Project

General

Profile

Actions

Bug #93

closed

--with-ssl broken on amd64,alpha!?

Added by Anonymous almost 19 years ago. Updated about 17 years ago.

Status:
Fixed
Priority:
Normal
Category:
core
Target version:
-
ASK QUESTIONS IN Forums:

Description

lighttpd build with --with-openssl doesnt work on amd64,alpha arch's.

  1. openssl s_client -connect localhost:443
    CONNECTED
    depth=0
    /C=LV/ST=EU/L=RIGA/O=xxx.RU/OU=WEB/CN=xxx.ru/emailAddress=
    verify error:num=18:self signed certificate
    verify return:1
    depth=0
    /C=LV/ST=EU/L=RIGA/O=xxx.RU/OU=WEB/CN=xxx.ru/emailAddress=
    verify return:1
    9210:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record
    mac:/usr/src/lib/libssl/src/ssl/s3_pkt.c:1052:SSL alert number 20
    9210:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
    failure:/usr/src/lib/libssl/src/ssl/s23_lib.c:226:
  1. tail -n2 lighttpd.error.log
    2005-04-04 10:23:44: (connections.c.238) SSL: 1 error:1408F455:SSL \
    routines:SSL3_GET_RECORD:decryption \ failed or bad record mac
    2005-04-04 10:23:49: (connections.c.238) SSL: 1 error:1408F455:SSL \
    routines:SSL3_GET_RECORD:decryption \ failed or bad record mac

Tested on:
OpenBSD 3.7-beta Mar 12 23:13:19 EET 2005 amd64 AMD Athlon(tm) 64 Processor 3400+

OpenBSD 3.6-stable Feb 14 00:02:56 EET 2005 amd64 AMD Athlon(tm) 64 Processor 3400+

OpenBSD 3.7-beta Mar 20 03:09:45 MST 2005 alpha AlphaStation 200 4/166

On every i386 works fine.

-- nikns

Actions #1

Updated by Anonymous over 18 years ago

same issues with freebsd/amd64, using 1.3.16. am advising freebsd port maintaner to mark --with-ssl broken on amd64 arch.

-- ben

Actions #2

Updated by Anonymous over 18 years ago

Ok, should mention that I tried to compile lighttpd on OpenBSD amd64 against external openssl-0.9.8, and then it complates ssl handshake fine, but of course it doesn't work fully because of ticket 217.
http://trac.lighttpd.net/trac/ticket/217

-- nikns

Actions #3

Updated by Anonymous over 18 years ago


ok. as problem in ticket 217 is fixed, we should fix this ticket to be able use lighttpd(ssl) on OpenBSD[and other BSD's] !i386.
so, on i386, lighttpd compiled against OpenBSD's built-in OpenSSL [OpenSSL 0.9.7d 17 Mar 2004] works fine.

On amd64, lighttpd compiled against OpenBSD's  built-in OpenSSL [OpenSSL 0.9.7d 17 Mar 2004] brakes nice, but compiled against external OpenSSL [openssl-0.9.8 Jul 5 2005] shared libraries it works fine. Tried to trace between which openssl version it starts working, it starts work between "OpenSSL 0.9.7g" and "Beta 1 of OpenSSL 0.9.8".

On alpha, lighttpd compiled against OpenBSD's built-in OpenSSL [OpenSSL 0.9.7d 17 Mar 2004] brakes nice as on amd64. I can't test against openssl0.9.8 because openssl0.9.8 config script tells me that it doesn't know how to make shared libs on this platform. external openssl0.9.7d tells me the same.

need to test on other archs/os'es.

-- nikns

Actions #4

Updated by Anonymous over 18 years ago

lighttpd 1.4.8 - 2005-11-23 12:59
fixes this issue:
  • fixed 64bit issue in md5

verified on netbsd/alpha.

-- nikns

Actions #5

Updated by conny about 18 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

Most probably fixed.

Please create a new ticket if the problem persists in more recent releases.

Actions

Also available in: Atom