[stunnel-users] Debian Bug#460019: cert= produces output on stderr even with log= set

Luis Rodrigo Gallardo Cruz rodrigo at nul-unu.com
Fri Jan 11 08:22:11 CET 2008


----- Forwarded message from Bryan Donlan <bd at fushizen.net> -----

Version: 3:4.21-1

With the following configuration:
output = /srv/stun/log
compression = zlib
CApath = /srv/stun/keys
cert = /srv/stun/server.pem
connect = localhost:9999
verify = 3

The following is output on stderr:
2008.01.10 02:54:19 LOG5[11786:3083495088]: Peer certificate location /srv/stun/keys

This confuses clients when stunnel is driven direcly from xinetd. This
output, if it is produced at all, should be placed in the log file.

----- End forwarded message -----

The issue is that verify_init (verify.c:103) calls

  s_log(LOG_NOTICE, "Peer certificate location %s", section->ca_dir);

apparently before the logfile is setup. Could the log file
initialization be moved earlier in the starup sequence? Or maybe this
log call's severity could be lowered.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080111/d2ccca80/attachment.sig>


More information about the stunnel-users mailing list