[stunnel-users] can't get client address
Draeath Spamtrap
draeath.spamtrap at gmail.com
Tue Nov 13 18:59:54 CET 2007
Stunnel appears to be working fine, but when started it spams my syslog about
5 times with the following message:
"stunnel: warning: can't get client address: Bad file descriptor"
There are no other messages from stunnel.
I'm not sure where it's coming from...
It looks like it is running without command line arguments. My init script has
the following snippets that make me think that:
> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
> PREFIX=/usr/local
> DAEMON=/usr/local/bin/stunnel
> PIDFILE=/var/lib/stunnel/stunnel.pid
>
> test -f $DAEMON || exit 0
>
> case "$1" in
> start)
> echo -n "Starting universal SSL tunnel: stunnel"
> $DAEMON || echo -n " failed"
> echo "."
> ;;
> {TRIMMED REST OF FILE}
My stunnel version info:
> stunnel 4.21 on i686-pc-linux-gnu with OpenSSL 0.9.8e 23 Feb 2007
> Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
>
> Global options
> debug = 5
> pid = /usr/local/var/run/stunnel/stunnel.pid
> RNDbytes = 64
> RNDfile = /dev/urandom
> RNDoverwrite = yes
> Service-level options
> cert = /usr/local/etc/stunnel/stunnel.pem
> ciphers = ALL:!ADH:+RC4:@STRENGTH
> key = /usr/local/etc/stunnel/stunnel.pem
> session = 300 seconds
> sslVersion = SSLv3 for client, all for server
> TIMEOUTbusy = 300 seconds
> TIMEOUTclose = 60 seconds
> TIMEOUTconnect = 10 seconds
> TIMEOUTidle = 43200 seconds
> verify = none
My stunnel config file:
> cert = /usr/local/etc/stunnel/stunnel.pem
> key = /usr/local/etc/stunnel/stunnel.pem
> sslVersion = SSLv3
> chroot = /var/lib/stunnel/
> setuid = 99
> setgid = 99
> pid = /stunnel.pid
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> client = yes
> [nntps]
> accept = 127.0.0.1:119
> connect = secure.news.easynews.com:563
Again, it is all working, and aside from my TCP_NODELAY flags, everything in
my conf would be a show-stopper if it was invalid or not working...
*of note: I had to set the uid/gid number. for some reason it couldn't resolve
the gid/uid on it's own. My /etc/passwd is world-readable (with hashes in
shadow) as is standard.
I'm not sure I should even be worried about this...
More information about the stunnel-users
mailing list