From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-97676-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1MNr6U-0000vP-3Q
	for garchives@archives.gentoo.org; Mon, 06 Jul 2009 16:31:42 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 92826E0465;
	Mon,  6 Jul 2009 16:31:40 +0000 (UTC)
Received: from mail-yx0-f191.google.com (mail-yx0-f191.google.com [209.85.210.191])
	by pigeon.gentoo.org (Postfix) with ESMTP id 78036E0465
	for <gentoo-user@lists.gentoo.org>; Mon,  6 Jul 2009 16:31:40 +0000 (UTC)
Received: by yxe29 with SMTP id 29so5883703yxe.32
        for <gentoo-user@lists.gentoo.org>; Mon, 06 Jul 2009 09:31:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:reply-to:date:message-id
         :subject:from:to:content-type:content-transfer-encoding;
        bh=9Vli4tofeKUJCHdj5625y0Ugg8a/O7FiTO7uQnRhKIw=;
        b=chnBKsXZHajZFFSlQ0JCB+DFSmCULFqimkZJxyojLPJKb6Mgmv+HSNziAipq2J/MsR
         HFzbBtm/KWljFD+HbVNiQTuwK5nfbU3aDvwak5eUsKOVG7g3ox/gAdSug5Ysm9D2MJ70
         HxUD8h+Z+CS74MhGxnS/rlDLaIhIQvKEDdVkI=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:reply-to:date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        b=eIuw/MPxmdkLwgLISBYtR2GrnOzKeH6abB7A86EE+G7SBki2gR58dKSt1UiYBQlWCR
         dWLkj0OtKcppOQcw4onJ1ndFTKC3Hy3k6Zv5vUoWtYfxRnHvIUU2G2KR3JWgyREBnlGJ
         jUWrQ1iiFILELGHMaJ2zr7xTz04qJ0cyYL9Hc=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.100.4.8 with SMTP id 8mr8538316and.180.1246897898539; Mon, 06 
	Jul 2009 09:31:38 -0700 (PDT)
Date: Mon, 6 Jul 2009 12:31:38 -0400
Message-ID: <5f14cf5e0907060931l2b59bc8pc0c53e6c3a569790@mail.gmail.com>
Subject: [gentoo-user] SSL giving corrupted MAC on input
From: Simon <turner25@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 38dc2c50-7759-4207-a9ee-f53a5c6be8b1
X-Archives-Hash: 78fbcf0146896ece41c133167940a84f

Hi there!
  I'm getting this issue where even very small transfers through ssh
will cause this error message:  Corrupted MAC on input.  I've done my
homework and found out this is not necessarily related to the network
hardware as TCP would retransmit such corrupted packets, moreover the
error message is clearly related to ssh as googling proves this.

  A quick troubleshooting i've done was to setup apache and simply
wget a very large file over plain HTTP.  Transfer worked, i did it a
second time and diff'ed the two downloads, they were the same.  I then
did the same test over HTTPS and got an error
(SSL3_GET_RECORD:decryption failed or bad record mac). This clarified
the problem is much more related to SSL than anything else.

  A quick glance at `emerge -vp openssl` showed an issue:  it had been
compiled with sse2 support while this computer's cpu didnt support
that.  Changed use flags and recompiled, restarted ssh and apache.
They both continued giving the same error.  I finally rebooted the
machine, in case, but same issue still...  The only use flag for
openssl now is zlib.

  What is also pretty strange about the issue, is i haven't touched
the kernel in a long time and i usually do all my gentoo updates on
monday.  The problem must have happened since last monday's updates,
but i dont monitor those very much, all i care is everything went fine
and that revdep-rebuild says i'm good to go.  I've done many emerges
since then so i cant figure out a way to see what has been updated
recently.

  A bit of background:  That PC runs kernel 2.6.24, it's my slowest pc
(used for backups mostly) P3 @ 450Mhz, it's got 128MB of ram.  Some
programes have been unmasked, but none that have any relationship with
openssl are, everything dealing with that is stable.  Doing `find
/usr/portage/distfiles -ctime -10` (should give me the files
downloaded within last 10 days, right?) it shows a few files but glibc
is the only that i can see has relationship with issue...

  Anyone can help troubleshoot some more?