随机TLS / SSL错误

Question

使用TLS 1.1＆amp;时出现随机错误1.2关于Ubuntu 16.04。使用浏览器（Chrome和Firefox）和wget等发生错误。安全连接有时会起作用，但大多数情况下它们不起作用。以下是强制TLS 1.2的wget示例：

baris@computer:~$ wget --secure-protocol=TLSv1_2 https://github.com/tiny-dnn/tiny-dnn/archive/v1.0.0a3.tar.gz
--2018-01-25 17:16:46--  https://github.com/tiny-dnn/tiny-dnn/archive/v1.0.0a3.tar.gz
Resolving github.com (github.com)... 192.30.253.113, 192.30.253.112
Connecting to github.com (github.com)|192.30.253.113|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/tiny-dnn/tiny-dnn/tar.gz/v1.0.0a3 [following]
--2018-01-25 17:16:46--  https://codeload.github.com/tiny-dnn/tiny-dnn/tar.gz/v1.0.0a3
Resolving codeload.github.com (codeload.github.com)... 192.30.253.121, 192.30.253.120
Connecting to codeload.github.com (codeload.github.com)|192.30.253.121|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12885646 (12M) [application/x-gzip]
Saving to: ‘v1.0.0a3.tar.gz.17’

v1.0.0a3.tar.gz.17            65%[=============================>                 ]   7.99M  37.9MB/s    in 0.2s    

2018-01-25 17:16:46 (37.9 MB/s) - Read error at byte 8381776/12885646 (error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac). Retrying.

--2018-01-25 17:16:47--  (try: 2)  https://codeload.github.com/tiny-dnn/tiny-dnn/tar.gz/v1.0.0a3
Connecting to codeload.github.com (codeload.github.com)|192.30.253.121|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12885646 (12M) [application/x-gzip]
Saving to: ‘v1.0.0a3.tar.gz.17’

v1.0.0a3.tar.gz.17           100%[==============================================>]  12.29M  50.7MB/s    in 0.2s    

2018-01-25 17:16:48 (50.7 MB/s) - ‘v1.0.0a3.tar.gz.17’ saved [12885646/12885646]

以下是从CMake下载日志文件中提取的另一个示例：

# Connected to raw.githubusercontent.com (151.101.116.133) port 443 (#0)
# ALPN, offering http/1.1
# Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
# successfully set certificate verify locations:
#   CAfile: /etc/ssl/certs/ca-certificates.crt
#   CApath: /etc/ssl/certs
# TLSv1.2 (OUT), TLS header, Certificate Status (22):
# [5 bytes data]
# TLSv1.2 (OUT), TLS handshake, Client hello (1):
# [512 bytes data]
# [5 bytes data]
# TLSv1.2 (IN), TLS handshake, Server hello (2):
# [108 bytes data]
# [5 bytes data]
# TLSv1.2 (IN), TLS handshake, Certificate (11):
# [3182 bytes data]
# [5 bytes data]
# TLSv1.2 (IN), TLS handshake, Server key exchange (12):
# [333 bytes data]
# [5 bytes data]
# TLSv1.2 (IN), TLS handshake, Server finished (14):
# [4 bytes data]
# [5 bytes data]
# TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
# [70 bytes data]
# [5 bytes data]
# TLSv1.2 (OUT), TLS change cipher, Client hello (1):
# [1 bytes data]
# [5 bytes data]
# TLSv1.2 (OUT), TLS handshake, Finished (20):
# [16 bytes data]
# [5 bytes data]
# TLSv1.2 (IN), TLS alert, Server hello (2):
# [2 bytes data]
# error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad record mac
# Closing connection 0
# 

可能导致这种情况的原因是什么？

编辑：结果发现CPU出现问题（i7-7700K）。从英特尔（https://github.com/intel/soft-crc）运行CRC测试套件，我意识到核心＃0上的CRC失败，但它们在其余核心上运行正常。类似地，firefox或chrome在使用taskset实用程序的核心＃1，＃2，＃3上运行良好。

编辑2：有趣的是，在卸下CPU并重新安装后，问题就消失了。现在所有内核都运行良好。也许其中一个引脚没有良好的接触。我第一次看到这样的问题只影响CPU的某种计算类型。