public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] SSL giving corrupted MAC on input
@ 2009-07-06 16:31 Simon
  2009-07-06 16:43 ` [gentoo-user] " Simon
  2009-07-07  0:47 ` [gentoo-user] " Paul Colquhoun
  0 siblings, 2 replies; 5+ messages in thread
From: Simon @ 2009-07-06 16:31 UTC (permalink / raw
  To: gentoo-user

Hi there!
  I'm getting this issue where even very small transfers through ssh
will cause this error message:  Corrupted MAC on input.  I've done my
homework and found out this is not necessarily related to the network
hardware as TCP would retransmit such corrupted packets, moreover the
error message is clearly related to ssh as googling proves this.

  A quick troubleshooting i've done was to setup apache and simply
wget a very large file over plain HTTP.  Transfer worked, i did it a
second time and diff'ed the two downloads, they were the same.  I then
did the same test over HTTPS and got an error
(SSL3_GET_RECORD:decryption failed or bad record mac). This clarified
the problem is much more related to SSL than anything else.

  A quick glance at `emerge -vp openssl` showed an issue:  it had been
compiled with sse2 support while this computer's cpu didnt support
that.  Changed use flags and recompiled, restarted ssh and apache.
They both continued giving the same error.  I finally rebooted the
machine, in case, but same issue still...  The only use flag for
openssl now is zlib.

  What is also pretty strange about the issue, is i haven't touched
the kernel in a long time and i usually do all my gentoo updates on
monday.  The problem must have happened since last monday's updates,
but i dont monitor those very much, all i care is everything went fine
and that revdep-rebuild says i'm good to go.  I've done many emerges
since then so i cant figure out a way to see what has been updated
recently.

  A bit of background:  That PC runs kernel 2.6.24, it's my slowest pc
(used for backups mostly) P3 @ 450Mhz, it's got 128MB of ram.  Some
programes have been unmasked, but none that have any relationship with
openssl are, everything dealing with that is stable.  Doing `find
/usr/portage/distfiles -ctime -10` (should give me the files
downloaded within last 10 days, right?) it shows a few files but glibc
is the only that i can see has relationship with issue...

  Anyone can help troubleshoot some more?



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2009-07-20 19:16 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-06 16:31 [gentoo-user] SSL giving corrupted MAC on input Simon
2009-07-06 16:43 ` [gentoo-user] " Simon
2009-07-07  0:47 ` [gentoo-user] " Paul Colquhoun
2009-07-20 18:59   ` Simon
2009-07-20 19:16     ` Simon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox