[stunnel-users] Problem running Stunnel 4.05 on AIX 5.2
Baker Nelson
bnelson at rrms.com
Mon Aug 23 17:12:00 CEST 2004
My message before was too big. Here it is, with the first part of the log
cut out.
stunnel 4.05 on powerpc-ibm-aix5.2.0.0 FORK with OpenSSL 0.9.7d 17 Mar 2004
Global options
cert = /usr/local/etc/stunnel/stunnel.pem
ciphers = ALL:!ADH:+RC4:@STRENGTH
debug = 5
key = /usr/local/etc/stunnel/stunnel.pem
pid = /usr/local/var/run/stunnel.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
session = 300 seconds
verify = none
Service-level options
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTidle = 43200 seconds
OpenSSL 0.9.7d 17 Mar 2004
conf-file:
cert = /usr/local/ssl/stunnel.pem
#chroot = /usr/local/var/run/stunnel/
pid = /usr/local/etc/stunnel/stunnel.pid
setuid = HTTPD
setgid = rrms
debug = 7
output = stunnel.log
foreground = yes
# Service-level configuration
[https]
accept = 443
connect = 80
TIMEOUTclose = 0
stunnel - log (from running openssl s_client command to test setup):
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 read client
hello A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 write server
hello
A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 write
certificate A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 write server
done A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 flush data
2004.08.19 15:22:30 LOG7[21344:0]: waitforsocket: FD=7, DIR=read
2004.08.19 15:22:30 LOG7[21344:0]: waitforsocket: ok
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 read client key
exc
hange A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 read finished A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 write change
cipher
spec A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 write finished
A
2004.08.19 15:22:30 LOG7[21344:0]: SSL state (accept): SSLv3 flush data
2004.08.19 15:22:30 LOG7[21344:0]: 1 items in the session cache
2004.08.19 15:22:30 LOG7[21344:0]: 0 client connects (SSL_connect())
2004.08.19 15:22:30 LOG7[21344:0]: 0 client connects that finished
2004.08.19 15:22:30 LOG7[21344:0]: 0 client renegotiatations requested
2004.08.19 15:22:30 LOG7[21344:0]: 1 server connects (SSL_accept())
2004.08.19 15:22:30 LOG7[21344:0]: 1 server connects that finished
2004.08.19 15:22:30 LOG7[21344:0]: 0 server renegotiatiations requested
2004.08.19 15:22:30 LOG7[21344:0]: 0 session cache hits
2004.08.19 15:22:30 LOG7[21344:0]: 0 session cache misses
2004.08.19 15:22:30 LOG7[21344:0]: 0 session cache timeouts
2004.08.19 15:22:30 LOG6[21344:0]: Negotiated ciphers: AES256-SHA
S
SLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
2004.08.19 15:22:30 LOG7[21344:0]: FD 4 in non-blocking mode
2004.08.19 15:22:30 LOG7[21344:0]: https connecting 127.0.0.1:80
2004.08.19 15:22:30 LOG7[21344:0]: Remote FD=4 initialized
2004.08.19 15:22:32 LOG7[21344:0]: Socket closed on read
2004.08.19 15:22:32 LOG7[21344:0]: SSL write shutdown (output buffer empty)
2004.08.19 15:22:32 LOG7[21344:0]: SSL alert (write): warning: close notify
2004.08.19 15:22:32 LOG7[21344:0]: SSL_shutdown retrying
2004.08.19 15:22:32 LOG7[21344:0]: select timeout waiting for SSL
close_notify
2004.08.19 15:22:32 LOG5[21344:0]: Connection closed: 311 bytes sent to SSL,
9 b
ytes sent to socket
2004.08.19 15:22:32 LOG7[21344:0]: removing pid file
/usr/local/etc/stunnel/stun
nel.pid
-----Original Message-----
From: stunnel-users-bounces at mirt.net
[mailto:stunnel-users-bounces at mirt.net]On Behalf Of Michal Trojnara
Sent: Monday, August 23, 2004 11:04 AM
To: STUNNEL-USERS at MIRT.NET
Subject: Re: [stunnel-users] Problem running Stunnel 4.05 on AIX 5.2
Baker Nelson wrote:
> I am trying to run Stunnel 4.05 on AIX 5.2 to secure our homegrown
> webserver. I have been searching archives all over the place, and have yet
> to find the answer, but have found many comments here and there that seem
to
> indicate a problem with Stunnel on AIX. The problem, in a nutshell, is
that
> I get an error on SSL_read in the stunnel log and it shuts down with a
> segmentation fault after the first connection, no matter what I do.
> Configuration info attached below. Any help anyone can give would be
greatly
> appreciatted.
Could you
_______________________________________________
stunnel-users mailing list
stunnel-users at mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
More information about the stunnel-users
mailing list