More details.
The ClientHello packet in this case is larger than 255 bytes, and is
triggering the handshake failure in one of two ways.
When psql linked to openssl v1.0.1f attempts to connect to postgresql
linked to openssl v1.0.1f, the client side sends 8 bytes, then 1 byte,
then 305 bytes in my
Using openssl s_client on a MacOS Sierra machine connecting to the same
postgresql server, the failure is identical.
Looks like whatever is triggering this is caused by the server, but is
being failed by the client.
--
You received this bug notification because you are a member of Ubuntu
Touch s
ssldump looks like the below.
>From ssldump, we can see that the server sent three separate
certificates. Openssl s_client however claims that no certificates were
detected.
New TCP connection #42: 172.29.231.43(33116) <-> 172.29.228.240(5432)
42 1 0.0038 (0.0038) C>SV3.1(300) Handshake
C
Despite printing "no peer certificate available" below, the postgresql
server serves three certificates (two intermediates and a leaf) as
picked up by ssldump.
In this case it is the client side that is triggering the handshake
failure, not the server. The client side refuses to add the cause of t
I am seeing the exact same bug, only with the server being postgresql
instead of openldap.
The same setup and certificates works fine on Trusty, but have regressed
on Xenial.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to op
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.n
The full output is:
CONNECTED(0003)
140668035487384:error:140790E5:SSL routines:ssl23_write:ssl handshake
failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
7 matches
Mail list logo