[stunnel-users] Stunnel crashing

• Previous message (by thread): [stunnel-users] Stunnel crashing
• Next message (by thread): [stunnel-users] Stunnel crashing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jun 19, 2005 at 04:58:34PM +0200, David Gomel wrote:
> I have been having some major problems trying to secure pop3 and imap with
> stunnel.  I am running a RHEL3 box with Cpanel.  I first started off by
> installing a clean copy of stunnel 4.10 but it was causing numerous bizarre
> problems.  1) it would crash after a few hours of the daemon operating, 2)
> before it would crash I would be getting tons of 'mailbox locked' errors and
> 3) the occasional timeout connecting.  I eventually gave up with 4.10 and
> decided to try to use the stunnel 4.04 that was already doing https for
> cpanel/whm.  I created a separate config file and ran a separate daemon just
> for pop/imap (I did this because I want them to be using different SSL
> certs).  This seemed to be working perfectly as there were no timeouts, no
> locked mailbox errors and it didn't seem to be crashing.  After about 24
> hours however, the process had shut down.  I tried a few more times and
> again after about 12-24 hours of running my pop/imap only stunnel daemon
> crashes.  I should also mention 2 other things: 1) prior to having set up
> 4.10 on my box, stunnel 4.04 was listening for pop/imap without crashing (it
> just wasn't being used however). 2) The other daemon running https for
> cpanel/whm hasn't crashed at all.
> 
> I've included the log (level 7) for everything that happened in the 1-2
> seconds before it crashed.  If anyone could offer any advice, it would be
> greatly appreciated!
> 
> Thanks!
> David
> 
> Info needed:
> 
> 
> 6) Output of "openssl version":
> 
> OpenSSL 0.9.7a Feb 19 2003
> 

I am not sure if this is not redhat's somehow patched version of 0.9.7a,
but if it is the original 0.9.7a then it has A LOT OF BUGS that may be
causing the crash.

I would suggest that you try openssl 0.9.7g and stunnel-4.09:

1. install openssl 0.9.7g manually (from source) with
  --prefix=/tmp/openssl (for example)
2. export LD_LIBRARY_PATH=/tmp/openssl/lib
3. use stunnel's configure option --with-ssl=/tmp/openssl
4. make sure the new stunnel links with openssl-0.9.7g:
  ldd .../stunnel-4.09/src/stunnel, libssl.so.3 and libcrypto.so.3
  should point to /tmp/openssl/lib/
5. run stunnel .../stunnel-4.09/src/stunnel /path/to/stunnel.conf and
  see what happens

If it still crashes you shoud try to get a backtrace.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20050620/d28715a0/attachment.sig>

• Previous message (by thread): [stunnel-users] Stunnel crashing
• Next message (by thread): [stunnel-users] Stunnel crashing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]