[stunnel-users] Stunnel waits for a long time if client does not negotiate SSL

Denis Solovyov elk at elk.ru
Tue Aug 7 21:47:26 CEST 2012


I use stunnel 4.53 to provide pop3s for existing pop3 service. I start
stunnel from xinetd, and then exec pop3 utility from stunnel.

If a legal pop3s client connects to a server, everything's fine. But if
I try to do "telnet host 995" with a simple telnet client and then just
do nothing (or even close telnet client without quitting) stunnel
process keeps waiting for a very long time (actually maybe forever, I
just kill it). The last line in log in such case "Service [stunnel]
accepted connection from xx.xx.xx.xx:xxxx". No stunnel TIMEOUT* options
have effect in this situation.

What can I do to avoid such "waiting"?
Maybe stunnel should have something like "SSL negotiation timeout"?  Or
is there a way to emulate it? (Analyzing `ps` or `netstat` is a bad idea
of course.)

With the best regards,
Denis Solovyov

More information about the stunnel-users mailing list