From nobody Mon Nov 06 08:46:34 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SP4jF69nyz4ypFy for ; Mon, 6 Nov 2023 08:47:13 +0000 (UTC) (envelope-from odhiambo@gmail.com) Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SP4jD6v5Kz3gs0 for ; Mon, 6 Nov 2023 08:47:12 +0000 (UTC) (envelope-from odhiambo@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-lj1-x233.google.com with SMTP id 38308e7fff4ca-2c4fdf94666so55699371fa.2 for ; Mon, 06 Nov 2023 00:47:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1699260431; x=1699865231; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=G87Dr0aT/EtILcQ4PEmyWXRRsNBMOQA1e1wiZy+Yj8s=; b=GJHEPIhqbrgAxHlM9zO5mBtu/9KQMEYKMxmCxK14yU5POhykJX/HN6V0+rNmTFfHvW 4NI3f1RXgZMk4ldqmaqDFGM7b9U5Of9ndaEmFzlvioPi69PbEGREYhvfdKJ2wgLzcsaJ b8AZJpGWQdETP3i7Mifb63UQDu3K6Qg4KKClz1K/e+Ts8HJSet03YmeE/v4yNV77ANoh 9hp+Ybods/wGiGptXEa5rZNsqkjk0yMMTI4c6Cv8oxoGoZuNSZF4d/26OffgnnkRXqCh xbUBYheOdopQgJmgaIq56VELZB5W2QuhndnyCDIWvR5rQGNPliSaxvgYEYWJA5jf9TnJ X6vg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699260431; x=1699865231; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=G87Dr0aT/EtILcQ4PEmyWXRRsNBMOQA1e1wiZy+Yj8s=; b=b1O7JJlNE47xLQtuq/iap0/HI5QiaHm3Gurm4y7YzKK3RhtFc5lvRpxylieT+uiiwE p17rfGrWcENj/nuMq7yAUQm2tqEI7blH9sUCxxc6lxoAE9RzBeWAQSfgLAvAYj7jX3Zo +aKkUbWNP8iO8O0WBGu5q9yz7Z5GPcPvECYY5wPAxlwAgwnhXiQxlcVjKTM8e+hPNgJx JSRqNBb6IqSP6WvGowU0++rqakYKodh+kGpEI56QnXqaccxyzd8GeJGwEqueY4cxbo4l Hdl1ylv2ahoKGCFC+BUYYK8RinY/Q+QxQ1y2eZgWjoZZA2nFu1+flNny07Q37Jp2UAWD qzcA== X-Gm-Message-State: AOJu0Yx/JXntK635D6YCFeVDrqpVA0gGKoNJr9Vv/Xh5nl0EbGn2HF6C TArFYl6wSE3QGbnTbs9ymtHzE0nAVr2Bi44Z6zp3ZevKMC+v2G+k X-Google-Smtp-Source: AGHT+IFxYvCnDZXt9PXTphh8B6DIKnk3JuPoY351kN264wdxnaOXDUZXtHFc1qAr8FdwRktpnES6D/vDoBf/bZUeNho= X-Received: by 2002:a2e:b748:0:b0:2c5:1ca8:d433 with SMTP id k8-20020a2eb748000000b002c51ca8d433mr20947610ljo.36.1699260430785; Mon, 06 Nov 2023 00:47:10 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Odhiambo Washington Date: Mon, 6 Nov 2023 11:46:34 +0300 Message-ID: Subject: Re: Openssl errors on FreeBSD To: iio7@tutanota.com Cc: Freebsd Questions Content-Type: multipart/alternative; boundary="0000000000005ba056060977e6a0" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Queue-Id: 4SP4jD6v5Kz3gs0 --0000000000005ba056060977e6a0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Nov 6, 2023 at 4:02=E2=80=AFAM wrote: > Hi, > > I have four machines in my office, 2 FreeBSD boxes, 1 OpenBSD box and 1 > Linux box. On my FreeBSD boxes I get openssl read errors on some differen= t > domains, such as: > > $ curl -O https://www.unixsheikh.com/includes/files/the-biggest-myths.pdf > % Total % Received % Xferd Average Speed Time Time Time > Current > Dload Upload Total Spent Left > Speed > 12 763k 12 98139 0 0 377k 0 0:00:02 --:--:-- 0:00:02 > 378k > curl: (56) OpenSSL SSL_read: OpenSSL/1.1.1t: error:1408F119:SSL > routines:ssl3_get_record:decryption failed or bad record mac, errno 0 > > I get the same with wget. > > I also have problems getting email and using SFTP: > > Email: > > ** IMAP error on mail.example.com: stream error > ** IMAP connection broken > > SFTP: > > Status: Connecting to www.example. com... > Status: Using username "foo". > Command: Pass: **************** > Error: FATAL ERROR: Incorrect MAC received on packet > Error: Could not connect to server > Status: Waiting to retry... > > This is only a problem on the two FreeBSD boxes, not on the OpenBSD or th= e > Linux box. All connected to the same network. The two FreeBSD boxes > runs 13.2-RELEASE-p4. > > Is this a problem with openssl on FreeBSD or what am I looking at here? > [11:44 ~ ]$ openssl version OpenSSL 1.1.1t-freebsd 7 Feb 2023 [11:45 ~ ]$ curl -O https://www.unixsheikh.com/includes/files/the-biggest-myths. pdf % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 763k 100 763k 0 0 443k 0 0:00:01 0:00:01 --:--:-- 443k [11:45 ~ ]$ uname -a FreeBSD gw 13.2-RELEASE-p4 FreeBSD 13.2-RELEASE-p4 GENERIC amd64 --=20 Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html] --0000000000005ba056060977e6a0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, Nov 6, 2023 at 4:02=E2=80=AFA= M <iio7@tutanota.com> wrote:=
Hi,

