DragonFly bugs List (threaded) for 2011-12
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: [DragonFlyBSD - Bug #2258] engine padlock broken in openssl on current master
Try running some standalone tests with openssl itself, and also try
loading or unloading padlock.ko (depending on whether you've loaded it
now or not).
Cheers,
Alex
On 11/12/11 20:45, Jan Lentfer via Redmine wrote:
>
> Issue #2258 has been reported by Jan Lentfer.
>
> ----------------------------------------
> Bug #2258: engine padlock broken in openssl on current master
> http://bugs.dragonflybsd.org/issues/2258
>
> Author: Jan Lentfer
> Status: New
> Priority: Normal
> Assignee:
> Category:
> Target version:
>
>
> After Upgrading to v2.13.0.527.g95bf5 openvpn does not work any more
> with "engine padlock" enabled in server.conf.
>
> Seems engine padlock in openssl is broken. If I comment out "engine
> padlock" from server.conf, handshake works fine.
>
> I X-ed out private info in the certificates.
>
>
>
> Dec 11 21:38:10 epia openvpn[99939]: MULTI: multi_create_instance called
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Re-using
> SSL/TLS context
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 LZO compression
> initialized
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Control Channel
> MTU parms [ L:1562 D:138 EF:38 EB:0 ET:0 EL:0 ]
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Data Channel
> MTU parms [ L:1562 D:1300 EF:62 EB:135 ET:0 EL:0 AF:3/1 ]
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Fragmentation
> MTU parms [ L:1562 D:1300 EF:61 EB:135 ET:1 EL:0 AF:3/1 ]
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options
> String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto
> UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize
> 128,key-method 2,tls-server'
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote
> Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto
> UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize
> 128,key-method 2,tls-client'
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options
> hash (VER=V4): 'e11a9f86'
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote
> Options hash (VER=V4): '0c7fabe0'
> Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 TLS: Initial
> packet from 85.214.83.243:38599, sid=caa12d6f 165ba8e5
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK:
> depth=1, /C=XX/ST=XXXXX/L=XXXXX/O=XXXXXXXXXXXXXXXXX
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK:
> depth=0,
> /C=XX/ST=XXXXX/L=XXXX/O=XXXXXXXXXXXXXXXXXXXX/CN=XXXXX/emailAddress=XXXXXXXXXXXX
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS_ERROR: BIO
> read tls_read_plaintext error: error:1408F119:SSL
> routines:SSL3_GET_RECORD:decryption failed or bad record mac
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS
> object -> incoming plaintext read error
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS
> handshake failed
> Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599
> SIGUSR1[soft,tls-error] received, client-instance restarting
>
>
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
