[Csync2] csync2 failing to negotiate SSL
Jorge Daniel Sequeira Matias
jdsm at ist.utl.pt
Tue Oct 16 14:29:27 CEST 2007
Hello everyone,
I have already read several archived e-mails from the mailing list with
subjects:
"initial sync isues"
"No transfer?"
In my opinion both messages refer to the same problem I have.
I have been using Csync2 in several groups of machines for a year or so.
But, yesterday I have installed a new machine with an updated Debian "etch"
distribution.
With this setup I cannot get two machines to do the initial sync.
In this setup "machine1" will try to connect "machine2" to do the initial
sync.
Here's the output of "machine2":
machine2:/tmp# csync2 -iii -vvv
Csync2 daemon running. Waiting for connections.
<20780> New connection from 10.0.0.1:54463.
Peer> SSL\n
Local> OK (activating_ssl).\n
<20780> Establishing SSL connection failed.
machine2:/tmp# echo $?
1
The output of "machine1":
machine1:# csync2 -vvv -T
My hostname is machine1.
Database-File: /var/lib/csync2/machine1.db
Config-File: /etc/csync2.cfg
Running in-sync check for machine1 <-> machine2.
Connecting to host machine2 (SSL) ...
Local> SSL\n
Peer> OK (activating_ssl).\n
machine1:# echo $?
141
I can assure that I have generated correctly the certificate and private key
in both machines.
Here is the package list for "machine2":
machine2:# dpkg -l libc6 libgnutls13 librsync1 libsqlite0 libtasn1-3 netbase
csync2
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
||/ Name Version
Description
+++-================================-================================-================================================================================
ii csync2 1.33-2 cluster
synchronization tool
ii libc6 2.3.6.ds1-13etch2 GNU C
Library: Shared libraries
ii libgnutls13 1.4.4-3 the GNU
TLS library - runtime library
ii librsync1 0.9.7-1 Library
which implements the rsync remote-delta algorithm
ii libsqlite0 2.8.17-2 SQLite
shared library
ii libtasn1-3 0.3.6-2 Manage
ASN.1 structures (runtime)
ii netbase 4.29 Basic
TCP/IP networking system
And the package list for "machine1":
machine1:/etc# dpkg -l libc6 libgnutls13 librsync1 libsqlite0 libtasn1-3
netbase csync2
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
||/ Name Version
Description
+++-================================-================================-================================================================================
ii csync2 1.33-2 cluster
synchronization tool
ii libc6 2.5-7 GNU C
Library: Shared libraries
ii libgnutls13 1.4.0-2 the GNU
TLS library - runtime library
ii librsync1 0.9.7-1 Library
which implements the rsync remote-delta algorithm
ii libsqlite0 2.8.17-2 SQLite
shared library
ii libtasn1-3 0.3.4-2 Manage
ASN.1 structures (runtime)
ii netbase 4.29 Basic
TCP/IP networking system
I can tell you that "machine1" already has a group with other machine. And
this syncs without problem.
Anyway, I have read that were some versions of libgnutls13 which couldn't
parse correctly the x509 certificates generated by OpenSSL. Anyone has any
ideas about this?
Regards,
Jorge Matias
CIIST - Centro de Informática do
Instituto Superior Técnico
Lisbon/Portugal
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.linbit.com/pipermail/csync2/attachments/20071016/1db2c1dd/attachment.pgp
More information about the Csync2
mailing list