-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I couldn't reproduce this for my test setup.
test7:~# grep -rH "ssl" /etc/lighttpd/conf-enabled/ /etc/lighttpd/conf-enabled/10-ssl.conf:## Documentation: /usr/share/doc/lighttpd-doc/ssl.txt /etc/lighttpd/conf-enabled/10-ssl.conf:## http://www.lighttpd.net/documentation/ssl.html /etc/lighttpd/conf-enabled/10-ssl.conf: ssl.engine = "enable" /etc/lighttpd/conf-enabled/10-ssl.conf: ssl.pemfile = "/etc/lighttpd/server.pem" test7:~# dpkg -l | grep -E "(lighttpd|ssl)" ii libssl0.9.8 0.9.8g-15+lenny11 SSL shared libraries ii lighttpd 1.4.19-5+lenny1 A fast webserver with minimal memory footpri ii openssl 0.9.8g-15+lenny11 Secure Socket Layer (SSL) binary and related test7:~# netstat -lntp | grep 443 tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2370/lighttpd While Lenny's code version does indeed [2] contain the buggy line that has been fixed upstream [1] and in Squeeze's package, this does not seem to apply for Lenny as well for some reasons (and/or configurations). Indeed a "openssl s_client" does work as well. test7:~/lighttpd-1.4.19# apt-cache policy Package files: 100 /var/lib/dpkg/status release a=now 500 http://security.debian.org lenny/updates/non-free Packages release v=5.0,o=Debian,a=stable,l=Debian-Security,c=non-free origin security.debian.org 500 http://security.debian.org lenny/updates/contrib Packages release v=5.0,o=Debian,a=stable,l=Debian-Security,c=contrib origin security.debian.org 500 http://security.debian.org lenny/updates/main Packages release v=5.0,o=Debian,a=stable,l=Debian-Security,c=main origin security.debian.org 500 http://ftp.de.debian.org lenny/non-free Packages release v=5.0.7,o=Debian,a=stable,l=Debian,c=non-free origin ftp.de.debian.org 500 http://ftp.de.debian.org lenny/contrib Packages release v=5.0.7,o=Debian,a=stable,l=Debian,c=contrib origin ftp.de.debian.org 500 http://ftp.de.debian.org lenny/main Packages release v=5.0.7,o=Debian,a=stable,l=Debian,c=main origin ftp.de.debian.org Pinned packages: Could you provide more information, e.g. your SSL configuration? [1] http://redmine.lighttpd.net/attachments/1095/08-ssl-retval-fix.patch [2] excerpt from src/network.c: 333 if (!s->ssl_use_sslv2) { 334 /* disable SSLv2 */ 335 if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) { 336 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:", - -- with kind regards, Arno Töll GnuPG Key-ID: 0x8408D4C4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNJj2QAAoJELBdpXvEXpo9v7QP/RQbddi9IaU35ROraFpfJfRj WfDull/JKRQBBAtYBvXzR9TAn9De6AmqPvmzHYidQ8okva8mLJ9vxjv40oXLs637 kVYjLPYOQzTt2mzdDTHlUtLsqFlEHFdk7TWyMzyWCr0VOXuBl3HM0A9Ch+dYxTMw PuyhrcLhcbntAB9LcdJ2mnzhV6G3n7FaMrp2T2Xvyg0acGXQaDgtrom7C6phqrH8 6vMLdZSmFUC+qREoEhVCghPGHBOACoxhIZ+0yfKzVZH7AxBD1E0o67WHyWoUDFSS hS3zezSZW0Z5vaqKkgh6pTFV1dAb+4qitjexxcxzfHV6q616e4LNtXGGP/XjG/ad bAh+Ae3rh8oBWvw0T8aGK2LEM6LMQKHEe28Z3gFHiYeOsYGmiGS69L/vj5vWin0m dX5mfk8mWhNWdTegzFlis7usoD05FKx7BrLgWtaO3/H+qZjYZ7R9odQhQRiIBZ1e 01LgAfMiYGcnl7S18xy9pVnlAPLce1G1vgz+Bc3EGUuoYTu1BmqV5rvWwcM7RHwx OVAW5Mzzgt6Rh9RLnpMiHfTRhOqBpTdQEXyK7YTUpMZjmXW+QP8QoloZmd7AoVkj IkoZub8VIXI22A4pieqm44wshN10CWBQWkFB81jLipEpPfXbZGob1HZ3Dg6dHsGv JEIA6mUyTCgJvNU/yK7J =Yh7L -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
