Bug#572031: marked as done (lighttpd: fails to start with current OpenSSL)

Debian Bug Tracking System Thu, 03 Jun 2010 12:51:25 -0700

Your message dated Thu, 03 Jun 2010 19:49:29 +0000
with message-id <e1okgpx-0002is...@ries.debian.org>
and subject line Bug#572031: fixed in lighttpd 1.4.26-3
has caused the Debian Bug report #572031,
regarding lighttpd: fails to start with current OpenSSL
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
572031: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: lighttpd
Version: 1.4.26-1
Severity: grave
Tags: patch
Justification: renders package unusable

Hi

after OpenSSL upgrade, lighttpd stopped working, giving not really helpful
error message:

(network.c.529) SSL: error:00000000:lib(0):func(0):reason(0)

the problem is known and fixed upstream:

http://redmine.lighttpd.net/issues/2157

Attaching patch which applies to 1.4.26-1 and fixes this issue.

-- 
        Michal Cihar | http://cihar.com | http://blog.cihar.com

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-vserver-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages lighttpd depends on:
ii  libattr1                1:2.4.44-1       Extended attribute shared library
ii  libbz2-1.0              1.0.5-4          high-quality block-sorting file co
ii  libc6                   2.10.2-6         Embedded GNU C Library: Shared lib
ii  libfam0                 2.7.0-16.1       Client library to control the FAM 
ii  libldap-2.4-2           2.4.17-2.1       OpenLDAP libraries
ii  libpcre3                7.8-3            Perl 5 Compatible Regular Expressi
ii  libssl0.9.8             0.9.8m-2         SSL shared libraries
ii  libterm-readline-perl-p 1.0303-1         Perl implementation of Readline li
ii  lsb-base                3.2-23           Linux Standard Base 3.2 init scrip
ii  mime-support            3.48-1           MIME files 'mime.types' & 'mailcap
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages lighttpd recommends:
pn  spawn-fcgi                    <none>     (no description available)

Versions of packages lighttpd suggests:
ii  apache2-utils                 2.2.14-7   utility programs for webservers
ii  openssl                       0.9.8m-2   Secure Socket Layer (SSL) binary a
pn  rrdtool                       <none>     (no description available)

-- no debconf information

--- lighttpd-1.4.26.orig/src/network.c
+++ lighttpd-1.4.26/src/network.c
@@ -525,7 +525,7 @@
 
 		if (!s->ssl_use_sslv2) {
 			/* disable SSLv2 */
-			if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) {
+			if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) {
 				log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
 						ERR_error_string(ERR_get_error(), NULL));
 				return -1;

--- End Message ---

--- Begin Message ---

Source: lighttpd
Source-Version: 1.4.26-3

We believe that the bug you reported is fixed in the latest version of
lighttpd, which is due to be installed in the Debian FTP archive:

