netbsd-bugs: Re: bin/32182: SSH daemon broken on NetBSD-sparc64

Subject: Re: bin/32182: SSH daemon broken on NetBSD-sparc64
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Matthias Scheler <tron@zhadum.de>
List: netbsd-bugs
Date: 11/28/2005 15:17:01

The following reply was made to PR bin/32182; it has been noted by GNATS.

From: Matthias Scheler <tron@zhadum.de>
To: gnats-bugs@netbsd.org
Cc: Christos Zoulas <christos@zoulas.com>
Subject: Re: bin/32182: SSH daemon broken on NetBSD-sparc64
Date: Mon, 28 Nov 2005 15:16:11 +0000

 On Mon, Nov 28, 2005 at 03:14:00PM +0000, gnats-admin@netbsd.org wrote:
 > Thank you very much for your problem report.
 > It has the internal identification `bin/32182'.
 > The individual assigned to look at your
 > report is: bin-bug-people. 
 > 
 > >Category:       bin
 > >Responsible:    bin-bug-people
 > >Synopsis:       SSH daemon broken on NetBSD-sparc64
 > >Arrival-Date:   Mon Nov 28 15:14:00 +0000 2005
 
 While submitting this PR I discovered another problem:
 
 Nov 28 15:10:47 sheridan sm-mta[762]: jASFAkJZ014058: STARTTLS=client, error: connect failed=-1, SSL_error=1, timedout=0, errno=0
 Nov 28 15:10:47 sheridan sm-mta[762]: STARTTLS=client: 762:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/src/NetBSD-current/src/crypto/dist/openssl/crypto/rsa/rsa_pk1.c:100:
 Nov 28 15:10:47 sheridan sm-mta[762]: STARTTLS=client: 762:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/src/NetBSD-current/src/crypto/dist/openssl/crypto/rsa/rsa_eay.c:632:
 Nov 28 15:10:47 sheridan sm-mta[762]: STARTTLS=client: 762:error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature:/src/NetBSD-current/src/crypto/dist/openssl/ssl/s3_clnt.c:1357:
 Nov 28 15:10:47 sheridan sm-mta[762]: ruleset=tls_server, arg1=SOFTWARE, relay=colwyn.zhadum.de, reject=403 4.7.0 TLS handshake.
 Nov 28 15:10:47 sheridan sm-mta[762]: jASFAkJZ014058: to=<gnats-bugs@gnats.NetBSD.org>, delay=00:00:01, xdelay=00:00:00, mailer=esmtp, pri=31558, relay=colwyn.zhadum.de. [IPv6:2001:8b0:114:1::2], dsn=4.0.0, stat=Deferred: 403 4.7.0 TLS handshake.
 
 I had to disable TLS on my mail relay to work arround this problem.
 It looks like the new OpenSSL version is seriously broken on
 NetBSD-sparc64. It seems however to work fine under NetBSD-i386.
 
 	Kind regards
 
 -- 
 Matthias Scheler                                  http://scheler.de/~matthias/