Project

General

Profile

Actions

Bug #1223

closed

--with-openssl broken on linux-ppc kernel 2.4.25

Added by Anonymous about 17 years ago. Updated 5 months ago.

Status:
Obsolete
Priority:
Normal
Category:
core
Target version:
ASK QUESTIONS IN Forums:
No

Description

Components:
  • PPC Linux version 2.4.25 (root@thing) (gcc version 3.3.3 (DENX ELDK 3.1.1 3.3.3-9))
  • OpenSSL 0.9.8e,
  • Lighttpd 1.4.15 with `./configure --with-openssl`
  • Self-signed certificate:
    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

All clients fail.

Openssl:


# openssl s_client -connect 10.100.99.5:443
CONNECTED(00000003)
depth=0 /C=IS/L=Gardabaer/CN=10.100.99.5
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=IS/L=Gardabaer/CN=10.100.99.5
verify return:1
1333:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:s3_pkt.c:1053:SSL alert number 20
1333:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Firefox (1.5.0.12) (https://10.100.99.5/)


Alert: "10.100.99.5 has received an incorrect or unexpected message. Error Code: -12227

Lighttpd error log (same for all clients):


2007-06-07 10:51:07: (connections.c.279) SSL: 1 error:1408C095:SSL routines:SSL3_GET_FINISHED:digest check failed
2007-06-07 10:51:07: (connections.c.279) SSL: 1 error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure

Same software components and setup on a x86 Linux version 2.6.12-1.1381_FC3 (gcc version 3.4.4 20050721 (Red Hat 3.4.4-2)) display no errors.

Also tried 0.9.7j with same results.

Could someone help me debug this?

Actions #1

Updated by stbuehler over 16 years ago

If you are still interested in this, please post your config.

If you use a self-signed certificate, do not specify a ca-file.

Actions #2

Updated by stbuehler over 15 years ago

  • Status changed from New to Missing Feedback
  • Pending changed from Yes to No
  • Patch available set to No
Actions #3

Updated by gstrauss 5 months ago

  • Status changed from Missing Feedback to Obsolete
  • ASK QUESTIONS IN Forums set to No

lighttpd 1.5.x branch has been abandoned.

lighttpd 1.4.x branch is now far more advanced and continues to be maintained.

Actions

Also available in: Atom