[Mono-bugs] [Bug 78597][Nor] Changed - SSL re-negotiation failure with Postgres

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Sat Sep 9 15:25:17 EDT 2006 

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=78597

--- shadow/78597	2006-09-09 15:05:45.000000000 -0400
+++ shadow/78597.tmp.8419	2006-09-09 15:25:17.000000000 -0400
@@ -8,13 +8,13 @@
 Severity: Unknown
 Priority: Normal
 Component: Mono.Security
 AssignedTo: sebastien at ximian.com                            
 ReportedBy: mfarr at paradise.net.nz               
 QAContact: mono-bugs at ximian.com
-TargetMilestone: ---
+TargetMilestone: 2_0
 URL: 
 Summary: SSL re-negotiation failure with Postgres
 
 Description of Problem:
 "Object reference not set to an instance of an object." in
 Mono.Security.dll when loading large amounts of data with ssl+npgsql.
@@ -910,6 +910,28 @@
 As before, I don't get any error from postgresql server. And code
 keeps running except by these 4 bytes with content 0 still being received.
 
 If I don't use SSL, turning it off on connection string, I don't
 receive that 4 strange bytes.
 
+
+------- Additional Comments From sebastien at ximian.com  2006-09-09 15:25 -------
+Very strange. I'm not sure how to "best" debug this.
+
+On one hand I'm sure the data is correct, because the SSL stack would
+report any differences (mac). The implementation also seems correct
+(I'm still testing) as I don't see this problem when using Apache (no
+extra bytes).
+
+Now I think the best (well only) way would be to implement NULL
+algorithm support (keeping it out of non-debug builds) in SSL. This
+would allow us to see (unencyrpted) the network data and, hopefully,
+see if:
+
+(a) the bytes are "coming from the server" (i.e. "received by the SSL
+code"), or
+(b) an extra output from the SSL code (by logging the data), or
+(c) some extra bytes "created" by Npgsql
+
+However this will require changes to the SSL/TLS code and, possibly,
+to Postgres itself (to allow using the NULL algorithm). So I'm not
+sure when we can do this, but probably only after the 1.2 release.

More information about the mono-bugs mailing list