well this sounds obvious, but unfortunately its much more complicated. on 2 of my dedicated servers running with net-www/apache-1.3.29-r1 and net-www/mod_ssl-2.8.16 one of the last update world's i did updated openssl to 0.9.7c-r1 while I dont know the version which was installed during compilation of mod_ssl anymore, probably the version being actual during the last stable update of mod_ssl itself. however the strange thing is, mod_ssl runs with the new openssl, and everything seems normal, no unresolved symbols, everything runs fine, but when accessing those https servers with some browsers, (most reproduces with konqueror of kde 3.2 , some with firefox-0.8, while with lynx everything worked fine every time without bug occurence) the connection unexpectedly drops during http header exchange (before the actual data) with no sign on the server of anything unusual except a client that dropped connection. I already fixed a bug for konqueror (since with lynx it worked fine, and i had the bug on both https server i tried (well both gentoo)) before i realized that it actually IS the servers fault, and the bug doesnt occur with most 3rd party https systems. re emerging mod_ssl to build with the current openssl worked fine and seems to have fixed the problem. Reproducible: Sometimes Steps to Reproduce: 1. update openssl without re-emerging mod_ssl 2. run your server as normal 3. try to access the server via https with konqueror of kde 3.2, the bug occurs not every time, but between 1 of 5 times and 4 of 5 times depending on system load, server system load, bandwidth, moon phase, time since last request, ..., ... Actual Results: ssl connection between server and client drops during early data exchange leading to a browser error-message-pop-up but no obvious log-entry on the server Expected Results: no such crap ;) i dont have much additional info, someone might need to reproduce the issue, but its also possible that noone in the world can reproduce the same behaviour. also re-emerging mod_ssl on the servers fixed the error, so my actual system configuration isnt the error configuration anymore. However i had the conn-loss errors with browsers from 2 different gentoo systems on 2 almost identical gentoo servers with this issue, so maybe someone is (un)lucky. maybe openssl could print an additional message that mod_ssl might have to be remerged, there is a hint about using revdep-rebuild, but revdep-rebuild doesnt detect THIS inconsistency (i did run revdep-rebuild, mod_ssl was not listed as "thing with unresolved symbols" by them)
einfo "You can now re-compile all packages that are linked again st" einfo "OpenSSL 0.9.6 by using revdep-rebuild from gentoolkit:" einfo "# revdep-rebuild --soname libssl.so.0.9.6" einfo "# revdep-rebuild --soname libcrypto.so.0.9.6" einfo "After this, you can delete /usr/lib/libssl.so.0.9.6 and / usr/lib/libcrypto.so.0.9.6"