[stunnel-users] Segfault after connecting

Andrew Culver aculver at uwo.ca
Thu Feb 23 23:33:22 CET 2017


Hi Mike,

Tried 5.41b3 and it's no longer segfaulting. I'll keep an eye out for 5.41
stable. Here's the debug log if it should help Peter with his workaround:

Thanks!
Andrew

2017.02.23 17:28:47 LOG7[ui]: Service [uwo2local] accepted (FD=3) from
129.100.6.17:61027
2017.02.23 17:28:47 LOG7[2]: Service [uwo2local] started
2017.02.23 17:28:47 LOG7[2]: Option TCP_NODELAY set on local socket
2017.02.23 17:28:47 LOG5[2]: Service [uwo2local] accepted connection from
129.100.6.17:61027
2017.02.23 17:28:47 LOG6[2]: failover: round-robin, starting at entry #0
2017.02.23 17:28:47 LOG6[2]: s_connect: connecting ::1:20587
2017.02.23 17:28:47 LOG7[2]: s_connect: s_poll_wait ::1:20587: waiting 10
seconds
2017.02.23 17:28:47 LOG3[2]: s_connect: connect ::1:20587: Connection
refused (111)
2017.02.23 17:28:47 LOG6[2]: s_connect: connecting 127.0.0.1:20587
2017.02.23 17:28:47 LOG7[2]: s_connect: s_poll_wait 127.0.0.1:20587:
waiting 10 seconds
2017.02.23 17:28:47 LOG5[2]: s_connect: connected 127.0.0.1:20587
2017.02.23 17:28:47 LOG5[2]: Service [uwo2local] connected remote server
from 127.0.0.1:33552
2017.02.23 17:28:47 LOG7[2]: Option TCP_NODELAY set on remote socket
2017.02.23 17:28:47 LOG7[2]: Remote descriptor (FD=9) initialized
2017.02.23 17:28:47 LOG7[ui]: Found 1 ready file descriptor(s)
2017.02.23 17:28:47 LOG7[ui]: FD=4 events=0x2001 revents=0x0
2017.02.23 17:28:47 LOG7[ui]: FD=7 events=0x2001 revents=0x0
2017.02.23 17:28:47 LOG7[ui]: FD=8 events=0x2001 revents=0x1
2017.02.23 17:28:47 LOG7[ui]: Service [local2o365] accepted (FD=10) from
127.0.0.1:33552
2017.02.23 17:28:47 LOG7[3]: Service [local2o365] started
2017.02.23 17:28:47 LOG7[3]: Option TCP_NODELAY set on local socket
2017.02.23 17:28:47 LOG5[3]: Service [local2o365] accepted connection from
127.0.0.1:33552
2017.02.23 17:28:47 LOG6[3]: failover: round-robin, starting at entry #9
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:902:2c::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:902:2c::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:101:4b::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:101:4b::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:3e::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:3e::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:ca::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:ca::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:902:a2::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:902:a2::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:404:68::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:404:68::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:102:67::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:102:67::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:404:2a::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:404:2a::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:16::2:587
2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:16::2:587:
Network is unreachable (101)
2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 40.97.112.66:587
2017.02.23 17:28:47 LOG7[3]: s_connect: s_poll_wait 40.97.112.66:587:
waiting 10 seconds
2017.02.23 17:28:47 LOG5[3]: s_connect: connected 40.97.112.66:587
2017.02.23 17:28:47 LOG5[3]: Service [local2o365] connected remote server
from 172.18.58.248:46284
2017.02.23 17:28:47 LOG7[3]: Option TCP_NODELAY set on remote socket
2017.02.23 17:28:47 LOG7[3]: Remote descriptor (FD=11) initialized
2017.02.23 17:28:47 LOG7[3]:  <- 220 DM5PR07CA0043.outlook.office365.com
Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000
2017.02.23 17:28:47 LOG7[3]:  -> 220 DM5PR07CA0043.outlook.office365.com
Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000
2017.02.23 17:28:47 LOG7[3]:  -> EHLO localhost
2017.02.23 17:28:47 LOG7[3]:  <- 250-DM5PR07CA0043.outlook.office365.com
Hello [129.100.1.192]
2017.02.23 17:28:47 LOG7[3]:  <- 250-SIZE 157286400
2017.02.23 17:28:47 LOG7[3]:  <- 250-PIPELINING
2017.02.23 17:28:47 LOG7[3]:  <- 250-DSN
2017.02.23 17:28:47 LOG7[3]:  <- 250-ENHANCEDSTATUSCODES
2017.02.23 17:28:47 LOG7[3]:  <- 250-STARTTLS
2017.02.23 17:28:47 LOG7[3]:  <- 250-8BITMIME
2017.02.23 17:28:47 LOG7[3]:  <- 250-BINARYMIME
2017.02.23 17:28:47 LOG7[3]:  <- 250-CHUNKING
2017.02.23 17:28:47 LOG7[3]:  <- 250 SMTPUTF8
2017.02.23 17:28:47 LOG7[3]:  -> STARTTLS
2017.02.23 17:28:47 LOG7[3]:  <- 220 2.0.0 SMTP server ready
