[stunnel-users] Re: Stunnel-3.26 / OpenSSL 0.9.6m / Solaris / SSL_accept: Peer suddenly disconnected
Martin Kneissl
Martin.Kneissl at atosorigin.com
Wed Sep 8 16:31:42 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I wrote:
| Correcting my previous post,
|
|
|>... one can see an EAGAIN on the -r socket of stunnel.
|
|
| That's not true, the EAGAIN is on the accepted file descriptor.
|
| The problem is not solved, though ...
|
| Martin.
The problem was that between stunnel 3.22 and stunnel 3.26 the listening
socket was set to non-blocking mode during the accept (which is ok).
But at least on Solaris the session socket returned from accept inherits
the non-blocking mode from the listening socket. On Linux the socket does
not inherit the mode, resulting in a blocking socket.
The stunnel code seems not to handle non-blocking session sockets (EAGAIN),
resulting in the problem on Solaris.
Please find below a patch restoring blocking mode for the session socket on
all platforms. This solves my problem described this morning, but I am
not 100% sure about any side effects.
Brian, please let me know if / when the patch will make it into a new
stunnel-3 version.
=== cut here ===
- --- stunnel-3.26/stunnel.c Sat Aug 30 06:34:57 2003
+++ stunnel-3.26-mkn/stunnel.c Wed Sep 8 15:27:41 2004
@@ -264,6 +264,19 @@
~ log(LOG_DEBUG, "%s accepted FD=%d from %s:%d", options.servname, s,
~ inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
~ leave_critical_section(CRIT_NTOA);
+
+/*
+ * Martin.Kneissl at atosorigin.com: On Solaris the new socket s inherits
+ * the O_NONBLOCK from ls. This would cause EAGAIN in the read/writes of the
+ * socket s, later.
+ * EAGAIN is not handled here, so better have the socket in its original
+ * mode...
+ */
+#ifndef USE_WIN32
+ if (old_val >= 0)
+ fcntl(s, F_SETFL, old_val);
+#endif
+
~ if(options.clients>=max_clients) {
~ log(LOG_WARNING, "Connection rejected: too many clients (>=%d)",
~ max_clients);
=== cut here ===
With kind regards,
Martin Kneissl
- --
Atos Worldline GmbH
CRM and Telco
Pascalstrasse 19
52076 Aachen
Germany
Phone: +49 (0) 2408 148 173
Fax: +49 (0) 2408 148 204
mailto:martin.kneissl at atosorigin.com
www.atosworldline.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBPxfNnNbgBz1XxU4RApITAJ91TwAE6XNdH5mDUBMNhzveXmT7CACgiKX6
kaaOf0B2lwx+UjgAhyPacOs=
=8lGS
-----END PGP SIGNATURE-----
More information about the stunnel-users
mailing list