[stunnel-users] stunnel woes under HPUX 10.20
foner-stunnel at media.mit.edu
foner-stunnel at media.mit.edu
Mon Feb 28 22:16:55 CET 2005
Date: Mon, 28 Feb 2005 12:45:22 -0500 (EST)
From: foner-stunnel at media.mit.edu
Date: Mon, 28 Feb 2005 11:35:59 +0100
From: "Michal Trojnara" <Michal.Trojnara at mobi-com.net>
Peter Pentchev wrote:
> But he says he can't :) And also gives URL's to build logs :)
Oops. Sorry. Here is the patch for stunnel 4.08:
ftp://stunnel.mirt.net/stunnel/socklen_t.patch
Thank you! 4.08 now builds and works on HPUX 10.20. Much appreciated!
Whoops!
I spoke too soon. Now stunnel cores after each connection is closed:
# /usr/local/src/stunnel-4.08/src/stunnel test-stunnel.conf
1900.01.00 00:00:00 LOG5[16181:0]: stunnel 4.08 on hppa1.1-hp-hpux10.20 FORK+POLL+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
1900.01.00 00:00:00 LOG7[16181:0]: Snagged 64 random bytes from /users/foner/.rnd
1900.01.00 00:00:00 LOG7[16181:0]: Wrote 1024 new random bytes to /users/foner/.rnd
1900.01.00 00:00:00 LOG7[16181:0]: RAND_status claims sufficient entropy for the PRNG
1900.01.00 00:00:00 LOG6[16181:0]: PRNG seeded successfully
1900.01.00 00:00:00 LOG6[16181:0]: file ulimit = 60 (can be changed with 'ulimit -n')
1900.01.00 00:00:00 LOG6[16181:0]: poll() used - no FD_SETSIZE limit for file descriptors
1900.01.00 00:00:00 LOG5[16181:0]: 27 clients allowed
1900.01.00 00:00:00 LOG7[16181:0]: FD 3 in non-blocking mode
1900.01.00 00:00:00 LOG7[16181:0]: FD 4 in non-blocking mode
1900.01.00 00:00:00 LOG7[16181:0]: FD 5 in non-blocking mode
1900.01.00 00:00:00 LOG7[16181:0]: SO_REUSEADDR option set on accept socket
1900.01.00 00:00:00 LOG7[16181:0]: pop3s bound to 0.0.0.0:110
1900.01.00 00:00:00 LOG7[16181:0]: Created pid file /usr/local/var/stunnel/stunnel.pid
1900.01.00 00:00:00 LOG7[16181:0]: pop3s accepted FD=6 from 127.0.0.1:1614
1900.01.00 00:00:00 LOG7[16181:0]: FD 6 in non-blocking mode
1900.01.00 00:00:00 LOG7[16183:0]: pop3s started
1900.01.00 00:00:00 LOG5[16183:0]: pop3s connected from 127.0.0.1:1614
1900.01.00 00:00:00 LOG7[16183:0]: FD 5 in non-blocking mode
1900.01.00 00:00:00 LOG7[16183:0]: pop3s connecting 18.85.22.50:995
1900.01.00 00:00:00 LOG7[16183:0]: connect_wait: waiting 10 seconds
1900.01.00 00:00:00 LOG7[16183:0]: connect_wait: connected
1900.01.00 00:00:00 LOG7[16183:0]: Remote FD=5 initialized
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): before/connect initialization
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write client hello A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server hello A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server certificate A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server done A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write client key exchange A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write change cipher spec A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write finished A
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 flush data
1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read finished A
1900.01.00 00:00:00 LOG7[16183:0]: 1 items in the session cache
1900.01.00 00:00:00 LOG7[16183:0]: 1 client connects (SSL_connect())
1900.01.00 00:00:00 LOG7[16183:0]: 1 client connects that finished
1900.01.00 00:00:00 LOG7[16183:0]: 0 client renegotiatations requested
1900.01.00 00:00:00 LOG7[16183:0]: 0 server connects (SSL_accept())
1900.01.00 00:00:00 LOG7[16183:0]: 0 server connects that finished
1900.01.00 00:00:00 LOG7[16183:0]: 0 server renegotiatiations requested
1900.01.00 00:00:00 LOG7[16183:0]: 0 session cache hits
1900.01.00 00:00:00 LOG7[16183:0]: 0 session cache misses
1900.01.00 00:00:00 LOG7[16183:0]: 0 session cache timeouts
1900.01.00 00:00:00 LOG6[16183:0]: SSL connected: new session negotiated
1900.01.00 00:00:00 LOG6[16183:0]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
1900.01.00 00:00:00 LOG7[16183:0]: SSL_read returned WANT_READ: retrying
1900.01.00 00:00:00 LOG7[16183:0]: SSL_read returned WANT_READ: retrying
1900.01.00 00:00:00 LOG7[16183:0]: SSL socket closed on SSL_read
1900.01.00 00:00:00 LOG7[16183:0]: Socket write shutdown
1900.01.00 00:00:00 LOG5[16183:0]: Connection closed: 55 bytes sent to SSL, 3410 bytes sent to socket
1900.01.00 00:00:00 LOG7[16183:0]: removing pid file /usr/local/var/stunnel/stunnel.pid
Pid 16181 was killed due to stack growth failure.
Possible causes: insufficient memory or swap, or stack size exceeded maxssize.
Segmentation fault (core dumped)
#
This was caused by this client:
.../emacs-21.4/lib-src/movemail po:foner:localhost NEWMAIL [the-password]
I haven't (yet) attached a debugger, but my guess is that something
decides to call itself recursively forever when the connection is
closed, and instantly blows the stack. Presumably someone who's
actually familar with the code will know immediately what might be
going on. (I just tried running gdb on the corefile and gdb claimed
"not in executable format: File format not recognized", which is
interesting...)
More information about the stunnel-users
mailing list