2017.02.23 17:28:47 LOG6[3]: SNI: sending servername: smtp.office365.com
2017.02.23 17:28:47 LOG6[3]: Peer certificate required
2017.02.23 17:28:47 LOG7[3]: TLS state (connect): before SSL initialization
2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS write client
hello
2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS write client
hello
2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS read server
hello
2017.02.23 17:28:47 LOG7[3]: Verification started at depth=1: C=US,
O=DigiCert Inc, CN=DigiCert Cloud Services CA-1
2017.02.23 17:28:47 LOG4[3]: CERT: Pre-verification error: unable to get
local issuer certificate
2017.02.23 17:28:47 LOG4[3]: Rejected by CERT at depth=1: C=US, O=DigiCert
Inc, CN=DigiCert Cloud Services CA-1
2017.02.23 17:28:47 LOG7[3]: Remove session callback
2017.02.23 17:28:47 LOG7[3]: TLS alert (write): fatal: unknown CA
2017.02.23 17:28:47 LOG3[3]: SSL_connect: 1416F086: error:1416F086:SSL
routines:tls_process_server_certificate:certificate verify failed
2017.02.23 17:28:47 LOG5[3]: Connection reset: 0 byte(s) sent to TLS, 0
byte(s) sent to socket
2017.02.23 17:28:47 LOG7[3]: Deallocating application specific data for
addr index
2017.02.23 17:28:47 LOG7[3]: Remote descriptor (FD=11) closed
2017.02.23 17:28:47 LOG7[3]: Local descriptor (FD=10) closed
2017.02.23 17:28:47 LOG7[3]: Service [local2o365] finished (1 left)
2017.02.23 17:28:47 LOG7[2]: RFC 2487 detected
2017.02.23 17:28:47 LOG7[2]:  <- 220 DM5PR07CA0043.outlook.office365.com
Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000
2017.02.23 17:28:47 LOG7[2]:  -> 220 DM5PR07CA0043.outlook.office365.com
stunnel for Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47
+0000
2017.02.23 17:28:53 LOG7[ui]: Found 1 ready file descriptor(s)
2017.02.23 17:28:53 LOG7[ui]: FD=4 events=0x2001 revents=0x0
2017.02.23 17:28:53 LOG7[ui]: FD=7 events=0x2001 revents=0x1
2017.02.23 17:28:53 LOG7[ui]: FD=8 events=0x2001 revents=0x0
2017.02.23 17:28:53 LOG7[ui]: Service [uwo2local] accepted (FD=10) from
172.18.58.5:25268
2017.02.23 17:28:53 LOG7[4]: Service [uwo2local] started
2017.02.23 17:28:53 LOG7[4]: Option TCP_NODELAY set on local socket
2017.02.23 17:28:53 LOG5[4]: Service [uwo2local] accepted connection from
172.18.58.5:25268
2017.02.23 17:28:53 LOG6[4]: failover: round-robin, starting at entry #1
2017.02.23 17:28:53 LOG6[4]: s_connect: connecting 127.0.0.1:20587
2017.02.23 17:28:53 LOG7[4]: s_connect: s_poll_wait 127.0.0.1:20587:
waiting 10 seconds
2017.02.23 17:28:53 LOG5[4]: s_connect: connected 127.0.0.1:20587
2017.02.23 17:28:53 LOG5[4]: Service [uwo2local] connected remote server
from 127.0.0.1:33556
2017.02.23 17:28:53 LOG7[4]: Option TCP_NODELAY set on remote socket
2017.02.23 17:28:53 LOG7[4]: Remote descriptor (FD=11) initialized
2017.02.23 17:28:53 LOG7[4]: RFC 2487 not detected
2017.02.23 17:28:53 LOG6[4]: Peer certificate not required
2017.02.23 17:28:53 LOG7[4]: TLS state (accept): before SSL initialization
2017.02.23 17:28:53 LOG3[4]: SSL_accept: Peer suddenly disconnected
2017.02.23 17:28:53 LOG5[4]: Connection reset: 0 byte(s) sent to TLS, 0
byte(s) sent to socket
2017.02.23 17:28:53 LOG7[4]: Remote descriptor (FD=11) closed
2017.02.23 17:28:53 LOG7[4]: Local descriptor (FD=10) closed
2017.02.23 17:28:53 LOG7[4]: Service [uwo2local] finished (1 left)
2017.02.23 17:28:53 LOG7[ui]: Found 1 ready file descriptor(s)
2017.02.23 17:28:53 LOG7[ui]: FD=4 events=0x2001 revents=0x0
2017.02.23 17:28:53 LOG7[ui]: FD=7 events=0x2001 revents=0x0
2017.02.23 17:28:53 LOG7[ui]: FD=8 events=0x2001 revents=0x1



*Andrew Culver*
System Administrator
Information Technology Services <https://www.uwo.ca/its>
University of Western Ontario <https://www.uwo.ca>
e: aculver at uwo.ca
p: 519-661-2111 x80265 <15196612111,80265>
cal: html <http://goo.gl/wVoDlo> | ics <http://goo.gl/ncUjV0>


On Thu, Feb 23, 2017 at 4:54 PM, MichaƂ Trojnara <
Michal.Trojnara at stunnel.org> wrote:

> On 23.02.2017 17:41, Andrew Culver wrote:
> > I'm running stunnel 5.40 and I'm having the same problem on 2 different
> > servers running openssl 1.1.0d and 1.1.0e.
>
> Apparently, sessions are no longer expected to be explicitly released
> with OpenSSL 1.1.x.  Peter Pentchev is currently investigating this
> issue.  In the meantime, please try the following workaround:
> https://www.stunnel.org/downloads/beta/stunnel-5.41b3.tar.gz
>
> Best regards,
>         Mike
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20170223/b0a66eb7/attachment.html>


More information about the stunnel-users mailing list