I have a Apache2 server installed running with php and suhosin. The php session are handled with Zend_Session and stored in database. Suhosin is configured to encrypt session data before saving it to the database.
While apache2 is running after a
/etc/init.d/apache2 start
everything work fine until I ask apache2 to reload using
/etc/init.d/apache2 reload
It seems that suhosin is not loaded correctly, and does not handle session data encryption anymore.
eg:
-before reload
mz0NTT8tcqaa4BIuBniVnVCMNjiwllLIds-cPt3KcMvyOHTktQmuYjgfAM3UMbVkVbsKnioUxPwjqaDIORSRlDnL5Q-W6iS8AoilOPwDUuUdtYjkbKskJpv62R9q
-after reload
language|a:2:{s:10:"locale";s:5:"en_EN";s:12:"language";s:2:"en";}
if apache is restarted sessions data are crypted again.
Here are the versions og the OS, apache2, php and suhosin I have:
squeeze/sid
Server version: Apache/2.2.17 (Ubuntu)
Server built: Feb 22 2011 18:33:02
PHP 5.3.5-1ubuntu7.2 with Suhosin-Patch (cli) (built: May 2 2011 23:18:30)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Xdebug v2.1.0, Copyright (c) 2002-2010, by Derick Rethans
with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH
Does anyone have faced the same issue? Any help on this would be very appreciated.
Thank you
I Finally found the solution. My apache was configured with suhosin and Xdebug. It seems that desactivating Xdebug allow suhosin to reload correctly while reloading apache.