[stunnel-users] IRC-Reconnect failed with "[10053] Software caused connection abort"(mIRC) and "SSL_connect: Peer suddenly disconnected"(tstunnel.exe)

[Michal Trojnara]

On 2013-09-03 13:14, ralf29587 wrote:
> When this error occurs, I have to kill tstunnel.exe and start it again
> - then everything works fine again.

This is a very interesting bug.  It took me a while to diagnose it.  It
looks like when stunnel connects to the same server the second time and
offers to resume the previously negotiated session (to avoid using
time-consuming asymmetric cryptography), the remote server just
disconnects the TCP session.  This is probably not the most graceful way
to handle an unsupported feature.  I wonder what software do they use
for SSL...

The workaround is to prevent stunnel from sending session tickets with
the following configuration file option:
    options = NO_TICKET
You can either specify the option globally, or only in the specific
sections of the malfunctioning servers.

Mike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130903/8ed522f6/attachment.sig>