[stunnel-users] stunnel silently dies
sqm at mynta.org
Tue Oct 18 21:48:15 CEST 2005
It didn't die..
I hope that this does not cause high load on servers
accepting a high number of connects per second..
Michal Trojnara wrote:
> "Uffe Vedenbrant" <sqm at mynta.org> wrote:
>> I.e. libwrap will complain about unauthorized access and keep on
>> running, not just die without any logging at all..
>> I really cannot say however if this is a stunnel or libwrap
>> bug/feature.. I.e. is stunnel to sensitive of what it gets back from
>> libwrap or is libwrap sending more data than needed back to stunnel..
> Libwrap hosts_access(3) manual claims:
> hosts_access() consults the access control tables described in
> hosts_access(5) manual page. When internal endpoint
> information is
> available, host names and client user names are looked up on
> using the request structure as a cache. hosts_access() returns
> zero if
> access should be denied.
> On the other hand hosts_options(5) claims:
> twist shell_command
> Replace the current process by an instance of the
> shell command, after performing the %<letter>
> described in the hosts_access(5) manual page. Stdin,
> stdout and
> stderr are connected to the client process. This option
> appear at the end of a rule.
> In this case hosts_access *does not return at all*. 8-)
> Good news!
> I've just modified stunnel to run libwrap as a separate process.
> Here is the beta version. It should work fine with twist option.
> Best regards,
> stunnel-users mailing list
> stunnel-users at mirt.net
More information about the stunnel-users