On Wed Feb 18 21:12:09 2015, laurenz.a...@wien.gv.at wrote: > I ran into this problem while connecting to a PostgreSQL server > (PostgreSQL uses OpenSSL > for SSL support) with a Java client using > the PostgreSQL JDBC driver (which uses > the Java Secure Socket > Extension which is part of Oracle's Java Runtime Environment). > Since database connections are potentially long-lived, the PostgreSQL > server will > trigger a renegotiation after a certain amount of data > has been exchanged via the > TLS channel; this amount is configurable > with the parameter "ssl_renegotiation_limit". > > This renegotiation is > always aborted by OpenSSL with the error "unexpected record". > I could > reproduce the problem with OpenSSL 1.0.1e on Linux and OpenSSL 1.0.1j > on > Windows using Oracle JRE 1.7.0_71 and 1.7.0_75 on the client side. > The protocol version in effect is TLS 1.2 (0x303). >
There were some fixes related to renegotiation handling in OpenSSL which first appeared in 1.0.1k. Can you see if this problem still happens in the latest version of OpenSSL? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev