Hi Gerald,
I assume you got stunnel from the oss4aix.org site.
We don't use the freeware openssl, but instead the IBM one:
[root@duist:/data/O01] lslpp -l | grep openssl openssl.base 1.0.2.1801 COMMITTED Open Secure Socket Layer openssl.license 1.0.2.1801 COMMITTED Open Secure Socket License openssl.man.en_US 1.0.2.1801 COMMITTED Open Secure Socket Layer openssl.base 1.0.2.1801 COMMITTED Open Secure Socket Layer
I installed stunnel-5.29 on one of our lpars which I forced with -nodeps: rpm -Uhv --nodeps stunnel-5.29-1.aix5.2.ppc.rpm
It picked up the IBM libs, but had the same problem...
[root@duist:/data/O01] ldd /usr/bin/stunnel /usr/bin/stunnel needs: /usr/lib/threads/libc.a(shr.o) /usr/lib/libpthreads.a(shr_comm.o) /usr/lib/libpthreads.a(shr_xpg5.o) /usr/lib/libcrypto.a(libcrypto.so.1.0.2) /usr/lib/libssl.a(libssl.so.1.0.2) /unix /usr/lib/libcrypt.a(shr.o) [root@duist:/data/O01] /usr/bin/stunnel Could not load program /usr/bin/stunnel: Symbol resolution failed for stunnel because: Symbol strcmp (number 112) is not exported from dependent module /usr/lib/libcrypto.a(libcrypto.so.1.0.2). Symbol memmove (number 137) is not exported from dependent module /usr/lib/libcrypto.a(libcrypto.so.1.0.2). Symbol strncpy (number 142) is not exported from dependent module /usr/lib/libcrypto.a(libcrypto.so.1.0.2). Symbol strcpy (number 169) is not exported from dependent module /usr/lib/libcrypto.a(libcrypto.so.1.0.2). Symbol bcopy (number 245) is not exported from dependent module /usr/lib/libcrypto.a(libcrypto.so.1.0.2).
I then downloaded and installed stunnel-5.49 from oss4aix.org and installed that version which worked fine..
[root@duist:/data/O01] /usr/bin/stunnel [ ] Clients allowed=31999 [.] stunnel 5.49 on powerpc-ibm-aix5.2.0.0 platform [.] Compiled with OpenSSL 1.0.2p 14 Aug 2018 [.] Running with OpenSSL 1.0.2r 26 Feb 2019 [.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI [ ] errno: (*_Errno()) [!] Invalid configuration file name "/opt/freeware/etc/stunnel/stunnel.conf" [!] realpath: No such file or directory (2) [ ] Deallocating section defaults
I expect that if you upgrade your freeware openssl to at least 1,0,2r and upgrade stunnel to 5.49 your problem should be solved.
Met vriendelijke groet,
Mike Noonan
From: stunnel-users mailto:stunnel-users-bounces@stunnel.org On Behalf Of Gerald Shaw Sent: Wednesday, September 18, 2019 11:18 PM To: mailto:stunnel-users@stunnel.org Subject: [stunnel-users] Stunnel help and guidance request
Hello all,
I'm new to the mailing list. I'm trying to run stunnel-5.29-1.ppc, and I'm having issues. I'd appreciate your help (or point me to the solution in the archives).
OS - AIX 7100-05-03-1846
/home/shawg# rpm -qa|grep -i openssl openssl-1.0.2n-1.ppc
/home/shawg# ldd `which stunnel` /usr/bin/stunnel needs: /usr/lib/libc.a(shr.o) /usr/lib/libpthreads.a(shr_comm.o) /usr/lib/libpthreads.a(shr_xpg5.o) /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2) /opt/freeware/lib/libssl.a(libssl.so.1.0.2) /unix /usr/lib/libcrypt.a(shr.o)
** ERROR MESSAGE_-
/home/shawg# /usr/bin/stunnel exec(): 0509-036 Cannot load program /usr/bin/stunnel because of the following errors: 0509-130 Symbol resolution failed for stunnel because: 0509-136 Symbol strcmp (number 112) is not exported from dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2). 0509-136 Symbol memmove (number 137) is not exported from dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2). 0509-136 Symbol strncpy (number 142) is not exported from dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2). 0509-136 Symbol strcpy (number 169) is not exported from dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2). 0509-136 Symbol bcopy (number 245) is not exported from dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.1.0.2). 0509-192 Examine .loader section symbols with the 'dump -Tv' command.
*** echo $LIBPATH /opt/freeware/lib:/usr/lib
________________________________
Dit e-mailbericht is alleen bestemd voor de geadresseerden. Indien dit bericht niet voor u is bedoeld, wordt u verzocht de afzender hiervan op de hoogte te stellen door het bericht te retourneren en de inhoud niet te gebruiken. This e-mail message is intended to be exclusively for the addressee. If you are not the intended recipient you are kindly requested not to make any use whatsoever of the contents and to notify the sender immediately by returning this e-mail message.