Hi Apurva, Good news. Just to mention: SslVersion=all OFTEN SOLVES MANY PROBLEMS in various circumstances. So I would keep it... Just search for it in the mailing list and you will see...
This is just an advice...
Yours sincerely, Pierre
Le 21/11/2010 18:38, Pathak, Apurva (Apu) a écrit :
Hi Pierre,
You are right, I had the same ACCEPT port mentioned three times -- something that worked for several hours and then caused problems -- I guess the symptom was the error with libeay32.dll (I am hoping it was that and nothing else). Actually I needed it only once and then my ESME application could establish many connections to it.
Also, I disabled:
TCP_NODELAY options in my stunnel.conf as you suggested and also disabled *sslVersion=all* as suggested by the carrier.
Since making these changes, things have been stable so I am not getting a different version of the libeay32.dll 1.0.0.1 at this time.
;often useful :
;sslVersion=all
;-----------
*Here is my example stunne.conf*
*; Sample stunnel configuration file by Michal Trojnara 2002-2006*
*; Some options used here may not be adequate for your particular configuration*
*; Certificate/key is needed in server mode and optional in client mode*
*; The default certificate is provided only for testing and should not*
*; be used in a production environment*
*cert = carrier.cer*
*key = carrier.key*
*; Some performance tunings*
*;socket = l:TCP_NODELAY=1*
*;socket = r:TCP_NODELAY=1*
*; TURN THIS ON TO MAX*
*; Some debugging stuff useful for troubleshooting*
*debug = 7*
*output = stunnel.log*
*; Service-level configuration*
*; Have this only once and ESME application can establish several connections (as many as allowed by the*
*; carrier SMSC, that is)*
*[ssmpp1]*
*accept = 127.0.0.1:3003*
*connect = <DESTINATION_IP_REMOTE>:<DESTIONATION_PORT_REMOTE>*
*; Use it for client mode*
*client = yes*
*; Suggested by client*
*options = all*
*;Suggested by client to disable this*
*;often useful : *
*;sslVersion=all*
*;-----------*
*; vim:ft=dosini*
*Thanks a lot for your help!*
*Apurva*
*From:* Pierre DELAAGE [mailto:delaage.pierre@free.fr] *Sent:* Thursday, November 18, 2010 11:36 PM *To:* Pathak, Apurva (Apu); stunnel-users@mirt.net *Subject:* Re: Error: faulting application stunnel.exe, version 0.0.0.0, faulting module libeay32.dll, version 1.0.0.1, fault address 0x0007331e.
Hi Apurva, For us to help, we need your stunnel.conf. Is this bug NEW ? was there a recent change either on client-side or server-side ?
Can you try with LAST (recent versions) of openssl (there are TWO ! 100b and 098p) ? ...
HMMMMMMMM: may I have understood something : in your stunnel.conf you seem to have bound MANY stunnel SERVICES to the SAME listening port 3005. This is what I consider an error ! service1 SHOULD listen on 3005, service2 on 3006 etc...
2010.11.18 10:42:11 LOG7[5732:7408]: *Service ssmpp1 bound to 127.0.0.1:3005*
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp1 opened FD=224
2010.11.18 10:42:11 LOG7[5732:7408]: FD=228 in non-blocking mode
2010.11.18 10:42:11 LOG7[5732:7408]: Option SO_REUSEADDR set on accept socket
2010.11.18 10:42:11 LOG7[5732:7408]: *Service ssmpp2 bound to 127.0.0.1:3005*
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp2 opened FD=228
2010.11.18 10:42:11 LOG7[5732:7408]: FD=244 in non-blocking mode
2010.11.18 10:42:11 LOG7[5732:7408]: Option SO_REUSEADDR set on accept socket
2010.11.18 10:42:11 LOG7[5732:7408]: *Service ssmpp3 bound to 127.0.0.1:3005*
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp3 opened FD=244
Hope this helps (it should), Pierre
Le 19/11/2010 01:47, Pathak, Apurva (Apu) a écrit :
Hello,
*I am getting an error with using stunnel 4.34*. *I am running on Windows Server 2003. *Unfortunately, this has cropped up only after we went to production, so there is no turning back now. Urgent help is needed.
*Reporting queued error: faulting application stunnel.exe, version 0.0.0.0, faulting module libeay32.dll, version 1.0.0.1, fault address 0x0007331e.*
I am using stunnel to encrypt SMPP (or SMS text messages).
