[stunnel-users] create_client failed
James
cypher at woh.rr.com
Fri Sep 29 15:24:53 CEST 2006
I am running Debian 3.1 (stable) with stunnel 3.26 (Debian package)
to wrap my qmail pop3 daemon. Stunnel works properly for a good amount
of time, but at a point (I am unable to find any specific influencing
factors) it begins to fail with the error, "Connection reject:
create_client failed" (see below for more info). To fix the error I
have to kill and restart stunnel. I have adjusted the timeouts for both
stunnel and the pop3 daemon, but nothing appears to have a lasting
affect. When stunnel errors out the pop3 daemon is still available and
can be connected to, so it does not appear to be an issue related to
stunnel not being able to talk to the pop3 daemon.
Below I have some of the debugging and system information regarding
the system and problem. I would be more than appreciative if anyone had
some input.
Thank you.
# Error
stunnel[2500]: pop3 accepted FD=9 ###.###.###.###
stunnel[2500]: Connection rejected: create_client failed
# strace -p
select(7, [4 6], NULL, NULL, NULL) = 1 (in [6])
fcntl64(6, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(6, F_SETFL, O_RDWR|O_NONBLOCK) = 0
accept(6, {sa_family=AF_INET, sin_port=htons(63759),
sin_addr=inet_addr("###.###.###.###")}, [16]) = 9
fcntl64(6, F_SETFL, O_RDWR) = 0
fcntl64(9, F_SETFD, FD_CLOEXEC) = 0
rt_sigprocmask(SIG_BLOCK, [HUP INT QUIT TERM CHLD], [], 8) = 0
mmap2(NULL, 8388608, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = -1 ENOMEM (Cannot allocate memory)
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
close(9) = 0
time([1159535901]) = 1159535901
getpid() = 21864
rt_sigaction(SIGPIPE, {0x40253a70, [], 0}, {SIG_IGN}, 8) = 0
send(3, "<27>Sep 29 09:18:21 stunnel[2186"..., 77, 0) = 77
rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
close(9) = -1 EBADF (Bad file descriptor)
# uname -a
2.6.8-3-686-smp #1 SMP Thu Sep 7 04:39:15 UTC 2006 i686 GNU/Linux
# libc version
GNU C Library stable release version 2.3.2
# Command Running
/usr/sbin/stunnel -d pop3s -r pop3 -p /etc/ssl/certs/pop3d.pem -R
/dev/urandom -s nobody -g root
# stunnel -V
stunnel 3.26 on i386-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7e 25
Oct 2004
Default behaviour:
run in inetd mode (unless -d used)
run in background (unless -f used)
run in ssl server mode (unless -c used)
Compile time defaults:
-v level no verify
-a directory /etc/ssl/certs
-A file (none)
-S sources 3
-t timeout 300 seconds
-B bytes 64
-D level 5
-P pid dir /var/run/stunnel/
-p pemfile in server mode: /etc/ssl/certs/stunnel.pem
in client mode: none
Socket option defaults:
Option Accept Local Remote OS default
SO_DEBUG -- -- -- 0
SO_DONTROUTE -- -- -- 0
SO_KEEPALIVE -- -- -- 0
SO_LINGER -- -- -- 0:0
SO_OOBINLINE -- -- -- 0
SO_RCVBUF -- -- -- 87380
SO_SNDBUF -- -- -- 16384
SO_RCVLOWAT -- -- -- 1
SO_SNDLOWAT -- -- -- 1
SO_RCVTIMEO -- -- -- 0:0
SO_SNDTIMEO -- -- -- 0:0
SO_REUSEADDR 1 -- -- 0
SO_BINDTODEVICE -- -- -- --
IP_TOS -- -- -- 0
IP_TTL -- -- -- 64
TCP_NODELAY -- -- -- 0
More information about the stunnel-users
mailing list