Bug#224390: apache-ssl: SSLCacheServerPort: httpd.conf not updated

[Fabio Massimo Di Nitto <fabbione@fabbione.net>]

tags 224390 - patch
tags 224390 + wontfix
severity 224390 wishlist
stop
quit
thanks

Hi Thomas,
	this is simply not possible. neither now or in the future so it is
wontfix. There is no patch in the message.. did you forget to attach one?

It is simply impossible to change a set back since there might be users
that are using that setup. The previous bug has been fixed meaning that
upgrading from woody to the actual release creates no breackage.

If you can provide a safe patch and way to determine which setup is there
for a mistake and which one for a user choise i will be happy to add it to
the postinst.

Thanks
Fabio


On Thu, 18 Dec 2003, Thomas R. Shemanske wrote:

> Package: apache-ssl
> Version: 1.3.29.0.1-3
> Severity: important
> Tags: patch sid
>
> In some sense this could be a reopening of bug 215011.
>
> I have been running apache-ssl for some time.  At some point I started
> getting the errors (as reported in 215011) in my error log:
>
> SSL23_GET_CLIENT_HELLO:unknown protocol
> gcachecommon.c:108: ReadThing: Assertion `nRead == sizeof usLength' failed.
>
> The fix, for apache-ssl version 1.3.28-2 (which was supposedly
> implemented in a later version) was to change the following entry in
> httpd.conf:
>
> SSLCacheServerPort 443 to
> SSLCacheServerPort /var/run/gcache_port
>
> This fix *does* work, but it never gets written to the httpd.conf file
> even if you dpkg-reconfigure apache-ssl
>
> I purged apache-ssl and reinstalled and the httpd.conf file is now
> correct, but of course one then has to remerge old modifications and
> users have to handle the new certificate.
>
> This really needs to be done in postinstall.
>
> Cheers!
>
>
> -- System Information:
> Debian Release: testing/unstable
> Architecture: i386
> Kernel: Linux hecke 2.4.23 #1 Tue Dec 2 11:41:35 EST 2003 i686
> Locale: LANG=C, LC_CTYPE=C
>
> Versions of packages apache-ssl depends on:
> ii  apache-common               1.3.29.0.1-3 Support files for all Apache webse
> ii  debconf                     1.3.22       Debian configuration management sy
> ii  dpkg                        1.10.18      Package maintenance system for Deb
> ii  libc6                       2.3.2.ds1-10 GNU C Library: Shared libraries an
> ii  libdb4.1                    4.1.25-10    Berkeley v4.1 Database Libraries [
> ii  libexpat1                   1.95.6-6     XML parsing C library - runtime li
> ii  libkeynote0                 2.3-10       Decentralized Trust-Management sys
> ii  libmagic1                   4.06-2       File type determination library us
> ii  libpam0g                    0.76-14      Pluggable Authentication Modules l
> ii  libssl0.9.7                 0.9.7c-5     SSL shared libraries
> ii  logrotate                   3.6.5-2      Log rotation utility
> ii  mime-support                3.23-1       MIME files 'mime.types' & 'mailcap
> ii  openssl                     0.9.7c-5     Secure Socket Layer (SSL) binary a
> ii  perl [perl5]                5.8.2-2      Larry Wall's Practical Extraction
> ii  ssl-cert                    1.0-6        Simple debconf wrapper for openssl
>
> -- debconf information:
> * apache-ssl/server-name: hecke.dartmouth.edu
> * apache-ssl/server-admin: webmaster@hecke.dartmouth.edu
> * apache-ssl/enable-suexec: false
> * apache-ssl/init: true
> * apache-ssl/document-root: /var/www
>
>
>
>

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html