[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#267430: marked as done (apache-ssl: SSLCACertificatePath directive cannot deal with dead symlinks)

Your message dated Thu, 09 Sep 2004 02:17:18 -0400
with message-id <E1C5IFC-0005Kr-00@newraff.debian.org>
and subject line Bug#267430: fixed in apache 1.3.31-6
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 22 Aug 2004 15:27:35 +0000
>From law@taz.gymszbad.de Sun Aug 22 08:27:35 2004
Return-path: <law@taz.gymszbad.de>
Received: from mail.lanhost.de [] (postfix)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1ByuFr-0003A2-00; Sun, 22 Aug 2004 08:27:35 -0700
Received: from taz.gymszbad.de (unknown [])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.lanhost.de (Postfix) with ESMTP id F2EF9C0014
	for <submit@bugs.debian.org>; Sun, 22 Aug 2004 17:27:26 +0200 (CEST)
Received: by taz.gymszbad.de (Postfix, from userid 1001)
	id 036547A2A; Sun, 22 Aug 2004 17:27:28 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Mario Lipinski <law@taz.gymszbad.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apache-ssl fails to start with erronous symlink in directory specified as
X-Mailer: reportbug 2.63
Date: Sun, 22 Aug 2004 17:27:28 +0200
Message-Id: <20040822152728.036547A2A@taz.gymszbad.de>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25

Package: apache-ssl
Version: 1.3.31-3
Severity: normal

apache-ssl fails to start with erronous symlink in directory specified
as SSLCACertificatePath. an error gets logged in some wired location.
the only place where the error log was specified was in a vhost config.
i guess it was that one with the oldest date.
[Sun Aug 22 17:11:06 2004] [crit] error reading CA certs
[Sun Aug 22 17:11:06 2004] [crit] error:0906D06C:PEM
routines:PEM_read_bio:no start line
[Sun Aug 22 17:11:06 2004] [crit] error:0906D06C:PEM
routines:PEM_read_bio:no start line
[Sun Aug 22 17:11:06 2004] [crit] error:02001002:system library:fopen:No
such file or directory
[Sun Aug 22 17:11:06 2004] [crit] error:20074002:BIO
routines:FILE_CTRL:system lib

I found this one by stracing the apache-ssl process (altough i am not
experienced with debugging processes). There was although the error
message, that the particular file (from the broken symlink) could not
be opened.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.6-taz.gymszbad.de

Versions of packages apache-ssl depends on:
ii  apache-common               1.3.31-3     Support files for all Apache webse
ii  debconf                     1.4.30       Debian configuration management sy
ii  dpkg                        1.10.23      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-16    Berkeley v4.2 Database Libraries [
ii  libexpat1                   1.95.6-8     XML parsing C library - runtime li
ii  libkeynote0                 2.3-10       Decentralized Trust-Management sys
ii  libmagic1                   4.09-1       File type determination library us
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7d-4     SSL shared libraries
ii  logrotate                   3.7-2        Log rotation utility
ii  mime-support                3.28-1       MIME files 'mime.types' & 'mailcap
ii  openssl                     0.9.7d-4     Secure Socket Layer (SSL) binary a
ii  perl                        5.8.4-2      Larry Wall's Practical Extraction 
ii  ssl-cert                    1.0-8        Simple debconf wrapper for openssl

-- debconf information:
* apache-ssl/server-admin: root@taz.gymszbad.de
* apache-ssl/enable-suexec: false
* apache-ssl/init: true
* apache-ssl/server-name: taz.gymszbad.de
* apache-ssl/document-root: /var/www

Received: (at 267430-close) by bugs.debian.org; 9 Sep 2004 06:23:30 +0000
>From katie@ftp-master.debian.org Wed Sep 08 23:23:30 2004
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C5ILC-0004gl-00; Wed, 08 Sep 2004 23:23:30 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1C5IFC-0005Kr-00; Thu, 09 Sep 2004 02:17:18 -0400
From: fabbione@fabbione.net (Fabio M. Di Nitto)
To: 267430-close@bugs.debian.org
X-Katie: $Revision: 1.51 $
Subject: Bug#267430: fixed in apache 1.3.31-6
Message-Id: <E1C5IFC-0005Kr-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 09 Sep 2004 02:17:18 -0400
Delivered-To: 267430-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25

