DragonFly BSD
DragonFly bugs List (threaded) for 2011-12
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

engine padlock broken in openssl on current master


From: Jan Lentfer <Jan.Lentfer@xxxxxx>
Date: Sun, 11 Dec 2011 21:43:58 +0100

After Upgrading to v2.13.0.527.g95bf5 openvpn does not work any more with "engine padlock" enabled in server.conf.

Seems engine padlock in openssl is broken. If I comment out "engine padlock" from server.conf, handshake works fine.

I X-ed out private info in the certificates.



Dec 11 21:38:10 epia openvpn[99939]: MULTI: multi_create_instance called
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Re-using SSL/TLS context
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 LZO compression initialized
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Control Channel MTU parms [ L:1562 D:138 EF:38 EB:0 ET:0 EL:0 ]
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Data Channel MTU parms [ L:1562 D:1300 EF:62 EB:135 ET:0 EL:0 AF:3/1 ]
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Fragmentation MTU parms [ L:1562 D:1300 EF:61 EB:135 ET:1 EL:0 AF:3/1 ]
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1562,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Local Options hash (VER=V4): 'e11a9f86'
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 Expected Remote Options hash (VER=V4): '0c7fabe0'
Dec 11 21:38:10 epia openvpn[99939]: 85.214.83.243:38599 TLS: Initial packet from 85.214.83.243:38599, sid=caa12d6f 165ba8e5
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK: depth=1, /C=XX/ST=XXXXX/L=XXXXX/O=XXXXXXXXXXXXXXXXX
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 VERIFY OK: depth=0, /C=XX/ST=XXXXX/L=XXXX/O=XXXXXXXXXXXXXXXXXXXX/CN=XXXXX/emailAddress=XXXXXXXXXXXX
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS_ERROR: BIO read tls_read_plaintext error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS object -> incoming plaintext read error
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 TLS Error: TLS handshake failed
Dec 11 21:38:11 epia openvpn[99939]: 85.214.83.243:38599 SIGUSR1[soft,tls-error] received, client-instance restarting




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]