After upgrading to openssl 0.9.8m, lighttpd no longer starts. Reproducible: Always Steps to Reproduce: 1. Upgrade openssl to 0.9.8m Actual Results: # lighttpd -f /etc/lighttpd/lighttpd.conf 2010-03-08 11:38:22: (network.c.529) SSL: error:00000000:lib(0):func(0):reason(0) Expected Results: Lighttpd starts. This is known (and fixed) upstream: http://redmine.lighttpd.net/issues/2157
Just to add: This can be worked around by commenting out any SSL settings in lighttpd.conf.
There is apparently a patch at: http://blog.sekuritatea.com/index.php/archives/34 But I haven' t had the time to check it, just mentioning for the record.
Created attachment 223523 [details] Overlay ebuild with sed patch for file src/network.c A quick and dirty patch with sed. Content see here: http://redmine.lighttpd.net/attachments/1095/08-ssl-retval-fix.patch
do these patches break with older openssl releases?
1.4.26-r1 just hit the tree with the fix. please test - on both new and old openssl. thanks
Confirm that it is fixed with 0.9.8m
(In reply to comment #6) > Confirm that it is fixed with 0.9.8m > This patch fixes the starting problem with openssl 0.9.8m. It run's on my AMD64 without problems since three days. I don't like to test it with older versions of openssl. Less time at the moment...
(In reply to comment #7) > This patch fixes the starting problem with openssl 0.9.8m. > It run's on my AMD64 without problems since three days. On x86 stable with dev-libs/openssl-0.9.8n I did run into this bug, lighttpd-1.4.26-r1 fixed it for me, thanks.
*** Bug 311413 has been marked as a duplicate of this bug. ***
Hi Thilo, Please escalate this, the current stable tree is broken in this regard. Thanks.
(In reply to comment #5) > 1.4.26-r1 just hit the tree with the fix. please test - on both new and old > openssl. > thanks > My apologies, my last email was abit too hasty. I was in panic mode as I was migrating servers. Two scenerios, x86 on both: ServerA: dev-libs/openssl-0.9.8l-r2 www-server/lighttpd-1.4.26-r1 ServerB: dev-libs/openssl-0.9.8n www-server/lighttpd-1.4.26-r1 Is there anything else you request to be tested? We should have .26-r1 stabilized as soon as practical.
Adding arches to the loop as current stable is broken. I am not the maintainer so it's up to you to decide if you want to start stabling before ack from maintainers.
ARCHS: please go ahead and stable. thanks
So you want =www-servers/lighttpd-1.4.26-r1 stable, then.
Stable for HPPA.
Tested on x86, looks good to go.
x86 stable, thanks Andreas
amd64 stable too
Confirm, stable on amd64
(In reply to comment #5) > 1.4.26-r1 just hit the tree with the fix. please test - on both new and old > openssl. > thanks > This patch should also be included with lighttpd-1.4.25-r1, because this version is also affected by the SSL problem. I tested the patch with 1.5.25-r1 and the problem has been resolved. No compilation problems, no runtime problems for now.
Got the same bug with 1.4.25, 1.4.26-r1 fixed it and is running stabel. On amd64.
amd64 stable.
www-servers/lighttpd-1.4.26-r1 alpha ok
sparc stable
alpha/arm/ia64/sh stable
Marked ppc/ppc64 stable.
thanks everybody.