Thread: SSL error: decryption failed or bad record mac (pg as Samba backend)

Hi,

I'm trying to use an SSL-enabled (OpenSSL 0.9.7d) Postgres 7.3.9 as database
backend to Samba 3.0.11. On startup Samba opens a connection, and passes it to
every fork()ed process. On some scenarios (consistenly, when somebody tries to
log into a workstation after reboot), Samba spits:

SELECT ... (details ommited)
server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.

And the server log says:
[24129]  LOG:  SSL error: decryption failed or bad record mac
[24129]  LOG:  pq_recvbuf: recv() failed: Connection reset by peer

There is no problem when not using SSL. The Samba code doesn't have any
SSL-specifics, leaving it to libpq. Any ideas?

Thanks in advance.

Regards.

Fernando.

Fernando Schapachnik <fernando@mecon.gov.ar> writes:
> And the server log says:
> [24129]  LOG:  SSL error: decryption failed or bad record mac
> [24129]  LOG:  pq_recvbuf: recv() failed: Connection reset by peer

I think you need to find some SSL hackers; this is below libpq's level too.

            regards, tom lane