[stunnel-users] stunnel-4.15-2.el5.1 zombie when xinetd

tatiana philippova t.a.philippova at gmail.com
Thu Feb 25 22:35:41 CET 2010


Hi All,
I have a problem with stunnel in xinetd mode. It cannot connect to
specified localhost:port - always getting child stunnel defunct as a
result..
4789 ?        Ss     0:00  \_ stunnel /etc/stunnel/stunnel.conf
   4790 ?        Z      0:00      \_ [stunnel] <defunct>

I'm trying use rsync via stunnel (!ssh for rsync does not suits me in
this particular case, but I need encrypt backup traffic anyway.. so
have chosen stunnel)


client config:
cert = /etc/stunnel/stunnel_client_cert.pem
client = yes
pid = /var/run/stunnel.pid
debug = 7
output = /var/log/stunnel.log
sslVersion = SSLv2
[ssync]
accept = 873
connect = myhost.somewhere.net:273


server config:
cert = /etc/stunnel/certs/host.pem
key = /etc/stunnel/certs/private/cakey.pem
client = no
pid = /var/run/stunnel.pid
debug = 7
#foreground = yes
output  = /var/log/stunel.log
connect = 873


xinetd config:
# default: off
# description: SSL wrapper for rsyncd
service ssync
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/stunnel
        server_args     = /etc/stunnel/stunnel.conf
        log_on_success  += HOST DURATION
        log_on_failure  += HOST
        only_from       = 192.168.5.15 127.0.0.1
}

on server side
/etc/services:
ssync 		273/tcp 			# rsync over stunnel

# ps axf | grep rsyn
15637 ?        S      0:00 /usr/bin/rsync -4 --daemon --no-detach

# netstat -an --program | grep 273
tcp        0      0 0.0.0.0:273                 0.0.0.0:*
     LISTEN      4751/xinetd

# netstat -an --program | grep 873
tcp        0      0 127.0.0.1:873               0.0.0.0:*
     LISTEN      15637/rsync


In case of server stunnel running as standalone - everything works
perfectly well, but I need it working as xinetd service rather than
standalone


Could somebody kindly advise what I'm doing wrong?

soft   on server side:
stunnel-4.15-2.el5.1,
openssl-0.9.8e-7.el5
OS CentOS release 5.3 (Final),
kernel 2.6.18-128.1.6.el5

on client side:
stunnel-4.30-1.i386.rpm (compiled as  rpmbuild -ta stunnel-4.30.tar.gz)
openssl-0.9.8g-9.14.fc9.i686
OS Fedora release 9 (Sulphur)
kernel  2.6.28


Many thanks in advance
Taphy



More information about the stunnel-users mailing list