[DragonFlyBSD - Bug #2258] (Feedback) engine padlock broken in o

看板DFBSD_bugs作者時間14年前 (2011/12/28 02:04), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
Issue #2258 has been updated by Peter Avalos. Status changed from New to Feedback Please do some tests with 'openssl speed' so we know that this isn't an openvpn issue. ---------------------------------------- Bug #2258: engine padlock broken in openssl on current master http://bugs.dragonflybsd.org/issues/2258 Author: Jan Lentfer Status: Feedback Priority: Normal Assignee: Category: Target version: After Upgrading to v2.13.0.527.g95bf5 openvpn does not work any more with "engine padlock" enabled in server.conf. Seems engine padlock in openssl is broken. If I comment out "engine padlock" from server.conf, handshake works fine. I X-ed out private info in the certificates. Dec 11 21:38:10 epia openvpn[99939]: MULTI: multi_create_instance called Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Re-using SSL/TLS context Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 LZO compression initialized Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Control Channel MTU parms [ L:1562 D:138 EF:38 EB:0 ET:0 EL:0 ] Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Data Channel MTU parms [ L:1562 D:1300 EF:62 EB:135 ET:0 EL:0 AF:3/1 ] Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Fragmentation MTU parms [ L:1562 D:1300 EF:61 EB:135 ET:1 EL:0 AF:3/1 ] Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server' Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client' Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options hash (VER=V4): 'e11a9f86' Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote Options hash (VER=V4): '0c7fabe0' Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 TLS: Initial packet from 85.214.83.243:38599, sid=caa12d6f 165ba8e5 Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK: depth=1, /C=XX/ST=XXXXX/L=XXXXX/O=XXXXXXXXXXXXXXXXX Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK: depth=0, /C=XX/ST=XXXXX/L=XXXX/O=XXXXXXXXXXXXXXXXXXXX/CN=XXXXX/emailAddress=XXXXXXXXXXXX Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS_ERROR: BIO read tls_read_plaintext error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS object -> incoming plaintext read error Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS handshake failed Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 SIGUSR1[soft,tls-error] received, client-instance restarting -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account
更多 bugtracker-. 的文章
文章代碼(AID): #1E-WYKXd (DFBSD_bugs)