I have four machines in my office, 2 FreeBSD boxes, 1 OpenBSD box and 1 Lin= ux box. On my FreeBSD boxes I get openssl read errors on some different dom= ains, such as:

$ curl -O https://www.unixsheikh.com/= includes/files/the-biggest-myths.pdf
=C2=A0 % Total=C2=A0=C2=A0=C2=A0 % Received % Xferd=C2=A0 Average Speed=C2= =A0=C2=A0 Time=C2=A0=C2=A0=C2=A0 Time=C2=A0=C2=A0=C2=A0=C2=A0 Time=C2=A0 Cu= rrent
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Dload=C2=A0 Upload=C2=A0=C2=A0 T= otal=C2=A0=C2=A0 Spent=C2=A0=C2=A0=C2=A0 Left=C2=A0 Speed
12=C2=A0 763k=C2=A0=C2=A0 12 98139=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2= =A0 0=C2=A0=C2=A0 377k=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0 0:00:02 --:--:= --=C2=A0 0:00:02=C2=A0 378k
curl: (56) OpenSSL SSL_read: OpenSSL/1.1.1t: error:1408F119:SSL routines:ss= l3_get_record:decryption failed or bad record mac, errno 0

I get the same with wget.

I also have problems getting email and using SFTP:

Email:

** IMAP error on mail.example.com: stream error
** IMAP connection broken

SFTP:

Status: Connecting to www.example. <http://www545.your-server.de&= gt;com...
Status: Using username "foo".
Command:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Pass: **************** Error:=C2=A0 FATAL ERROR: Incorrect MAC received on packet
Error:=C2=A0 Could not connect to server
Status: Waiting to retry...

This is only a problem on the two FreeBSD boxes, not on the OpenBSD or the = Linux box. All connected to the same network. The two FreeBSD boxes runs=C2= =A013.2-RELEASE-p4.

Is this a problem with openssl on FreeBSD or what am I looking at here?
=

[11:44 ~ ]$ openssl versionOpenSSL 1.1.1t-freebsd =C2=A07 Feb 2023
[11:45 ~ ]$ curl -O https://www.un= ixsheikh.com/includes/files/the-biggest-myths. =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0pdf
=C2=A0 % Total =C2= =A0 =C2=A0% Received % Xferd =C2=A0Average Speed =C2=A0 Time =C2=A0 =C2=A0T= ime =C2=A0 =C2=A0 Time =C2=A0Current
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0Dload =C2=A0Upload =C2=A0 Total =C2=A0 Spent =C2=A0 =C2=A0Left = =C2=A0Speed
100 =C2=A0763k =C2=A0100 =C2=A0763k =C2=A0 =C2=A00 =C2=A0 = =C2=A0 0 =C2=A0 443k =C2=A0 =C2=A0 =C2=A00 =C2=A00:00:01 =C2=A00:00:01 --:-= -:-- =C2=A0443k
[11:45 ~ ]$ uname -a
FreeBSD gw 13.2-RELEASE-p4 FreeB= SD 13.2-RELEASE-p4 GENERIC amd64

--
Best regards,
Odhiambo= WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.",=C2=A0egrep -v = 9;^$|^.*#'=C2=A0=C2=AF\_(=E3=83=84)_/=C2=AF=C2=A0:-)
[How to ask smart questions:=C2=A0http://www.catb.org/~esr/faqs/smart-questions.h= tml]
--0000000000005ba056060977e6a0--