Hi Everyone
We have been very happily using stunnel for about 5 months connecting a site office back to a main office, tunnelling imap connections. We are suddenly seeing lots of disconnection messages and people at a. can no longer see their mail on d. The server suffers a "socket write shutdown" condition and shuts down the associated process. We have restarted the routers and firewalls and all seems to be working fine, other than stunnel.
I'd be grateful for any insight or further help.
Many thanks Rory
Present arrangement:
a. site client | b. site server port forwarded to c. | | internet | | c. main office server port forwarded to d. | d. imap server
Server b forwards imap connections securely to the main office server, which then passes on on the imap connections to the imap server. Server b connects through the following inetd line:
imaph stream tcp nowait nobody /usr/sbin/stunnel /usr/sbin/stunnel -c -r server_c_address:imap
We are running version 3.26 on debian:
stunnel 3.26 on i386-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7e 25 Oct 2004
Server shows following disconnect messages:
2005.04.11 13:21:46 LOG7[13320:163848]: SSL alert (read): warning: close notify 2005.04.11 13:21:46 LOG7[13320:163848]: SSL closed on SSL_read 2005.04.11 13:21:46 LOG7[13320:163848]: SSL alert (write): warning: close notify 2005.04.11 13:21:46 LOG7[13320:163848]: SSL write shutdown (output buffer empty) 2005.04.11 13:21:46 LOG7[13320:163848]: Socket write shutdown (output buffer empty) 2005.04.11 13:21:46 LOG5[13320:163848]: Connection closed: 92 bytes sent to SSL, 0 bytes sent to socket 2005.04.11 13:21:46 LOG7[13320:163848]: 10.0.0.24.imap finished (6 left)
Client logs:
Apr 11 15:50:26 hald stunnel[4672]: server_b.imaps connected from 10.0.1.54:49301 Apr 11 15:55:05 hald stunnel[4672]: SSL_connect: Peer suddenly disconnected ... Apr 11 15:49:55 hald stunnel[4655]: 195.172.252.146.imaps connected from 10.0.1.52:49819 Apr 11 15:54:08 hald stunnel[4655]: SSL_connect: Peer suddenly disconnected