[stunnel-users] SSL_GET_NEW_SESSION:ssl session id callback failed

Hi There,

We have run into "SSL_GET_NEW_SESSION:ssl session id callback failed" error. Can anyone describe what it means? I didn't find any information about it. We'd like to use stunnel to secure Oracle SQL*Net communication. HP-UX server communicates with Win32 clients. We use stunnel standalone not from inetd. Any help would be appreciated.

Thanks DoJo

Here is a cut from the log file (level 7):

2005.09.29 11:49:53 LOG5[10388:1]: stunnel 4.09 on hppa2.0w-hp-hpux11.11 PTHREAD+POLL+IPv4+LIBWRAP with OpenSSL 0.9.7e 25 Oct 2004 2005.09.29 11:49:53 LOG7[10388:1]: Snagged 0 random bytes from EGD Socket /var/run/egd-pool 2005.09.29 11:49:53 LOG6[10388:1]: PRNG seeded successfully 2005.09.29 11:49:53 LOG7[10388:1]: Certificate: /opt/iexpress/stunnel/etc/stunnel/..._cert.cer 2005.09.29 11:49:53 LOG7[10388:1]: Key file: /opt/iexpress/stunnel/etc/stunnel/..._privkey.pem 2005.09.29 11:49:53 LOG6[10388:1]: file ulimit = 60 (can be changed with 'ulimit -n') 2005.09.29 11:49:53 LOG6[10388:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.09.29 11:49:53 LOG5[10388:1]: 27 clients allowed 2005.09.29 11:49:53 LOG7[10388:1]: FD 4 in non-blocking mode 2005.09.29 11:49:53 LOG7[10388:1]: FD 5 in non-blocking mode 2005.09.29 11:49:53 LOG7[10388:1]: FD 6 in non-blocking mode 2005.09.29 11:49:53 LOG7[10388:1]: SO_REUSEADDR option set on accept socket 2005.09.29 11:49:53 LOG7[10388:1]: myapp bound to 0.0.0.0:2000 2005.09.29 11:49:53 LOG7[10389:1]: Created pid file /stunnel.pid 2005.09.30 12:01:47 LOG7[10389:1]: myapp accepted FD=1 from 10.3.125.165:3570 2005.09.30 12:01:47 LOG7[10389:1]: FD 1 in non-blocking mode 2005.09.30 12:01:47 LOG7[10389:2]: myapp started 2005.09.30 12:01:47 LOG5[10389:2]: myapp connected from 10.3.125.165:3570 2005.09.30 12:01:47 LOG7[10389:2]: SSL state (accept): before/accept initialization 2005.09.30 12:01:47 LOG3[10389:2]: SSL_accept: 140B544E: error:140B544E:SSL routines:SSL_GET_NEW_SESSION:ssl session id callback failed 2005.09.30 12:01:47 LOG7[10389:2]: myapp finished (0 left)

Our config file:

cert = /opt/iexpress/stunnel/etc/stunnel/..._cert.cer # contains the server's signed (by a CA) cert. key = /opt/iexpress/stunnel/etc/stunnel/..._privkey.pem # contains the server's private key service = myapp-ssl chroot = /var/run/stunnel

pid = /stunnel.pid setuid = oracle setgid = oracle

debug = 7 output = stunnel.log

client = no

[myapp] accept=2000 connect=1521