Jeremie Courreges-Anglas <j...@wxcvbn.org> writes: > Jeremie Courreges-Anglas <j...@wxcvbn.org> writes: > >> Cc'ing the port maintainer. >> >> Walter Haidinger <walter.haidin...@gmx.at> writes: >> >>> Hi! >>> >>> tl;dr: fixed upstream, quick patch for 5.9/6.0 below. >>> >>> SSL support in lighttpd of OpenBSD 5.9 (1.3.36) and >>> OpenBSD 6.0 (1.3.38) is broken. >>> >>> Note: already fixed by upsteam in 1.4.40: >>> https://redmine.lighttpd.net/issues/2729 >>> >>> Details and (upstream) patch: >>> https://redmine.lighttpd.net/projects/lighttpd/repository/revisions/1ca52fdce3b87f7748dd5db6f59d738ed7a9efe1/diff/src/network.c >>> >>> When running lighttpd of OpenBSD 6.0, the error message is: >>> (network.c.773) SSL: error:00000000:lib(0):func(0):reason(0) >>> >>> The following (crude) patch simply removes the check for SSLv2 >>> and SSLv3 (it's vs. OpenBSD 6.0 lighttpd-1.4.38p1.tgz): >> >> IMO it would be better to use the same diff as upstream. >> (flag & SSL_CTX_set_options() != flag) > > The diff below does this; tested with a self-signed cert. > > ok?
Brad, you recently updated the lighttpd port. Is TLS fixed now? -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
