SSL error: decryption failed or bad record mac (pg as Samba backend)

Started by Fernando Schapachnikabout 21 years ago2 messagesgeneral

fernando@mecon.gov.ar

about 21 years ago

Hi,

I'm trying to use an SSL-enabled (OpenSSL 0.9.7d) Postgres 7.3.9 as database
backend to Samba 3.0.11. On startup Samba opens a connection, and passes it to
every fork()ed process. On some scenarios (consistenly, when somebody tries to
log into a workstation after reboot), Samba spits:

SELECT ... (details ommited)
server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.

And the server log says:
[24129]: LOG: pq_recvbuf: recv() failed: Connection reset by peer
[24129]: LOG: pq_recvbuf: recv() failed: Connection reset by peer

There is no problem when not using SSL. The Samba code doesn't have any
SSL-specifics, leaving it to libpq. Any ideas?

Thanks in advance.

Regards.

Fernando.

Tom Lane

tgl@sss.pgh.pa.us

about 21 years ago

In reply to: Fernando Schapachnik (#1)

Re: SSL error: decryption failed or bad record mac (pg as Samba backend)

Fernando Schapachnik <fernando@mecon.gov.ar> writes:

And the server log says:
[24129] LOG: SSL error: decryption failed or bad record mac
[24129] LOG: pq_recvbuf: recv() failed: Connection reset by peer

I think you need to find some SSL hackers; this is below libpq's level too.

regards, tom lane