So, I just did an apt-get distupgrade (currently running Testing)
today, and
suddenly apache-ssl won't properly authenticate users. Using the same
directives from apache-ssl's httpd.conf and the same password file,
non-ssl
apache has no trouble validating users. Also, apache-ssl seems to
work fine
when I'm not trying to protect anything with a login.

Looking at the error.log file I get entries like the following:
[error] [client 128.61.43.40] user not found: /foo

Notice the two spaces after "user". It looks to me like it's not
getting the
user name. Can anyone shed any light on this?

I've tried many variations of removing and reinstalling and
reconfiguring apache-ssl and openssl, to no avail. Current versions
are:
OpenSSL 0.9.7d 17
Apache/1.3.29 Ben-SSL/1.53 (Debian GNU/Linux)

Help would be muchly appreciated.

--
Will