Hi there. I've built stunnel on the Mac (including the patch for str.c) and have problem when I run it. Whenever it gets a request on one side (from a browser), I see the following in the log. The weird thing is that when I run stunnel in gdb it works??
2011.07.05 17:51:00 LOG7[6300:4297842688]: Service https started 2011.07.05 17:51:00 LOG7[6300:4297842688]: Option TCP_NODELAY set on local socket 2011.07.05 17:51:00 LOG7[6300:4297842688]: Waiting for a libwrap process 2011.07.05 17:51:00 LOG7[6300:4297842688]: Acquired libwrap process #0 2011.07.05 17:51:00 LOG3[6300:4297842688]: Unexpected socket close (read_blocking) 2011.07.05 17:51:00 LOG5[6300:4297842688]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
Any advice would be appreciated.
thanks Athir Nuaimi
Athir Nuaimi wrote:
Hi there. I've built stunnel on the Mac (including the patch for str.c) and have problem when I run it. Whenever it gets a request on one side (from a browser), I see the following in the log. The weird thing is
that
when I run stunnel in gdb it works??
2011.07.05 17:51:00 LOG7[6300:4297842688]: Service https started 2011.07.05 17:51:00 LOG7[6300:4297842688]: Option TCP_NODELAY set on
local
socket 2011.07.05 17:51:00 LOG7[6300:4297842688]: Waiting for a libwrap process 2011.07.05 17:51:00 LOG7[6300:4297842688]: Acquired libwrap process #0 2011.07.05 17:51:00 LOG3[6300:4297842688]: Unexpected socket close (read_blocking) 2011.07.05 17:51:00 LOG5[6300:4297842688]: Connection reset: 0 bytes
sent
to SSL, 0 bytes sent to socket
Any advice would be appreciated.
There's something wrong with libwrap support.
You can just disable it with: libwrap = no configuration option.
Mike
Thanks Mike. That's indeed was the solution. I was using 4.32 and was able to get stunnel working by using --disable-libwrap.
When I moved to 4.38 or 4.39, I got a different error. When it connects to stunnel on the other end (server), the client reports a SSL3_GET_RECORD: wrong version error. My config file did not specify the version (sslVersion is commented out). I tried setting it to each of the values (SSLv2, SSLv3, TLSv1 and all) but with no luck. Since it was working in 4.32, I"m not sure if its a config problem or an issue with the code. I'm comfortable using gdb to investigate but don't yet know enough about openssl. Any thoughts? I've gone back to 4.32 so have a working solution but would be interested in investigating further.
Athir
On 2011-07-07, at 5:18 AM, Michal Trojnara wrote:
Athir Nuaimi wrote:
Hi there. I've built stunnel on the Mac (including the patch for str.c) and have problem when I run it. Whenever it gets a request on one side (from a browser), I see the following in the log. The weird thing is
that
when I run stunnel in gdb it works??
2011.07.05 17:51:00 LOG7[6300:4297842688]: Service https started 2011.07.05 17:51:00 LOG7[6300:4297842688]: Option TCP_NODELAY set on
local
socket 2011.07.05 17:51:00 LOG7[6300:4297842688]: Waiting for a libwrap process 2011.07.05 17:51:00 LOG7[6300:4297842688]: Acquired libwrap process #0 2011.07.05 17:51:00 LOG3[6300:4297842688]: Unexpected socket close (read_blocking) 2011.07.05 17:51:00 LOG5[6300:4297842688]: Connection reset: 0 bytes
sent
to SSL, 0 bytes sent to socket
Any advice would be appreciated.
There's something wrong with libwrap support.
You can just disable it with: libwrap = no configuration option.
Mike _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
Athir Nuaimi -
athir@nuaimi.com
-
Michal Trojnara