standard compliant shutdown
      # approach is that mod_ssl sends the close notify alert but doesn't wait
      for
      # the close notify alert from client. When you need a different shutdown
      # approach you can use one of the following variables:
      # o ssl-unclean-shutdown:
      # This forces an unclean shutdown when the connection is closed, i.e. no
      # SSL close notify alert is send or allowed to received. This violates
      # the SSL/TLS standard but is needed for some brain-dead browsers. Use
      # this when you receive I/O errors because of the standard approach where
      # mod_ssl sends the close notify alert.
      # o ssl-accurate-shutdown:
      # This forces an accurate shutdown when the connection is closed, i.e. a
      # SSL close notify alert is send and mod_ssl waits for the close notify
      # alert of the client. This is 100% SSL/TLS standard compliant, but in
      # practice often causes hanging connections with brain-dead browsers. Use
      # this only for browsers where you know that their SSL implementation
      # works correctly.
      # Notice: Most problems of broken clients are also related to the HTTP
      # keep-alive facility, so you usually additionally want to disable
      # keep-alive for those clients, too. Use variable "nokeepalive" for this.
      # Similarly, one has to force some clients to use HTTP/1.0 to workaround
      # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
      # "force-response-1.0" for this.
      # BrowserMatch ".*MSIE.*" \
      # nokeepalive ssl-unclean-shutdown \
      # downgrade-1.0 force-response-1.0
      # Per-Server Logging:
      # The home of a custom SSL log file. Use this when you want a
      # compact non-error SSL logfile on a virtual host basis.
      # CustomLog /opt/qip-WS/apache/logs/ssl_request_log \
      # "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

      <Directory "/opt/qip-WS/apache/qip-ws-443">
      Options FollowSymLinks Indexes
      Allow from all
      Order allow,deny
      AllowOverride None
      </Directory>






      bash-2.05# perl /opt/qip-WS/soap/qip-WS-client.pl
      Segmentation Fault (core dumped)
      bash-2.05# perl /opt/qip-WS/soap/qip-WS-client.pl
      SOAP::Transport::HTTP::Client::send_receive: HTTP::Request=HASH(0x134574)
      SOAP::Transport::HTTP::Client::send_receive: POST https://SB00796/qip
      HTTP/1.1
      Accept: text/xml
      Accept: multipart/*
      Accept: application/soap
      Content-Length: 510
      Content-Type: text/xml; charset=utf-8
      SOAPAction: "urn:QIPv1#GetObject"

      <?xml version="1.0" encoding="UTF-8"?><soap:Envelope
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
      soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><GetObject
      xmlns="urn:QIPv1"><c-gensym3
      xsi:type="xsd:string">abc123</c-gensym3><c-gensym5
      xsi:type="xsd:string">wstest</c-gensym5></GetObject></soap:Body></soap:Envel
      ope>
      Segmentation Fault (core dumped)




      Mit freundlichen GrĂ¼ssen / Best Regards
      Adrian Diezig

      GENESIS COMMUNICATION
      Adrian Diezig
      Bernstrasse 34
      CH-3072 Ostermundigen

      Telefon: ++41 (0)878 883 111
      Fax: ++41 (0)878 883 110

      Email: diezig@...
      WEB: www.GenesisCom.ch
    Your message has been successfully submitted and would be delivered to recipients shortly.