I'm using OpenSSL 1.0.0 (RPM openssl-1.0.0-20.el6.x86_64)
on RedHat EL 6.2 and have the following repeatable problem:
OpenSSL is used by PostgreSQL. After a certain number of
bytes have been transferred, the database server renegotiates
encryption. This usually works fine here.
However, in a certain situation renegotiation fails.
The server gets "unexpected record" and the client
"sslv3 alert unexpected message".
Both client and server use the same OpenSSL version,
and they should both adhere to RFC 5746.
I got a stack trace from the client, and here it is:
#0 ERR_put_error (lib=20, func=148, reason=1010, file=0x379b446a70
"s3_pkt.c", line=1193) at err.c:708
#1 0x000000379b4265d8 in ssl3_read_bytes (s=0x15e3140, type=22,
buf=0x15ea300 "\001", len=4, peek=0) at s3_pkt.c:1193
#2 0x000000379b426f52 in ssl3_get_message (s=0x15e3140, st1=4384,
stn=4385, mt=-1, max=20000, ok=0x7fff0e1d9538)
at s3_both.c:426
#3 0x000000379b41fe81 in ssl3_get_server_hello (s=0x15e3140) at
s3_clnt.c:739
#4 0x000000379b4216f8 in ssl3_connect (s=0x15e3140) at s3_clnt.c:283
#5 0x000000379b425da9 in ssl3_read_bytes (s=0x15e3140, type=23,
buf=0x7f6bc95bc02e "d", len=16646114, peek=0) at s3_pkt.c:1093
#6 0x000000379b422200 in ssl3_read_internal (s=0x15e3140,
buf=0x7f6bc95bc02e, len=16646114, peek=0) at s3_lib.c:3265
#7 0x000000379481ae84 in pqsecure_read (conn=0x15db7d0,
ptr=0x7f6bc95bc02e, len=16646114) at fe-secure.c:329
#8 0x0000003794812ae1 in pqReadData (conn=0x15db7d0) at fe-misc.c:629
#9 0x000000379480ffc3 in PQconsumeInput (conn=0x15db7d0) at
fe-exec.c:1459
#10 0x00007f6bcb7b73e4 in libpqrcv_receive (timeout=100,
type=0x7fff0e1d9d2f "w\002", buffer=0x7fff0e1d9d20, len=0x7fff0e1d9d28)
at libpqwalreceiver.c:365
#11 0x0000000000601797 in WalReceiverMain () at walreceiver.c:311
#12 0x00000000004ae1a1 in AuxiliaryProcessMain (argc=2,
argv=0x7fff0e1d9dc0) at bootstrap.c:433
#13 0x00000000005ee0c3 in StartChildProcess (type=WalReceiverProcess) at
postmaster.c:4504
#14 0x00000000005f13c1 in sigusr1_handler (postgres_signal_arg=<value
optimized out>) at postmaster.c:4300
#15 <signal handler called>
#16 0x00000037934de2d3 in __select_nocancel () from /lib64/libc.so.6
#17 0x00000000005ef54a in ServerLoop () at postmaster.c:1415
#18 0x00000000005f21de in PostmasterMain (argc=<value optimized out>,
argv=<value optimized out>) at postmaster.c:1116
#19 0x0000000000594398 in main (argc=5, argv=0x1596bf0) at main.c:199
- Can anybody tell me from the stack trace what is going on
and what causes the error?
Please don't tell me to ask PostgreSQL hackers
because that's me (and yes, I did ask).
Yours,
Laurenz Albe
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
