[stunnel-users] stunnel silently dies
Michal.Trojnara at mobi-com.net
Mon Oct 17 14:10:53 CEST 2005
"Uffe Vedenbrant" <sqm at mynta.org> wrote:
> I.e. libwrap will complain about unauthorized access and keep on running,
> not just die without any logging at all..
> I really cannot say however if this is a stunnel or libwrap bug/feature..
> I.e. is stunnel to sensitive of what it gets back from
> libwrap or is libwrap sending more data than needed back to stunnel..
Libwrap hosts_access(3) manual claims:
hosts_access() consults the access control tables described in
hosts_access(5) manual page. When internal endpoint information
available, host names and client user names are looked up on
using the request structure as a cache. hosts_access() returns zero
access should be denied.
On the other hand hosts_options(5) claims:
Replace the current process by an instance of the
shell command, after performing the %<letter>
described in the hosts_access(5) manual page. Stdin, stdout
stderr are connected to the client process. This option
appear at the end of a rule.
In this case hosts_access *does not return at all*. 8-)
I've just modified stunnel to run libwrap as a separate process.
Here is the beta version. It should work fine with twist option.
More information about the stunnel-users