[Csync2] SSL Handshake Problem

Tobias Meyer tm at allocation.net
Fri Feb 24 09:06:38 CET 2012 

Hello List,

I found this thread on the archive:

>On 01/13/2012 04:16 AM, Mike Young wrote:
>> Hi,
>>
>> I am trying to configure csync2 on a couple of OpenSuse 12.1 nodes, but
>> I'm having a problem with respect to TLS handshaking. I've added an
>> entry to /etc/services as was required in the Csync paper (csync2
>> 30865/tcp # Csync2 service) and I've configured xinetd to enable the
>> service. The service appears to start without any issues, until I
>> actually perform a "csync2 ­xv" operation. Then I get the following
>>error:
>>
>>     node1:/etc/csync2 # csync2 -xv
>>     Connecting to host node2 (SSL) ...
>>     WARNING: no socket to connect to
>>     Received record packet of unknown type 87
>>     SSL: handshake failed: An unexpected TLS packet was received.
>>     (GNUTLS_E_UNEXPECTED_PACKET)

I too see this problem after upgrading from openSuse 11.3 (via 11.4) to 12.1.



>Requires: xinetd libgnutls26 libgnutls-extra26 gnutls sqlite2 librsync

>libtasn1-3

>

>Removing the explicit lib requires and letting RPM sort out the mess

>fixed it for me, i.e. the above line was changed to:

>

>Requires: xinetd gnutls sqlite2

The explicit library references (in rpm -q -requires) seem to be fixed, and libgnutls26 libgnutls-extra26 are also not installed, yet libgnutls28 and libgnutls-extra28 are, but i guess that's OK.

What puzzels me is, that running csync2 in stand-alone server mode (-ii or -iii) works well - the problem only occurs when beeing run through xinetd.
I really would like to limit csync2 to one interface though and have not yet found a way to do so in stand-alone mode.

Can anyone shed some light on this?
Kind regards
Tobias Meyer
Allocation Network GmbH
Adresse: Stahlgruberring 22 | 81829 München | www.allocation.net<http://www.allocation.net/>
Tel: +49 89 278257-0 | Fax: -49 | tm at allocation.net<mailto:tm at allocation.net>
Geschäftsführung: Bernhard Soltmann | Andreas Vollmann | Andreas Prohaska
Sitz der Gesellschaft: München | HRB Nr. 122527 Amtsgericht München

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linbit.com/pipermail/csync2/attachments/20120224/3ef10fd8/attachment.htm>

More information about the Csync2 mailing list