Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
nginx and ssl problem
Здравсвуйте,
В Nginx временами умирает SSL. Что в тот момнет в логе сейчас к
сожалению не могу сказать.
Но как постоянная проблема, в лог вываливается такая штука (в атаче).
Еще в логе проскакивает вот такая ошибка:
*1560208 SSL_read() failed (SSL: error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry) while keepalive, client:
216.62.158.23
Дмесг показывает вот такую гадость с завидной регулярностью.
nginx[27342]: segfault at 0000000000000091 rip 0000000000475253 rsp
00007fff97ab0e40 error 4
nginx[27695] general protection rip:48c049 rsp:7fff97ab0e90 error:0
nginx[28616] general protection rip:48c049 rsp:7fff97ab0e90 error:0
--------
Сервер 64Bit Fedora 6
nginx/0.5.26
configure arguments: --prefix=/opt/nginx --with-zlib=../zlib-1.2.3
--with-openssl=../openssl-0.9.8e --with-pcre=../pcre-7.1 --with-debug
--with-http_ssl_module --with-http_stub_status_module
--------
Кусок конфига Nginx в атаче.
Может у кого есть мысли в какую сторону покрутить?
С уважением,
Павел.
#user nobody;
worker_processes 3;
error_log logs/error.log info;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 120;
#gzip on;
server {
listen 10.10.10.10:443;
server_name www.server.com server.com ;
ssl on;
ssl_certificate cert/server.cer;
ssl_certificate_key cert/server.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
access_log logs/httpsserve.access.log main;
location / {
proxy_pass ;
proxy_buffering off;
proxy_redirect http://www.server.com/;
proxy_redirect http://www.server.com/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
#client_body_buffer_size 128k;
proxy_connect_timeout 270;
proxy_send_timeout 270;
proxy_read_timeout 270;
#proxy_buffer_size 4k;
#proxy_buffers 4 32k;
#proxy_busy_buffers_size 64k;
#proxy_temp_file_write_size 64k;
}
location ~* ^.+\.(jpg|jpeg|gif|png|ico|css)$ {
root /opt/nginxtest/html/server;
}
}
}
2007/07/24 05:35:37 [info] 25426#0: *1572513 client 65.184.46.242 closed
keepalive connection (104: Connection reset by peer)
*** glibc detected *** nginx: worker process: free(): invalid pointer:
0x000000000082d908 ***
======= Backtrace: =========
/lib64/libc.so.6[0x37e8a6ea60]
/lib64/libc.so.6(cfree+0x8c)[0x37e8a7217c]
nginx: worker process(CRYPTO_free+0x1d)[0x475bfd]
nginx: worker process[0x45f3b3]
nginx: worker process[0x45d547]
nginx: worker process[0x41f88c]
nginx: worker process[0x434328]
nginx: worker process[0x4351bd]
nginx: worker process[0x4355b6]
nginx: worker process[0x427a88]
nginx: worker process[0x41e368]
nginx: worker process[0x415947]
nginx: worker process[0x41bc7c]
nginx: worker process[0x41a72b]
nginx: worker process[0x41c525]
nginx: worker process[0x4081a7]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x37e8a1da44]
nginx: worker process(realloc+0x161)[0x406eb9]
======= Memory map: ========
00400000-0054e000 r-xp 00000000 fd:00 16582967
/opt/nginx/sbin/nginx
0074d000-0077c000 rwxp 0014d000 fd:00 16582967
/opt/nginx/sbin/nginx
0077c000-00d0a000 rwxp 0077c000 00:00 0 [heap]
37e8600000-37e861a000 r-xp 00000000 fd:00 21823769
/lib64/ld-2.5.so
37e8819000-37e881a000 r-xp 00019000 fd:00 21823769
/lib64/ld-2.5.so
37e881a000-37e881b000 rwxp 0001a000 fd:00 21823769
/lib64/ld-2.5.so
37e8a00000-37e8b44000 r-xp 00000000 fd:00 21823770
/lib64/libc-2.5.so
37e8b44000-37e8d44000 ---p 00144000 fd:00 21823770
/lib64/libc-2.5.so
37e8d44000-37e8d48000 r-xp 00144000 fd:00 21823770
/lib64/libc-2.5.so
37e8d48000-37e8d49000 rwxp 00148000 fd:00 21823770
/lib64/libc-2.5.so
37e8d49000-37e8d4e000 rwxp 37e8d49000 00:00 0
37e8e00000-37e8e03000 r-xp 00000000 fd:00 21823772
/lib64/libdl-2.5.so
37e8e03000-37e9002000 ---p 00003000 fd:00 21823772
/lib64/libdl-2.5.so
37e9002000-37e9003000 r-xp 00002000 fd:00 21823772
/lib64/libdl-2.5.so
37e9003000-37e9004000 rwxp 00003000 fd:00 21823772
/lib64/libdl-2.5.so
37eae00000-37eae05000 r-xp 00000000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eae05000-37eb004000 ---p 00005000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb004000-37eb005000 r-xp 00004000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb005000-37eb006000 rwxp 00005000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb006000-37eb034000 rwxp 37eb006000 00:00 0
37ed200000-37ed20d000 r-xp 00000000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
37ed20d000-37ed40c000 ---p 0000d000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
37ed40c000-37ed40d000 rwxp 0000c000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
2aaaaaaab000-2aaaaaaac000 rwxp 2aaaaaaab000 00:00 0
2aaaaaaac000-2aaaaaaad000 rwxs 00000000 00:08 539693
/dev/zero (deleted)
2aaaaaabd000-2aaaaaac0000 rwxp 2aaaaaabd000 00:00 0
