[stunnel-users] Unexpected closed connections

Rory Campbell-Lange rory at campbell-lange.net
Mon Apr 11 15:55:24 CEST 2005


Hi Everyone

We have been very happily using stunnel for about 5 months connecting a
site office back to a main office, tunnelling imap connections. We are
suddenly seeing lots of disconnection messages and people at a. can no
longer see their mail on d. The server suffers a "socket write shutdown"
condition and shuts down the associated process. We have restarted the
routers and firewalls and all seems to be working fine, other than
stunnel.

I'd be grateful for any insight or further help.

Many thanks
Rory

Present arrangement:

    a.        site client        
                  |
    b.        site server        port forwarded to c.
                  |
                  |
               internet
                  |
                  |
    c.      main office server   port forwarded to d.
                  |
    d.       imap server

Server b forwards imap connections securely to the main office server,
which then passes on on the imap connections to the imap server. Server
b connects through the following inetd line:

    imaph   stream  tcp nowait  nobody  /usr/sbin/stunnel /usr/sbin/stunnel -c -r server_c_address:imap

We are running version 3.26 on debian:

	stunnel 3.26 on i386-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7e 25 Oct 2004

Server shows following disconnect messages:

	2005.04.11 13:21:46 LOG7[13320:163848]: SSL alert (read): warning: close notify
	2005.04.11 13:21:46 LOG7[13320:163848]: SSL closed on SSL_read
	2005.04.11 13:21:46 LOG7[13320:163848]: SSL alert (write): warning: close notify
	2005.04.11 13:21:46 LOG7[13320:163848]: SSL write shutdown (output buffer empty)
	2005.04.11 13:21:46 LOG7[13320:163848]: Socket write shutdown (output buffer empty)
	2005.04.11 13:21:46 LOG5[13320:163848]: Connection closed: 92 bytes sent to SSL, 0 bytes sent to socket
	2005.04.11 13:21:46 LOG7[13320:163848]: 10.0.0.24.imap finished (6 left)

Client logs: 

	Apr 11 15:50:26 hald stunnel[4672]: server_b.imaps connected from 10.0.1.54:49301
	Apr 11 15:55:05 hald stunnel[4672]: SSL_connect: Peer suddenly disconnected
	...
	Apr 11 15:49:55 hald stunnel[4655]: 195.172.252.146.imaps connected from 10.0.1.52:49819
	Apr 11 15:54:08 hald stunnel[4655]: SSL_connect: Peer suddenly disconnected


-- 
Rory Campbell-Lange 
<rory at campbell-lange.net>
<www.campbell-lange.net>



More information about the stunnel-users mailing list