[stunnel-users] Stunnel crashing
dave at gomel.ca
Tue Jun 21 14:07:32 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Thanks for the suggestions Vasil.
The version of openSSL *is* in fact patched by redhat, so it should be no
different than 0.9.7g. I tried running 4.09 to see if that made a
difference and while it wasn't causing the weird mailbox lock errors that
4.10 was, it crashed about 24 hours after launch just as 4.04 did.
You mentioned perhaps needing to do a backtrace. What does this mean and
how would I do it?
Thanks for any other suggestions.
On 6/20/05 7:23 AM, "Vasil Dimov" <vd at datamax.bg> wrote:
> On Sun, Jun 19, 2005 at 04:58:34PM +0200, David Gomel wrote:
>> I have been having some major problems trying to secure pop3 and imap with
>> stunnel. I am running a RHEL3 box with Cpanel. I first started off by
>> installing a clean copy of stunnel 4.10 but it was causing numerous bizarre
>> problems. 1) it would crash after a few hours of the daemon operating, 2)
>> before it would crash I would be getting tons of 'mailbox locked' errors and
>> 3) the occasional timeout connecting. I eventually gave up with 4.10 and
>> decided to try to use the stunnel 4.04 that was already doing https for
>> cpanel/whm. I created a separate config file and ran a separate daemon just
>> for pop/imap (I did this because I want them to be using different SSL
>> certs). This seemed to be working perfectly as there were no timeouts, no
>> locked mailbox errors and it didn't seem to be crashing. After about 24
>> hours however, the process had shut down. I tried a few more times and
>> again after about 12-24 hours of running my pop/imap only stunnel daemon
>> crashes. I should also mention 2 other things: 1) prior to having set up
>> 4.10 on my box, stunnel 4.04 was listening for pop/imap without crashing (it
>> just wasn't being used however). 2) The other daemon running https for
>> cpanel/whm hasn't crashed at all.
>> I've included the log (level 7) for everything that happened in the 1-2
>> seconds before it crashed. If anyone could offer any advice, it would be
>> greatly appreciated!
>> Info needed:
>> 6) Output of "openssl version":
>> OpenSSL 0.9.7a Feb 19 2003
> I am not sure if this is not redhat's somehow patched version of 0.9.7a,
> but if it is the original 0.9.7a then it has A LOT OF BUGS that may be
> causing the crash.
> I would suggest that you try openssl 0.9.7g and stunnel-4.09:
> 1. install openssl 0.9.7g manually (from source) with
> --prefix=/tmp/openssl (for example)
> 2. export LD_LIBRARY_PATH=/tmp/openssl/lib
> 3. use stunnel's configure option --with-ssl=/tmp/openssl
> 4. make sure the new stunnel links with openssl-0.9.7g:
> ldd .../stunnel-4.09/src/stunnel, libssl.so.3 and libcrypto.so.3
> should point to /tmp/openssl/lib/
> 5. run stunnel .../stunnel-4.09/src/stunnel /path/to/stunnel.conf and
> see what happens
> If it still crashes you shoud try to get a backtrace.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)
-----END PGP SIGNATURE-----
More information about the stunnel-users