[stunnel-users] stunnel woes under HPUX 10.20

foner-stunnel at media.mit.edu foner-stunnel at media.mit.edu
Mon Feb 28 22:16:55 CET 2005


    Date: Mon, 28 Feb 2005 12:45:22 -0500 (EST)
    From: foner-stunnel at media.mit.edu

	Date: Mon, 28 Feb 2005 11:35:59 +0100
	From: "Michal Trojnara" <Michal.Trojnara at mobi-com.net>

	Peter Pentchev wrote:
	> But he says he can't :)  And also gives URL's to build logs :)

	Oops.  Sorry.  Here is the patch for stunnel 4.08:
	ftp://stunnel.mirt.net/stunnel/socklen_t.patch

    Thank you!  4.08 now builds and works on HPUX 10.20.  Much appreciated!

Whoops!

I spoke too soon.  Now stunnel cores after each connection is closed:

    # /usr/local/src/stunnel-4.08/src/stunnel test-stunnel.conf
    1900.01.00 00:00:00 LOG5[16181:0]: stunnel 4.08 on hppa1.1-hp-hpux10.20 FORK+POLL+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
    1900.01.00 00:00:00 LOG7[16181:0]: Snagged 64 random bytes from /users/foner/.rnd
    1900.01.00 00:00:00 LOG7[16181:0]: Wrote 1024 new random bytes to /users/foner/.rnd
    1900.01.00 00:00:00 LOG7[16181:0]: RAND_status claims sufficient entropy for the PRNG
    1900.01.00 00:00:00 LOG6[16181:0]: PRNG seeded successfully
    1900.01.00 00:00:00 LOG6[16181:0]: file ulimit = 60 (can be changed with 'ulimit -n')
    1900.01.00 00:00:00 LOG6[16181:0]: poll() used - no FD_SETSIZE limit for file descriptors
    1900.01.00 00:00:00 LOG5[16181:0]: 27 clients allowed
    1900.01.00 00:00:00 LOG7[16181:0]: FD 3 in non-blocking mode
    1900.01.00 00:00:00 LOG7[16181:0]: FD 4 in non-blocking mode
    1900.01.00 00:00:00 LOG7[16181:0]: FD 5 in non-blocking mode
    1900.01.00 00:00:00 LOG7[16181:0]: SO_REUSEADDR option set on accept socket
    1900.01.00 00:00:00 LOG7[16181:0]: pop3s bound to 0.0.0.0:110
    1900.01.00 00:00:00 LOG7[16181:0]: Created pid file /usr/local/var/stunnel/stunnel.pid
    1900.01.00 00:00:00 LOG7[16181:0]: pop3s accepted FD=6 from 127.0.0.1:1614
    1900.01.00 00:00:00 LOG7[16181:0]: FD 6 in non-blocking mode
    1900.01.00 00:00:00 LOG7[16183:0]: pop3s started
    1900.01.00 00:00:00 LOG5[16183:0]: pop3s connected from 127.0.0.1:1614
    1900.01.00 00:00:00 LOG7[16183:0]: FD 5 in non-blocking mode
    1900.01.00 00:00:00 LOG7[16183:0]: pop3s connecting 18.85.22.50:995
    1900.01.00 00:00:00 LOG7[16183:0]: connect_wait: waiting 10 seconds
    1900.01.00 00:00:00 LOG7[16183:0]: connect_wait: connected
    1900.01.00 00:00:00 LOG7[16183:0]: Remote FD=5 initialized
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): before/connect initialization
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write client hello A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server hello A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server certificate A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read server done A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write client key exchange A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write change cipher spec A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 write finished A
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 flush data
    1900.01.00 00:00:00 LOG7[16183:0]: SSL state (connect): SSLv3 read finished A
    1900.01.00 00:00:00 LOG7[16183:0]:    1 items in the session cache
    1900.01.00 00:00:00 LOG7[16183:0]:    1 client connects (SSL_connect())
    1900.01.00 00:00:00 LOG7[16183:0]:    1 client connects that finished
    1900.01.00 00:00:00 LOG7[16183:0]:    0 client renegotiatations requested
    1900.01.00 00:00:00 LOG7[16183:0]:    0 server connects (SSL_accept())
    1900.01.00 00:00:00 LOG7[16183:0]:    0 server connects that finished
    1900.01.00 00:00:00 LOG7[16183:0]:    0 server renegotiatiations requested
    1900.01.00 00:00:00 LOG7[16183:0]:    0 session cache hits
    1900.01.00 00:00:00 LOG7[16183:0]:    0 session cache misses
    1900.01.00 00:00:00 LOG7[16183:0]:    0 session cache timeouts
    1900.01.00 00:00:00 LOG6[16183:0]: SSL connected: new session negotiated
    1900.01.00 00:00:00 LOG6[16183:0]: Negotiated ciphers: AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
    1900.01.00 00:00:00 LOG7[16183:0]: SSL_read returned WANT_READ: retrying
    1900.01.00 00:00:00 LOG7[16183:0]: SSL_read returned WANT_READ: retrying
    1900.01.00 00:00:00 LOG7[16183:0]: SSL socket closed on SSL_read
    1900.01.00 00:00:00 LOG7[16183:0]: Socket write shutdown
    1900.01.00 00:00:00 LOG5[16183:0]: Connection closed: 55 bytes sent to SSL, 3410 bytes sent to socket
    1900.01.00 00:00:00 LOG7[16183:0]: removing pid file /usr/local/var/stunnel/stunnel.pid

    Pid 16181 was killed due to stack growth failure.
    Possible causes: insufficient memory or swap, or stack size exceeded maxssize.
    Segmentation fault (core dumped)
    # 

This was caused by this client:

    .../emacs-21.4/lib-src/movemail po:foner:localhost NEWMAIL [the-password]

I haven't (yet) attached a debugger, but my guess is that something
decides to call itself recursively forever when the connection is
closed, and instantly blows the stack.  Presumably someone who's
actually familar with the code will know immediately what might be
going on.  (I just tried running gdb on the corefile and gdb claimed
"not in executable format: File format not recognized", which is
interesting...)



More information about the stunnel-users mailing list