2aaaaaac0000-2aaaaaaca000 r-xp 00000000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaaaca000-2aaaaacc9000 ---p 0000a000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaacc9000-2aaaaacca000 r-xp 00009000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaacca000-2aaaaaccb000 rwxp 0000a000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaaccb000-2aaaaacf4000 rwxp 2aaaaaccb000 00:00 0
2aaaac000000-2aaaac021000 rwxp 2aaaac000000 00:00 0
2aaaac021000-2aaab0000000 ---p 2aaaac021000 00:00 0
7fff97a9d000-7fff97ab2000 rwxp 7fff97a9d000 00:00 0 [stack]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0 [vdso]
2007/07/24 05:35:40 [notice] 17917#0: signal 17 (SIGCHLD) received
2007/07/24 05:35:40 [alert] 17917#0: worker process 25426 exited on signal 6
2007/07/24 05:35:40 [notice] 17917#0: start worker process 25655
=========================================================================================================================
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
another error in logfile
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
=========================================================================================================================
*** glibc detected *** nginx: worker process: double free or corruption
(!prev): 0x0000000000abdc20 ***
======= Backtrace: =========
/lib64/libc.so.6[0x37e8a6ea60]
/lib64/libc.so.6(cfree+0x8c)[0x37e8a7217c]
nginx: worker process(CRYPTO_free+0x1d)[0x475bfd]
nginx: worker process[0x45b909]
nginx: worker process[0x45d54f]
nginx: worker process[0x41f88c]
nginx: worker process[0x434328]
nginx: worker process[0x4351bd]
nginx: worker process[0x4355b6]
nginx: worker process[0x427a88]
nginx: worker process[0x41e368]
nginx: worker process[0x415947]
nginx: worker process[0x41bc7c]
nginx: worker process[0x41a72b]
nginx: worker process[0x41c525]
nginx: worker process[0x4081a7]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x37e8a1da44]
nginx: worker process(realloc+0x161)[0x406eb9]
======= Memory map: ========
00400000-0054e000 r-xp 00000000 fd:00 16582967
/opt/nginx/sbin/nginx
0074d000-0077c000 rwxp 0014d000 fd:00 16582967
/opt/nginx/sbin/nginx
0077c000-00d74000 rwxp 0077c000 00:00 0 [heap]
37e8600000-37e861a000 r-xp 00000000 fd:00 21823769
/lib64/ld-2.5.so
37e8819000-37e881a000 r-xp 00019000 fd:00 21823769
/lib64/ld-2.5.so
37e881a000-37e881b000 rwxp 0001a000 fd:00 21823769
/lib64/ld-2.5.so
37e8a00000-37e8b44000 r-xp 00000000 fd:00 21823770
/lib64/libc-2.5.so
37e8b44000-37e8d44000 ---p 00144000 fd:00 21823770
/lib64/libc-2.5.so
37e8d44000-37e8d48000 r-xp 00144000 fd:00 21823770
/lib64/libc-2.5.so
37e8d48000-37e8d49000 rwxp 00148000 fd:00 21823770
/lib64/libc-2.5.so
37e8d49000-37e8d4e000 rwxp 37e8d49000 00:00 0
37e8e00000-37e8e03000 r-xp 00000000 fd:00 21823772
/lib64/libdl-2.5.so
37e8e03000-37e9002000 ---p 00003000 fd:00 21823772
/lib64/libdl-2.5.so
37e9002000-37e9003000 r-xp 00002000 fd:00 21823772
/lib64/libdl-2.5.so
37e9003000-37e9004000 rwxp 00003000 fd:00 21823772
/lib64/libdl-2.5.so
37eae00000-37eae05000 r-xp 00000000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eae05000-37eb004000 ---p 00005000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb004000-37eb005000 r-xp 00004000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb005000-37eb006000 rwxp 00005000 fd:00 21823782
/lib64/libcrypt-2.5.so
37eb006000-37eb034000 rwxp 37eb006000 00:00 0
37ed200000-37ed20d000 r-xp 00000000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
37ed20d000-37ed40c000 ---p 0000d000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
37ed40c000-37ed40d000 rwxp 0000c000 fd:00 21823781
/lib64/libgcc_s-4.1.1-20061011.so.1
2aaaaaaab000-2aaaaaaac000 rwxp 2aaaaaaab000 00:00 0
2aaaaaaac000-2aaaaaaad000 rwxs 00000000 00:08 539693
/dev/zero (deleted)
2aaaaaabd000-2aaaaaac0000 rwxp 2aaaaaabd000 00:00 0
2aaaaaac0000-2aaaaaaca000 r-xp 00000000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaaaca000-2aaaaacc9000 ---p 0000a000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaacc9000-2aaaaacca000 r-xp 00009000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaacca000-2aaaaaccb000 rwxp 0000a000 fd:00 21823516
/lib64/libnss_files-2.5.so
2aaaaaccb000-2aaaaacf4000 rwxp 2aaaaaccb000 00:00 0
2aaaac000000-2aaaac021000 rwxp 2aaaac000000 00:00 0
2aaaac021000-2aaab0000000 ---p 2aaaac021000 00:00 0
7fff97a9d000-7fff97ab2000 rwxp 7fff97a9d000 00:00 0 [stack]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0 [vdso]
2007/07/23 17:00:18 [notice] 17917#0: signal 17 (SIGCHLD) received
2007/07/23 17:00:18 [alert] 17917#0: worker process 11416 exited on signal 6
2007/07/23 17:00:18 [notice] 17917#0: start worker process 11668
| 
