Re: SSL_read failed in a system call (-1), TLS session fails

[John Dennis]

On 10/30/2009 07:34 AM, Alan DeKok wrote:

Guk Victor wrote:

Hello all,

We're running FreeRADIUS 1.1.3 with EAP/TTLS (openSSL 0.9.8d) on Red Hat
5.1. The server will come up and process clients for a few days, but,
every now and then it begins denying all auth-requests with the
following error:

Error: rlm_eap: SSL error error:1408F119:SSL
routines:SSL3_GET_RECORD:decryption failed or bad record mac
Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session
fails.
Auth: Login incorrect: [host/user/]

A restart makes the server happy and it goes back to properly auth'ing
clients.


   Upgrade to a more recent version.  That error hasn't shown up in 2.x.


For information on how to upgrade to current 2.x versions on RHEL 
(CentOS) 5 see http://wiki.freeradius.org/Red_Hat_FAQ


--
John Dennis 

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: SSL_read failed in a system call (-1), TLS session fails

[Alan DeKok]

Guk Victor wrote:
> Hello all,
> 
> We're running FreeRADIUS 1.1.3 with EAP/TTLS (openSSL 0.9.8d) on Red Hat
> 5.1. The server will come up and process clients for a few days, but,
> every now and then it begins denying all auth-requests with the
> following error:
> 
> Error: rlm_eap: SSL error error:1408F119:SSL
> routines:SSL3_GET_RECORD:decryption failed or bad record mac
> Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session
> fails.
> Auth: Login incorrect: [host/user/]
> 
> A restart makes the server happy and it goes back to properly auth'ing
> clients.

  Upgrade to a more recent version.  That error hasn't shown up in 2.x.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html