Bug#622733: lighttpd: binNMU for openssl 1.0.0 broke SSL support
Hi, http://redmine.lighttpd.net/issues/2306 was a duplicate of http://redmine.lighttpd.net/issues/2269, which is now the correct upstream bug. I found and fixed the problem in commit 2788: http://cgit.lighttpd.net/lighttpd/lighttpd-1.x/commit/?h=lighttpd-1.4.xid=328043caf395e40c8f544162de8965853bb0393a The problem was that we export our own md5 functions, and the symbol names conflict with those from ssl/crypt. Don't ask me why it didn't trigger when i compiled lighttpd with -O0 instead of -O2, but prefixing our functions with li_ fixed it. On 04/14/2011 01:52 PM, Arno Töll wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tags: 622733 +upstream forwarded: 622733 http://redmine.lighttpd.net/issues/2306 owner: 622733 ! thanks It looks like lighttpd is not really compatible with new openssl. Agreed, can confirm this for the Lighttpd package as well as for upstream's trunk. The issue is tracked upstream as http://redmine.lighttpd.net/issues/2306, but might correlate with http://redmine.lighttpd.net/issues/2255 and http://redmine.lighttpd.net/issues/2246 I will keep track. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#622733: lighttpd: binNMU for openssl 1.0.0 broke SSL support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 forwarded 622733 http://redmine.lighttpd.net/issues/2269 tags 622733 +pending fixed 622733 1.4.28-4 thanks On agreement with upstream authors I will backport the fix for this issue from trunk instead of waiting for 1.4.29 since the latter may be in a more distant future. - -- with kind regards, Arno Töll GnuPG Key-ID: 0x8408D4C4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNtE+kAAoJELBdpXvEXpo9FYAP/0RGxz9UWi0abGvpxGLJsm1u QOJDIxFB6vyTcn0c3cwAgecSIIwn8CVY3aE7O4HomQoFpAwYyGqYzbsjsIFf4UPX pEAZs7PcFK3oChpm/N7XPKiGn7qyDK89XqEd4UOcZ+ihEOaQ+Jk5AmzG2PDWgcq7 hgIQp1i1HixQpAbJMKcgsxqWy8gYyHpGum45dklF2UBVZdD4eZXCimtmlFzNW9Pc 1vxGWA8tmJECXHyvLUyxTorvuvCZ3atOrfSQZnxvrdg0reghOib0IjwEz/Fz+7X1 Yq8zr/FOkk/E+B6Xtp407FaaRcwPIXpvEEq3Pls9SUZqvnrXdmQyzkow7Eik3YkY qPxTxgzVoVXvVVLN31OPWHSwQptJFY2errUyE60ngfg9ne0gg1v9IlIfvH7OwLge MdJT5KBDqJK/xxT3qLZiIlaJCYaqhGGc+2Mj2ueT2k5RpNlwJvQEHXB83icysCt7 NOxUY/Kp8sy2Q3jnT3+/2CJMvxBD2/Nw9m9b3Oln17tzd0wW2ppjcAi5IIn/2k+g rHSPepvCdRkvF/UC63prOzzlapNmmi85sjGo8rIvAklcVCWPsprSfrftlxNC78cg 3q7L0RARQu5jBGOiTPLbWDGBCSxBLGxAbUpvYHGZppVkLtGOobL87qdGIpmfjj91 19ntEuIJ8aT71wwNOM9e =OGNy -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#622733: lighttpd: binNMU for openssl 1.0.0 broke SSL support
Package: lighttpd Version: 1.4.28-3+b1 Severity: grave Tags: sid Hi after upgrade to 1.4.28-3+b1, all SSL connections are failing with following message in the log: lighttpd[9516]: (connections.c.271) SSL: -1 5 0 Success It looks like lighttpd is not really compatible with new openssl. -- Michal Čihař | http://cihar.com | http://blog.cihar.com -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-vserver-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lighttpd depends on: ii libattr11:2.4.44-2 Extended attribute shared library ii libbz2-1.0 1.0.5-6 high-quality block-sorting file co ii libc6 2.11.2-13Embedded GNU C Library: Shared lib ii libfam0 2.7.0-17 Client library to control the FAM ii libldap-2.4-2 2.4.25-1 OpenLDAP libraries ii libpcre38.12-3 Perl 5 Compatible Regular Expressi ii libssl1.0.0 1.0.0d-2 SSL shared libraries ii libterm-readline-perl-p 1.0303-1 Perl implementation of Readline li ii lsb-base3.2-27 Linux Standard Base 3.2 init scrip ii mime-support3.51-1 MIME files 'mime.types' 'mailcap ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages lighttpd recommends: pn spawn-fcginone (no description available) Versions of packages lighttpd suggests: pn apache2-utils none (no description available) ii openssl 1.0.0d-2 Secure Socket Layer (SSL) binary a pn rrdtool none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#622733: lighttpd: binNMU for openssl 1.0.0 broke SSL support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tags: 622733 +upstream forwarded: 622733 http://redmine.lighttpd.net/issues/2306 owner: 622733 ! thanks It looks like lighttpd is not really compatible with new openssl. Agreed, can confirm this for the Lighttpd package as well as for upstream's trunk. The issue is tracked upstream as http://redmine.lighttpd.net/issues/2306, but might correlate with http://redmine.lighttpd.net/issues/2255 and http://redmine.lighttpd.net/issues/2246 I will keep track. - -- with kind regards, Arno Töll GnuPG Key-ID: 0x8408D4C4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNpt/8AAoJELBdpXvEXpo9z+IP/irPu+vpspNSqfV0IRMpEmrk bmuMuTYCr3rBIPxdU7deSAScKm58BVoq32KgTAWr7AXjCBPwyzNzMlCo8Y4PsepK MbguD/xTNJadw9E+ZYtLOLvKdVgJHIfmEAg6rvbLOJ0nqBYS1cHt384Q0VwIsOQJ eMeVDRvFo0XazuXIQxYNqX7KRTljRIE1EdrjTqbyxGDh+rfWcom9ROTi4SBup0Yu fOJoRdBJ9nmPtkBq/h/LkDJjk7PXOkgkb4bXtF/fJ2xyeOLIyL3bk4MsHR03Pbkv rzBeHqIhIiRqKAxWJvKQzk9PcTeqhsn6zrq6iV6sujqkXLLZIvCQexEu7eNFRd1d 9Zy/4ut2GzR2uFxVaEiLz3Rf7e1ipUCKQHDHZhTwSXAufvWWQ+C+liK8lQBiYCvz v/5hAJyFi9R4ITUXEmQ4UvwZOuYqNPtu+lSolJmZesWpVBoa/Df3RPH57JV2Q0eT 8XjHq7LuaoCQKmvmP9ShU6JCqXkrdr67rVVbBpu54IZDngLhYjEwBsT8vS75IvbR oy+gnRfKk6ceLp9JAKakagPtDk0mDgWuU54nx6ViZL1I1LcFYe2EJ8fn6e424OjY A7dP87A6cGb3gs0bIuXEd1JgTZEot91jdzJiCk8CdXrcd9VvVXxqMKzikNPydn1C 9Our9fVZNHPouH3U0I/I =LcKG -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
