Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RSA warnings & errors in 9.8.4

6 views
Skip to first unread message

Jay Ford

unread,
Jan 4, 2013, 12:44:07 PM1/4/13
to bind-...@lists.isc.org
I just upgraded BIND on a Linux-based server from 9.8.3-P3 to 9.8.4.

I started getting a bunch of "RSA_verify" errors, as has been discussed on
this list. Is there a 9.8 release which quells those messages, or is hacking
the source post-download still the recommended fix?


Also, I got a spurt of log messages like:

general: info: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100:
general: info: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:fips_rsa_eay.c:748:

Anybody know what that's about?

________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-...@uiowa.edu, phone: 319-335-5555, fax: 319-335-2951

Carsten Strotmann

unread,
Jan 6, 2013, 5:20:42 AM1/6/13
to Jay Ford, bind-...@lists.isc.org

Hello Jay,

Jay Ford <jay-...@uiowa.edu> writes:

> I just upgraded BIND on a Linux-based server from 9.8.3-P3 to 9.8.4.
>
> I started getting a bunch of "RSA_verify" errors, as has been
> discussed on this list. Is there a 9.8 release which quells those
> messages, or is hacking
> the source post-download still the recommended fix?
>
not fixed in the -P1 releases of 9.8.4 and 9.9.2, should be fixed with
the next regular BIND 9 release.

So "hacking the source post-download" is still what you want to do if
you do not like the messages.

-- Carsten
0 new messages