lighttpd-doc_1.4.26-3_all.deb
  to main/l/lighttpd/lighttpd-doc_1.4.26-3_all.deb
lighttpd-mod-cml_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd-mod-cml_1.4.26-3_i386.deb
lighttpd-mod-magnet_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd-mod-magnet_1.4.26-3_i386.deb
lighttpd-mod-mysql-vhost_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.26-3_i386.deb
lighttpd-mod-trigger-b4-dl_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.26-3_i386.deb
lighttpd-mod-webdav_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd-mod-webdav_1.4.26-3_i386.deb
lighttpd_1.4.26-3.debian.tar.gz
  to main/l/lighttpd/lighttpd_1.4.26-3.debian.tar.gz
lighttpd_1.4.26-3.dsc
  to main/l/lighttpd/lighttpd_1.4.26-3.dsc
lighttpd_1.4.26-3_i386.deb
  to main/l/lighttpd/lighttpd_1.4.26-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 572...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Krzysztof Krzyżaniak (eloy) <e...@debian.org> (supplier of updated lighttpd 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 03 Jun 2010 21:22:24 +0200
Source: lighttpd
Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost 
lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet 
lighttpd-mod-webdav
Architecture: source i386 all
Version: 1.4.26-3
Distribution: unstable
Urgency: low
Maintainer: Debian lighttpd maintainers 
<pkg-lighttpd-maintain...@lists.alioth.debian.org>
Changed-By: Krzysztof Krzyżaniak (eloy) <e...@debian.org>
Description: 
 lighttpd   - A fast webserver with minimal memory footprint
 lighttpd-doc - Documentation for lighttpd
 lighttpd-mod-cml - Cache meta language module for lighttpd
 lighttpd-mod-magnet - Control the request handling module for lighttpd
 lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd
 lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd
 lighttpd-mod-webdav - WebDAV module for lighttpd
Closes: 572031
Changes: 
 lighttpd (1.4.26-3) unstable; urgency=low
 .
   * Ack for NMU, fix for SSL incompatibility (closes: #572031)
Checksums-Sha1: 
 41f78f610b45e540145ed09aa6f8abbd786affdb 1638 lighttpd_1.4.26-3.dsc
 9f51c8095c054bb854c632be872161b676593acc 26701 lighttpd_1.4.26-3.debian.tar.gz
 f893ec77d946bae45faf1eaa3c07f05d9c0e9e2d 276642 lighttpd_1.4.26-3_i386.deb
 70cc0778f53738a0fff23c40c36943a8bdc558d6 16602 
lighttpd-mod-mysql-vhost_1.4.26-3_i386.deb
 2938311a231918b06fd36b2c98a279285ca1bc0e 18358 
lighttpd-mod-trigger-b4-dl_1.4.26-3_i386.deb
 4e75b4bbfee2ae741de7eb7891c81879c83fd6cb 21210 
lighttpd-mod-cml_1.4.26-3_i386.deb
 052bae0e689dea22f1efd079aad47aa5600ec3d6 22210 
lighttpd-mod-magnet_1.4.26-3_i386.deb
 9add920b507b8924962f61d4a43feec185faff0f 28990 
lighttpd-mod-webdav_1.4.26-3_i386.deb
 895696606fbe9ec4570e363f8c15ec653a89c56b 61332 lighttpd-doc_1.4.26-3_all.deb
Checksums-Sha256: 
 d61b0e9405baf4da96b1a5ee455bae20b28d1590a5734442d9ab751a2da754a6 1638 
lighttpd_1.4.26-3.dsc
 7a2f90f82253ea229a3df74be7e986a8d2d372751d009cfc7266484dbb51891f 26701 
lighttpd_1.4.26-3.debian.tar.gz
 cd27da975b8f27bf8cc9699d0fc39aab7aa1fd38542bc5defd5cf56fb2eb7973 276642 
lighttpd_1.4.26-3_i386.deb
 868bf686cc7a1fb20ea80e292a67c9bfd0eb3b9dd0947632d502eaabef060cdc 16602 
lighttpd-mod-mysql-vhost_1.4.26-3_i386.deb
 f939414acb9906539744ee94ef45a9ce445eae0864a61a389946ccd1d64e4b26 18358 
lighttpd-mod-trigger-b4-dl_1.4.26-3_i386.deb
 21c0822dfaf45ad5729b582570ffc1e87e29b63484251b3e9f211671e55952e0 21210 
lighttpd-mod-cml_1.4.26-3_i386.deb
 b2b7017540b2e76127eee5d6510be638c9cd055451a8237bca951734f4a013b7 22210 
lighttpd-mod-magnet_1.4.26-3_i386.deb
 d65a4cd64bd7047b70b3c8fb1db9f0d0e98771dfa33d8942af09e01ce135a724 28990 
lighttpd-mod-webdav_1.4.26-3_i386.deb
 a5c463accc30e92163cc191c06839dc52fd20d7395442c68a65097b7efa3ffa4 61332 
lighttpd-doc_1.4.26-3_all.deb
Files: 
 0c33c1152b72187cad71163663fb4b12 1638 httpd optional lighttpd_1.4.26-3.dsc
 48f5d8b857d2713f9acbf226a230190d 26701 httpd optional 
lighttpd_1.4.26-3.debian.tar.gz
 0595cd4a0ee138a4fd36c46512cd764d 276642 httpd optional 
lighttpd_1.4.26-3_i386.deb
 fff31fc2756c16d8b8135c35326393b1 16602 httpd optional 
lighttpd-mod-mysql-vhost_1.4.26-3_i386.deb
 f6079a5102fb584f8b44cd79e46ea677 18358 httpd optional 
lighttpd-mod-trigger-b4-dl_1.4.26-3_i386.deb
 0254c720a4e2acdcd6f26cd15d80e0aa 21210 httpd optional 
lighttpd-mod-cml_1.4.26-3_i386.deb
 d57e714acfba924e7cadd0339cd78a39 22210 httpd optional 
lighttpd-mod-magnet_1.4.26-3_i386.deb
 91cd4e65fab1952bdf0061885be55950 28990 httpd optional 
lighttpd-mod-webdav_1.4.26-3_i386.deb
 0c6bc8eabe26f1b046b6ac88f67e7a92 61332 doc optional 
lighttpd-doc_1.4.26-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwIBFEACgkQy+HP4f7iC8u3xwCgjlb8TXxnSg3GCtDUw+/ybOmO
fB0An3LnIQXpNr8qfQ/55wLzl9uyctMQ
=Kgu6
-----END PGP SIGNATURE-----

--- End Message ---

Bug#572031: marked as done (lighttpd: fails to start with current OpenSSL)

Reply via email to