Project

General

Profile

Feature #3021

closed

Version information of dependencies of modules

Added by thop23 3 months ago. Updated 3 months ago.

Status:
Wontfix
Priority:
Normal
Category:
core
Target version:
ASK QUESTIONS IN Forums:
No

Description

Hi,

I came across a yet unexplained behaviour of mod_openssl, wherein the private key file could not be read. ("SSL: couldn't read private key from ...", mod_openssl.c line 487)

This is probably an issue of the openssl code, but in order to report it there, it is quite helpful to know which version of openssl is running in lighttpd.

I looked around, in "aptitude show lighttpd", "lighttpd -v" and the like, or on wiki/Docs_SSL.

If this is indeed nowhere documented, it is best to (gradually?) implement it as a command line option to lighttpd. ("-V" comes close)

#1

Updated by gstrauss 3 months ago

  • Status changed from New to Wontfix

lighttpd mod_openssl depends on openssl.
openssl is separate from lighttpd; lighttpd does not ship openssl with the lighttpd package.

To get the version information about openssl, please use the package management tools on your system (aptitude, apt, dnf, etc. -- whatever applies to your system). Generally speaking, libraries in OS distros maintain binary compatibility within a major.minor release so that incremental major.minor.patch releases can be made to fix bugs without requiring any change to executables that depend on that library.

To find out which version of openssl is found by lighttpd (on your system and at this moment), ask the linker/loader:

ldd /usr/lib64/lighttpd/mod_openssl.so

Each module can have its own set of dependencies, so lighttpd can not know all the dependencies at build time. (It is possible to build other third-party modules at a later time, as long as the version of lighttpd core has not changed)

I do not see any value in extra code in lighttpd to do what you are asking (dynamically at runtime) when you can run ldd on the lighttpd executable and on modules individually, or ask your OS package management system.

If you have not built lighttpd yourself, then you can and should ask the package management system of your OS distro what the dependencies are for the lighttpd package, using the package management tools of your OS. To be clear, it is out of scope to ask that lighttpd attempt or pretend to know about any package management system, of which there are many across many different OS distros.

.

All that said, if the error from lighttpd mod_openssl is of the form ("SSL: couldn't read private key from ...", mod_openssl.c line 487), then you should use the openssl command line tool to see if openssl can read the target file. openssl command line tool is separate from lighttpd. Please see its man page.

Also available in: Atom