The above error is occurring very frequently when I run stunnel in Windows Service mode. *Once this happens* and I go through the same two steps to re-establish binds with my wireless carrier (1) restart stunnel (2) restart my SMPP service. The following happens (1) *Stunnel starts with: **Option SO_REUSEADDR set on accept socket* (2) I am not able to establish binds error in *stunnel.log*: *SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol*
When the above error is happening, the way to get things to work is to go: *Start > Programs > stunnel >* *Start Service *and things still work (Stunnel runs as me in user mode and not as "SYSTEM", stunnel does still start with *Option SO_REUSEADDR set on accept socket but binds starts OK*). Of course, as soon as I log off the server, everything stops so this of not much use, but this is working for some reason.
Complete stunnel.log:
2010.11.18 10:42:11 LOG5[5732:7408]: Reading configuration from file stunnel.conf
2010.11.18 10:42:11 LOG7[5732:7408]: PRNG seeded successfully
2010.11.18 10:42:11 LOG6[5732:7408]: Could not load DH parameters from carrier.cer
2010.11.18 10:42:11 LOG7[5732:7408]: ECDH initialized
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate: carrier.cer
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate loaded
2010.11.18 10:42:11 LOG7[5732:7408]: Key file: carriernew.key
2010.11.18 10:42:11 LOG7[5732:7408]: Private key loaded
2010.11.18 10:42:11 LOG7[5732:7408]: SSL context initialized for service ssmpp1
2010.11.18 10:42:11 LOG6[5732:7408]: Could not load DH parameters from carrier.cer
2010.11.18 10:42:11 LOG7[5732:7408]: ECDH initialized
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate: carrier.cer
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate loaded
2010.11.18 10:42:11 LOG7[5732:7408]: Key file: carriernew.key
2010.11.18 10:42:11 LOG7[5732:7408]: Private key loaded
2010.11.18 10:42:11 LOG7[5732:7408]: SSL context initialized for service ssmpp2
2010.11.18 10:42:11 LOG7[5732:7408]: Configuration SSL options: 0x80000FFF
2010.11.18 10:42:11 LOG7[5732:7408]: SSL options set: 0x80000FFF
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate: carrier.cer
2010.11.18 10:42:11 LOG7[5732:7408]: Certificate loaded
2010.11.18 10:42:11 LOG7[5732:7408]: Key file: carriernew.key
2010.11.18 10:42:11 LOG7[5732:7408]: Private key loaded
2010.11.18 10:42:11 LOG7[5732:7408]: SSL context initialized for service ssmpp3
2010.11.18 10:42:11 LOG5[5732:7408]: Configuration successful
2010.11.18 10:42:11 LOG5[5732:7408]: No limit detected for the number of clients
2010.11.18 10:42:11 LOG7[5732:7408]: FD=224 in non-blocking mode
*2010.11.18 10:42:11 LOG7[5732:7408]: Option SO_REUSEADDR set on accept socket*
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp1 bound to 127.0.0.1:3005
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp1 opened FD=224
2010.11.18 10:42:11 LOG7[5732:7408]: FD=228 in non-blocking mode
2010.11.18 10:42:11 LOG7[5732:7408]: Option SO_REUSEADDR set on accept socket
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp2 bound to 127.0.0.1:3005
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp2 opened FD=228
2010.11.18 10:42:11 LOG7[5732:7408]: FD=244 in non-blocking mode
2010.11.18 10:42:11 LOG7[5732:7408]: Option SO_REUSEADDR set on accept socket
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp3 bound to 127.0.0.1:3005
2010.11.18 10:42:11 LOG7[5732:7408]: Service ssmpp3 opened FD=244
2010.11.18 10:42:11 LOG5[5732:7408]: stunnel 4.34 on x86-pc-mingw32-gnu with OpenSSL 1.0.0a 1 Jun 2010
2010.11.18 10:42:11 LOG5[5732:7408]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6
2010.11.18 10:42:24 LOG7[5732:6160]: Service ssmpp1 accepted FD=292 from 127.0.0.1:4214
2010.11.18 10:42:24 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:42:24 LOG7[5732:6160]: New thread created
2010.11.18 10:42:24 LOG7[5732:2140]: Service ssmpp1 started
2010.11.18 10:42:24 LOG7[5732:2140]: FD=292 in non-blocking mode
2010.11.18 10:42:24 LOG7[5732:2140]: Option TCP_NODELAY set on local socket
2010.11.18 10:42:24 LOG5[5732:2140]: Service ssmpp1 accepted connection from 127.0.0.1:4214
2010.11.18 10:42:24 LOG7[5732:2140]: SSL state (accept): before/accept initialization
2010.11.18 10:42:24 LOG7[5732:6160]: Service ssmpp1 accepted FD=316 from 127.0.0.1:4215
