[stunnel-users] 4.12 Broken?

G J Piper stunnel at macpicks.com
Tue Oct 4 18:31:20 CEST 2005


I'm afraid I'm a total newbie when it comes to this. Also, the server 
I'm running it on is an Interland VPS Root server, so if I change any of 
the installed libraries, they won't upgrade anything related in the 
future because I will have broken the hard- and sym-links to the various 
pieces of the server. Here is an exerpt from my "messages" log that may 
be of help:

##########################

8419: Oct  3 12:58:06 pipercomputerservices stunnel: 
LOG5[35903:134610944]: Connection closed: 34452 bytes sent to SSL, 61 
bytes sent to socket

8420: Oct  3 12:58:06 pipercomputerservices qpopper[35904]: gregarios at 
pipercomputerservices.net (66.223.127.146): -ERR SIGHUP or SIGPIPE flagged

8421: Oct  3 12:58:06 pipercomputerservices qpopper[35904]: gregarios at 
pipercomputerservices.net (66.223.127.146): -ERR POP hangup

8422: Oct  3 12:58:06 pipercomputerservices qpopper[35904]: Stats: 
gregarios 0 0 35 649483 pipercomputerservices.net 66.223.127.146

8423: Oct  3 12:58:19 pipercomputerservices stunnel: 
LOG5[35990:134610944]: stunnel 4.12 on i386-unknown-freebsd4.4 
PTHREAD+POLL+IPv4+LIBWRAP with OpenSSL 0.9.6e 30 Jul 2002

8424: Oct  3 12:58:19 pipercomputerservices stunnel: 
LOG5[35990:134610944]: stunnel connected from 209.210.207.212:35931

8432: Oct  3 12:59:06 pipercomputerservices stunnel: 
LOG5[35990:134610944]: Connection closed: 34452 bytes sent to SSL, 61 
bytes sent to socket

##########################

Is it possible to upgrade the library just for stunnel? Is the library 
just a single file that can be replaced, then put back if neccessary?

I'd hate to break my SSL capability -- I have many customer domains 
hosted on the server.

~ Greg


Michal Trojnara wrote:
> "G J Piper" <stunnel at macpicks.com> wrote:
> 
>> The new Stunnel Version 4.12 doesn't work well with POPs mail retrieval
>> on my system. Reverting back to 4.11 fixes it perfectly. With 4.12,
>> various emails wouldn't come through, got random timeouts, LONG email
>> retrieval times mainly. Sometimes an email would be impossible to
>> retrieve from the spool file.
> 
> [cut]
> 
>> OpenSSL 0.9.6e 30 Jul 2002
> 
> 
> Could you try to upgrade your OpenSSL library to version 0.9.8?
> 
> I decided *not* to wait for SSL socket to be ready for reading when 
> OpenSSL signals SSL_want_write and *not* to wait for SSL socket to be 
> ready for writing when OpenSSL signals SSL_want_read.  That fixed the 
> problem of another user and I guess it could result in your problem.
> 
> Could you describe an algorithm for me to reproduce your problem so I 
> could test it?
> 
> Best regards,
>    Mike



More information about the stunnel-users mailing list