<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=iso-8859-1"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Vorformatiert Zchn";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.E-MailFormatvorlage17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.HTMLVorformatiertZchn
{mso-style-name:"HTML Vorformatiert Zchn";
mso-style-priority:99;
mso-style-link:"HTML Vorformatiert";
font-family:"Courier New";
mso-fareast-language:DE;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=DE link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>Hello List,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>I found this thread on the archive:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>><i>On 01/13/2012 04:16 AM, Mike Young wrote:<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> Hi,<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i><o:p> </o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> I am trying to configure csync2 on a couple of OpenSuse 12.1 nodes, but<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> I'm having a problem with respect to TLS handshaking. I've added an<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> entry to /etc/services as was required in the Csync paper (csync2<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> 30865/tcp # Csync2 service) and I've configured xinetd to enable the<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> service. The service appears to start without any issues, until I<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> actually perform a "csync2 xv" operation. Then I get the following<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i>error:<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i><o:p> </o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> node1:/etc/csync2 # csync2 -xv<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> Connecting to host node2 (SSL) ...<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> WARNING: no socket to connect to<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> Received record packet of unknown type 87<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> SSL: handshake failed: An unexpected TLS packet was received.<o:p></o:p></i></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";mso-fareast-language:DE'>>><i> (GNUTLS_E_UNEXPECTED_PACKET)<o:p></o:p></i></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I too see this problem after upgrading from openSuse 11.3 (via 11.4) to 12.1.<o:p></o:p></p><pre><o:p> </o:p></pre><pre>><i>Requires: xinetd libgnutls26 libgnutls-extra26 gnutls sqlite2 librsync<o:p></o:p></i></pre><pre>><i>libtasn1-3<o:p></o:p></i></pre><pre>><i><o:p> </o:p></i></pre><pre>><i>Removing the explicit lib requires and letting RPM sort out the mess<o:p></o:p></i></pre><pre>><i>fixed it for me, i.e. the above line was changed to:<o:p></o:p></i></pre><pre>><i><o:p> </o:p></i></pre><pre>><i>Requires: xinetd gnutls sqlite2</i><o:p></o:p></pre><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>The explicit library references (in rpm –q –requires) seem to be fixed, and <i>libgnutls26 libgnutls-extra26 are also not installed, yet libgnutls28 and libgnutls-extra28 are, but i guess that’s OK.<o:p></o:p></i></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>What puzzels me is, that running csync2 in stand-alone server mode (-ii or –iii) works well – the problem only occurs when beeing run through xinetd.<o:p></o:p></p><p class=MsoNormal>I really would like to limit csync2 to one interface though and have not yet found a way to do so in stand-alone mode.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Can anyone shed some light on this?<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";mso-fareast-language:DE'>Kind regards<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";mso-fareast-language:DE'>Tobias Meyer<br>Allocation Network GmbH<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";mso-fareast-language:DE'>Adresse: Stahlgruberring 22 | 81829 München | <a href="http://www.allocation.net/"><span style='color:blue'>www.allocation.net</span></a><br>Tel: +49 89 278257-0 | Fax: -49 | <span style='color:red'><a href="mailto:tm@allocation.net"><span style='color:blue'>tm@allocation.net</span></a></span><br>Geschäftsführung: Bernhard Soltmann | Andreas Vollmann | Andreas Prohaska<br>Sitz der Gesellschaft: München | HRB Nr. 122527 Amtsgericht München<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>