<div dir="ltr"><div>Hi,</div><div><br></div><div>I'm new to stunnel and it isn't clear to me how the log rolling feature works.<br></div><div><br></div><div>I built stunnel 5.49 with gcc 4.2.0 on Solaris 10. I'm running it on Solaris 11.3 SPARC. Using openssl 1.0.2p<br></div><div><br></div><div>The config file has disabled syslog and is logging to stunnel.log.</div><div><br></div><div>Command line is: stunnel stunnel.conf</div><div>where stunnel.conf contains the following:<br></div><div></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">syslog = no</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">output = stunnel.log</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">debug = 7</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace"><br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">[service-exterior]</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">client = no</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_SSLv2</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_SSLv3</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_TLSv1</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_TLSv1.1</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = -NO_TLSv1.2<br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">cert = /path/to/stunnel.pem</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">curve = zzz<br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">accept = testhost:32100</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">connect = <a href="http://127.0.0.1:32200">127.0.0.1:32200</a></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace"><br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">[service-interior]</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">client = yes</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_SSLv2</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">options = NO_SSLv3<br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">accept = <a href="http://127.0.0.1:32200">127.0.0.1:32200</a></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">connect = <a href="http://127.0.0.1:32100">127.0.0.1:32100</a></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">sslVersion = TLSv1</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">ciphers = zzz</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">TIMEOUTconnect = 60</span><br></div><div><br></div><div>The log rollowing steps I tried that don't work are:<br></div><div></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">mv stunnel.log stunnel.log.1</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">kill -USR1 <stunnelpid></span></div><div><br></div><div>
The log message "LOG7[main]: Processing SIGNAL_REOPEN_LOG" shows up in stunnel.log.1. However, new client connections to host:32100 do not trigger creation of a new stunnel.log file. In fact, logging stops to stunnel.log.1 as soon as the USR1 is processed. The new client connections work as before, but there isn't any logging.</div><div><br></div><div>I restarted stunnel and tried the test again with these steps:</div><div>
<div style="margin-left:40px"><span style="font-family:monospace,monospace">mv stunnel.log stunnel.log.1</span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">touch stunnel.log<br></span></div><div style="margin-left:40px"><span style="font-family:monospace,monospace">kill -USR1 <stunnelpid></span></div>
</div><div>That also doesn't work.</div><div><br></div><div>Please let me know the correct sequence of steps to roll the stunnel.log<br></div><div><br></div><div>Thank you,<br></div><div>-- Tom</div><div><br></div></div>