[stunnel-users] s_poll_wait timeout errors
James Brown
jlbrown at bordo.com.au
Thu Nov 16 01:50:32 CET 2006
I'm trying to set up an SSL connection from stunnel to Postfix, but
can not get it to work.
stunnel log says:
2006.11.16 11:35:31 LOG7[5240:25188864]: ssmtp started
2006.11.16 11:35:31 LOG7[5240:25188864]: FD 9 in non-blocking mode
2006.11.16 11:35:31 LOG7[5240:25188864]: TCP_NODELAY option set on
local socket
2006.11.16 11:35:31 LOG7[5240:25188864]: FD 10 in non-blocking mode
2006.11.16 11:35:31 LOG7[5240:25188864]: FD 11 in non-blocking mode
2006.11.16 11:35:31 LOG7[5240:25188864]: Connection from
192.168.1.12:51469 permitted by libwrap
2006.11.16 11:35:31 LOG5[5240:25188864]: ssmtp connected from
192.168.1.12:51469
2006.11.16 11:35:31 LOG7[5240:25188864]: FD 10 in non-blocking mode
2006.11.16 11:35:31 LOG7[5240:25188864]: ssmtp connecting 127.0.0.1:25
2006.11.16 11:35:31 LOG7[5240:25188864]: connect_wait: waiting 10
seconds
2006.11.16 11:35:31 LOG7[5240:25188864]: connect_wait: connected
2006.11.16 11:35:31 LOG7[5240:25188864]: Remote FD=10 initialized
2006.11.16 11:35:31 LOG7[5240:25188864]: TCP_NODELAY option set on
remote socket
2006.11.16 11:35:31 LOG5[5240:25188864]: Negotiations for smtp
(client side) started
2006.11.16 11:35:31 LOG7[5240:2684415368]: Cleaning up the signal pipe
2006.11.16 11:35:31 LOG6[5240:2684415368]: Child process 5251
finished with code 0
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 220 mail3.bordo.com.au
ESMTP Postfix
2006.11.16 11:35:31 LOG7[5240:25188864]: -> 220 mail3.bordo.com.au
ESMTP Postfix
2006.11.16 11:35:31 LOG7[5240:25188864]: -> EHLO localhost
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-mail3.bordo.com.au
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-SIZE 10240000
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-ETRN
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-AUTH PLAIN LOGIN
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-AUTH=PLAIN LOGIN
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-XFORWARD NAME ADDR
PROTO HELO SOURCE
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-ENHANCEDSTATUSCODES
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250-8BITMIME
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 250 DSN
2006.11.16 11:35:31 LOG7[5240:25188864]: -> STARTTLS
2006.11.16 11:35:31 LOG7[5240:25188864]: <- 220 2.0.0 Ready to start
TLS
2006.11.16 11:35:31 LOG5[5240:25188864]: Protocol negotiations succeded
2006.11.16 11:35:31 LOG7[5240:25188864]: SSL state (connect): before/
connect initialization
2006.11.16 11:35:31 LOG7[5240:25188864]: SSL state (connect): SSLv2/
v3 write client hello A
2006.11.16 11:40:31 LOG6[5240:25188864]: init_ssl: s_poll_wait timeout
2006.11.16 11:40:31 LOG5[5240:25188864]: Connection reset: 0 bytes
sent to SSL, 0 bytes sent to socket
2006.11.16 11:40:31 LOG7[5240:25188864]: ssmtp finished (0 left)
2006.11.16 11:35:31 LOG7[5240:25188864]: ssmtp started
Postfix's log shows:
Nov 16 11:35:31 Fax-Machine postfix/smtpd[5252]: connect from
localhost[127.0.0.1]
Nov 16 11:35:31 Fax-Machine postfix/smtpd[5252]: setting up TLS
connection from localhost[127.0.0.1]
Nov 16 11:40:31 Fax-Machine postfix/smtpd[5252]: SSL_accept error
from localhost[127.0.0.1]: -1
Nov 16 11:40:31 Fax-Machine postfix/smtpd[5252]: lost connection
after STARTTLS from localhost[127.0.0.1]
Nov 16 11:40:31 Fax-Machine postfix/smtpd[5252]: disconnect from
localhost[127.0.0.1]
stunnel.conf is:
; Sample stunnel configuration file by Michal Trojnara 2002-2006
; Some options used here may not be adequate for your particular
configuration
; Certificate/key is needed in server mode and optional in client mode
; The default certificate is provided only for testing and should not
; be used in a production environment
cert = /etc/postfix/smtpd.cert
key = /etc/postfix/smtpd.key
debug=7
output=/dev/stdout
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff
;verify = 2
; Don't forget to c_rehash CApath
;CApath = certs
; It's often easier to use CAfile
;CAfile = certs.pem
; Don't forget to c_rehash CRLpath
;CRLpath = crls
; Alternatively you can use CRLfile
;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting
;debug = 7
;output = stunnel.log
; Use it for client mode
;client = yes
; Service-level configuration
protocol = smtp
sslVersion = all
;[pop3s]
;accept = 995
;connect = 110
;[imaps]
;accept = 993
;connect = 143
[ssmtp]
client = yes
accept = 465
connect = 25
;[https]
;accept = 443
;connect = 80
;TIMEOUTclose = 0
; vim:ft=dosini
Does anyone have any idea where I am going wrong?
Thanks,
James.
More information about the stunnel-users
mailing list