2010.11.18 10:42:24 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:42:24 LOG7[5732:6904]: Service ssmpp1 started
2010.11.18 10:42:24 LOG7[5732:6160]: New thread created
2010.11.18 10:42:24 LOG7[5732:6904]: FD=316 in non-blocking mode
2010.11.18 10:42:24 LOG7[5732:6904]: Option TCP_NODELAY set on local socket
2010.11.18 10:42:24 LOG5[5732:6904]: Service ssmpp1 accepted connection from 127.0.0.1:4215
2010.11.18 10:42:24 LOG7[5732:6904]: SSL state (accept): before/accept initialization
2010.11.18 10:42:24 LOG7[5732:6160]: Service ssmpp1 accepted FD=340 from 127.0.0.1:4216
2010.11.18 10:42:24 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:42:24 LOG7[5732:6160]: New thread created
2010.11.18 10:42:24 LOG7[5732:5592]: Service ssmpp1 started
2010.11.18 10:42:24 LOG7[5732:5592]: FD=340 in non-blocking mode
2010.11.18 10:42:24 LOG7[5732:5592]: Option TCP_NODELAY set on local socket
2010.11.18 10:42:24 LOG5[5732:5592]: Service ssmpp1 accepted connection from 127.0.0.1:4216
2010.11.18 10:42:24 LOG7[5732:5592]: SSL state (accept): before/accept initialization
2010.11.18 10:42:24 LOG3[5732:5592]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2010.11.18 10:42:24 LOG5[5732:5592]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:42:24 LOG7[5732:5592]: Service ssmpp1 finished (2 left)
2010.11.18 10:42:34 LOG3[5732:2140]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2010.11.18 10:42:34 LOG5[5732:2140]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:42:34 LOG7[5732:2140]: Service ssmpp1 finished (1 left)
2010.11.18 10:42:44 LOG3[5732:6904]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2010.11.18 10:42:44 LOG5[5732:6904]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:42:44 LOG7[5732:6904]: Service ssmpp1 finished (0 left)
2010.11.18 10:43:04 LOG7[5732:6160]: Service ssmpp1 accepted FD=332 from 127.0.0.1:4237
2010.11.18 10:43:04 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:43:04 LOG7[5732:6160]: New thread created
2010.11.18 10:43:04 LOG7[5732:2256]: Service ssmpp1 started
2010.11.18 10:43:04 LOG7[5732:2256]: FD=332 in non-blocking mode
2010.11.18 10:43:04 LOG7[5732:2256]: Option TCP_NODELAY set on local socket
2010.11.18 10:43:04 LOG5[5732:2256]: Service ssmpp1 accepted connection from 127.0.0.1:4237
2010.11.18 10:43:04 LOG7[5732:2256]: SSL state (accept): before/accept initialization
2010.11.18 10:43:04 LOG7[5732:6160]: Service ssmpp1 accepted FD=308 from 127.0.0.1:4238
2010.11.18 10:43:04 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:43:04 LOG7[5732:6160]: New thread created
2010.11.18 10:43:04 LOG7[5732:6544]: Service ssmpp1 started
2010.11.18 10:43:04 LOG7[5732:6544]: FD=308 in non-blocking mode
2010.11.18 10:43:04 LOG7[5732:6544]: Option TCP_NODELAY set on local socket
2010.11.18 10:43:04 LOG5[5732:6544]: Service ssmpp1 accepted connection from 127.0.0.1:4238
2010.11.18 10:43:04 LOG7[5732:6544]: SSL state (accept): before/accept initialization
2010.11.18 10:43:04 LOG7[5732:6160]: Service ssmpp1 accepted FD=356 from 127.0.0.1:4239
2010.11.18 10:43:04 LOG7[5732:6160]: Creating a new thread
2010.11.18 10:43:04 LOG7[5732:6160]: New thread created
2010.11.18 10:43:04 LOG7[5732:7256]: Service ssmpp1 started
2010.11.18 10:43:04 LOG7[5732:7256]: FD=356 in non-blocking mode
2010.11.18 10:43:04 LOG7[5732:7256]: Option TCP_NODELAY set on local socket
2010.11.18 10:43:04 LOG5[5732:7256]: Service ssmpp1 accepted connection from 127.0.0.1:4239
2010.11.18 10:43:04 LOG7[5732:7256]: SSL state (accept): before/accept initialization
2010.11.18 10:43:04 LOG3[5732:2256]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2010.11.18 10:43:04 LOG5[5732:2256]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:43:04 LOG7[5732:2256]: Service ssmpp1 finished (2 left)
2010.11.18 10:43:09 LOG3[5732:7256]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2010.11.18 10:43:09 LOG5[5732:7256]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:43:09 LOG7[5732:7256]: Service ssmpp1 finished (1 left)
2010.11.18 10:43:12 LOG3[5732:6544]: SSL_accept: Peer suddenly disconnected
2010.11.18 10:43:12 LOG5[5732:6544]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2010.11.18 10:43:12 LOG7[5732:6544]: Service ssmpp1 finished (0 left)
Thanks,
Apurva