lighttpd 1.4.26 SSL bug

If you noticed an unexpected outage of my blog and all other sites on this web server, I apologize. This morning, I was greeted by a dead lighttpd web server and when restarting it, it decided to give me this error message instead:

2010-03-05 10:23:01: (network.c.529) SSL: error:00000000:lib(0):func(0):reason(0)

Luckily, a little bit of googling showed that this is a bug in lighttpd 1.4.26′s SSL interface that can be fixed with this little workaround until a new version is released:

cd /tmp
wget http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.26.tar.gz
tar xzf lighttpd-1.4.26.tar.gz
cd lighttpd-1.4.26

cd src
rm network.c
wget http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2716/raw/branches/lighttpd-1.4.x/src/network.c
cd ..
./configure && make install

As you can see, the server is happily back up and running. Thanks to sekuritatea for the fix.



March 29th, 2010

Permalink | 3 Comments

Categories: Tech Talk | Tags: , ,

«
»

3 Responses to “lighttpd 1.4.26 SSL bug”

  1. Interesting, maybe there’s something wrong with the error returns in openssl 1.0.0-rc5…

    Anyway, I found that I still get similar messages in the syslog even after reverting revision r2710 (just not as often), but things work correctly. So it seems like the message may not necessarily be tied to the hanging SSL connections.

    I’ll keep digging and file a bug report if I can gather some more concrete info, I guess. Thanks

    1 Cheap SSL on March 31st, 2010 at 12:23 pm

  2. [...] http://www.vpskong.com/archives/7.html http://fredericiana.com/2010/03/29/lighttpd-1-4-26-ssl-bug/ Leave a [...]

    2 Upgrade Lighttpd from 1.4.20 to 1.4.26 « HOBALL 筆記簿 on May 27th, 2010 at 12:20 pm

  3. Thanks so much for sharing this info! It was very helpful for what I needed to do.

    3 tmr on June 23rd, 2010 at 9:02 pm