Source: apache
Source-Version: 1.3.31-6

We believe that the bug you reported is fixed in the latest version of
apache, which is due to be installed in the Debian FTP archive:

  to pool/main/a/apache/apache-common_1.3.31-6_i386.deb
  to pool/main/a/apache/apache-dbg_1.3.31-6_i386.deb
  to pool/main/a/apache/apache-dev_1.3.31-6_all.deb
  to pool/main/a/apache/apache-doc_1.3.31-6_all.deb
  to pool/main/a/apache/apache-perl_1.3.31-6_i386.deb
  to pool/main/a/apache/apache-ssl_1.3.31-6_i386.deb
  to pool/main/a/apache/apache-utils_1.3.31-6_i386.deb
  to pool/main/a/apache/apache_1.3.31-6.diff.gz
  to pool/main/a/apache/apache_1.3.31-6.dsc
  to pool/main/a/apache/apache_1.3.31-6_i386.deb
  to pool/main/a/apache/libapache-mod-perl_1.29.0.2-13_i386.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 267430@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Fabio M. Di Nitto <fabbione@fabbione.net> (supplier of updated apache package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA1

Format: 1.7
Date: Thu, 09 Sep 2004 07:09:15 +0200
Source: apache
Binary: apache-dev apache-common apache-doc apache-utils apache apache-dbg apache-perl libapache-mod-perl apache-ssl
Architecture: source i386 all
Version: 1.3.31-6
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Fabio M. Di Nitto <fabbione@fabbione.net>
 apache     - Versatile, high-performance HTTP server
 apache-common - Support files for all Apache webservers
 apache-dbg - Apache webservers (debugging versions)
 apache-dev - Apache webserver development kit
 apache-doc - Apache webserver docs
 apache-perl - Versatile, high-performance HTTP server with Perl support
 apache-ssl - Versatile, high-performance HTTP server with SSL support
 apache-utils - Utility programs for webservers
 libapache-mod-perl - Integration of perl with the Apache web server
Closes: 267430 269009 270214 270224 270635
 apache (1.3.31-6) unstable; urgency=medium
   * (Fabio M. Di Nitto)
     - Add lynx | www-browser dependency to apache-common and make apachectl
       use /etc/alternatives/www-browser.
       (Closes: #269009)
     - Add missing "be" in default config. (Closes: #270214)
     - Add missing \ in forensic log directive. (Closes: #270224)
     - Respect system CFLAGS and LDFLAGS. (Closes: #270635)
     - Disable SSLCACertificatePath in default installation. (Closes: #267430)
 ee0bfc50b5af06020efcd22a771991a9 1084 web optional apache_1.3.31-6.dsc
 f711d770df4dde1b843ee496f3ab4201 364901 web optional apache_1.3.31-6.diff.gz
 46eba335dab173d3ea7222509eeff129 1186066 doc optional apache-doc_1.3.31-6_all.deb
 ac35b9ea3e2423b1b1445b6b7d630808 329194 devel extra apache-dev_1.3.31-6_all.deb
 08bf2cdfd05cd592a0a64cdd3f314fbc 381614 web optional apache_1.3.31-6_i386.deb
 53ed8e9b015680701fd480c194d7b952 488952 web optional apache-ssl_1.3.31-6_i386.deb
 a094c7b70bcfdeb5434343a26d996098 500664 web optional apache-perl_1.3.31-6_i386.deb
 b441d6397970c0dc7f7ef118706a57ec 9100254 devel extra apache-dbg_1.3.31-6_i386.deb
 5046b13fcd6bc531efac9a3da4b03690 841578 web optional apache-common_1.3.31-6_i386.deb
 91b3c10f71b5bcd7200b0712534cc544 265012 web optional apache-utils_1.3.31-6_i386.deb
 9005beb97cb8d6e111627f2e3b436e68 484452 web optional libapache-mod-perl_1.29.0.2-13_i386.deb

Version: GnuPG v1.2.5 (GNU/Linux)


Reply to: