[Pkg-openssl-devel] Bug#557261: libssl0.9.8: Updating from version k-5 to k-6 breaks client auth with stunnel4

[Dick Middleton]

Package: libssl0.9.8
Version: 0.9.8k-5
Severity: important


I've just updated my 'sid/unstable' system and found stunnel4 can no
longer do its client certificate auth with apache connecting with ssl
on port https/443.

Apache reports:
 Re-negotiation handshake failed: Not accepted by client!? 

stunnel4 was not updated but libssl0.9.8 on the client was updated
from version 

libssl0.9.8_0.9.8k-5_i386  to libssl0.9.8_0.9.8k-6_i386

I've just reverted this package only and stunnel4 can now successfully connect.

Dick


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.31-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages libssl0.9.8 depends on:
ii  debconf [debconf-2.0]  1.5.28            Debian configuration management sy
ii  libc6                  2.10.1-7          GNU C Library: Shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-15 compression library - runtime

libssl0.9.8 recommends no packages.

libssl0.9.8 suggests no packages.

-- debconf information:
  libssl0.9.8/restart-failed:
* libssl0.9.8/restart-services: ntp postfix ssh