touch-packages team mailing list archive

Thread
Date

[Bug 1018307] Re: SSL renegotiation fails

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: "Olivier Dony \(Odoo\)" <1018307@xxxxxxxxxxxxxxxxxx>
Date: Tue, 17 Feb 2015 12:03:00 -0000
Reply-to: Bug 1018307 <1018307@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

FWIW, still happening today on 14.04 with Postgresql 9.3+154  and
openssl 1.0.1f-1ubuntu2.7 0 on both master and slave.

This post from PG contributor Laurenz Albe has some extra debugging info
that may be relevant, but sadly got no interest on the openssl mailing-
list:
https://groups.google.com/forum/#!topic/mailing.openssl.users/WAmXHwrExNI

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1018307

Title:
  SSL renegotiation fails

Status in openssl package in Ubuntu:
  Confirmed
Status in postgresql-9.4 package in Ubuntu:
  Confirmed
Status in postgresql package in Juju Charms Collection:
  Triaged

Bug description:
  With PostgreSQL 9.1, SSL renegotiation is enabled by default. This
  fails under Ubuntu 12.04, most noticeably when using streaming
  replication as the renegotiation limit is hit quickly.

  On the master:

  2012-06-25 16:16:26 PDT LOG:  SSL renegotiation failure
  2012-06-25 16:16:26 PDT LOG:  SSL error: unexpected record
  2012-06-25 16:16:26 PDT LOG:  could not send data to client: Connection reset by peer

  On the hot standby:

  2012-06-25 11:12:11 PDT FATAL:  could not receive data from WAL stream: SSL error: sslv3 alert unexpected message
  2012-06-25 11:12:11 PDT LOG:  record with zero length at 1C5/95D2FE00

  If our SSL libraries do not support SSL renegotiation, the default
  setting is wrong and perhaps warnings emitted if attempts are made to
  enable it.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: postgresql-9.1 9.1.4-0ubuntu12.04
  ProcVersionSignature: Ubuntu 3.2.0-25.40-generic 3.2.18
  Uname: Linux 3.2.0-25-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.0.1-0ubuntu8
  Architecture: amd64
  Date: Wed Jun 27 16:38:33 2012
  ProcEnviron:
   LANGUAGE=en_AU:en
   TERM=xterm
   PATH=(custom, user)
   LANG=en_AU.UTF-8
   SHELL=/bin/bash
  SourcePackage: postgresql-9.1
  UpgradeStatus: Upgraded to precise on 2012-04-27 (60 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1018307/+subscriptions