Bug#843988: stunnel4 segfaults (client mode)
control: tag -1 + pending On Tue, Nov 15, 2016 at 05:06:24PM +0100, gregor herrmann wrote: > On Tue, 15 Nov 2016 13:39:21 +0100, Sebastian Andrzej Siewior wrote: > > > On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote: > > > Yay, this looks good! > > So upstream came up with the patch attached after I forwaded mine. Can > > you please confirm whether this works or not? > > Confirmed: I don't see any crashes with this patch applied. > Thanks. Thanks a lot to both of you! I've added the patch to the stunnel4 Debian package repository; an upload should be forthcoming soon. (I'll drop a note to my comaintainer and sponsor, László Böszörményi, once I get the mentors.d.n upload notification) G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p...@storpool.com PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 signature.asc Description: PGP signature
Bug#843988: stunnel4 segfaults (client mode)
On Tue, 15 Nov 2016 13:39:21 +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote: > > Yay, this looks good! > So upstream came up with the patch attached after I forwaded mine. Can > you please confirm whether this works or not? Confirmed: I don't see any crashes with this patch applied. Thanks. Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Rolling Stones signature.asc Description: Digital Signature
Bug#843988: stunnel4 segfaults (client mode)
On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote: > Yay, this looks good! So upstream came up with the patch attached after I forwaded mine. Can you please confirm whether this works or not? > Cheers, > gregor Sebastian diff --git a/src/prototypes.h b/src/prototypes.h index c196f92..86f4631 100644 --- a/src/prototypes.h +++ b/src/prototypes.h @@ -776,6 +776,7 @@ void *str_alloc_debug(size_t, const char *, int); #define str_alloc(a) str_alloc_debug((a), __FILE__, __LINE__) void *str_alloc_detached_debug(size_t, const char *, int); #define str_alloc_detached(a) str_alloc_detached_debug((a), __FILE__, __LINE__) +void *str_realloc_detached_debug(void *, size_t, const char *, int); void *str_realloc_debug(void *, size_t, const char *, int); #define str_realloc(a, b) str_realloc_debug((a), (b), __FILE__, __LINE__) void str_detach_debug(void *, const char *, int); diff --git a/src/str.c b/src/str.c index 524015a..b4331f7 100644 --- a/src/str.c +++ b/src/str.c @@ -90,6 +90,8 @@ NOEXPORT int leak_result_num=0; NOEXPORT LPTSTR str_vtprintf(LPCTSTR, va_list); #endif /* USE_WIN32 */ +NOEXPORT void *str_realloc_internal_debug(void *, size_t, const char *, int); + NOEXPORT ALLOC_LIST *get_alloc_list_ptr(void *, const char *, int); NOEXPORT void str_leak_debug(const ALLOC_LIST *, int); @@ -288,10 +290,22 @@ void *str_alloc_detached_debug(size_t size, const char *file, int line) { } void *str_realloc_debug(void *ptr, size_t size, const char *file, int line) { +if(ptr) +return str_realloc_internal_debug(ptr, size, file, line); +else +return str_alloc_debug(size, file, line); +} + +void *str_realloc_detached_debug(void *ptr, size_t size, const char *file, int line) { +if(ptr) +return str_realloc_internal_debug(ptr, size, file, line); +else +return str_alloc_detached_debug(size, file, line); +} + +NOEXPORT void *str_realloc_internal_debug(void *ptr, size_t size, const char *file, int line) { ALLOC_LIST *prev_alloc_list, *alloc_list; -if(!ptr) -return str_alloc_debug(size, file, line); prev_alloc_list=get_alloc_list_ptr(ptr, file, line); str_leak_debug(prev_alloc_list, -1); if(prev_alloc_list->size>size) /* shrinking the allocation */ diff --git a/src/tls.c b/src/tls.c index 3964f9c..624022f 100644 --- a/src/tls.c +++ b/src/tls.c @@ -54,10 +54,10 @@ void tls_init() { ui_tls=tls_alloc(NULL, NULL, "ui"); #if OPENSSL_VERSION_NUMBER>=0x1010L CRYPTO_set_mem_functions(str_alloc_detached_debug, -str_realloc_debug, str_free_debug); +str_realloc_detached_debug, str_free_debug); #else CRYPTO_set_mem_ex_functions(str_alloc_detached_debug, -str_realloc_debug, free_function); +str_realloc_detached_debug, free_function); #endif }
Bug#843988: stunnel4 segfaults (client mode)
On Mon, Nov 14, 2016 at 11:13:14PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote: > > Control: tag -1 + patch > > > > On Mon, 14 Nov 2016 22:07:12 +0100, Sebastian Andrzej Siewior wrote: > > > > > On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote: > > > > Thanks, but nope, still the same: > > > What about this one? > > > > Yay, this looks good! > > > > Built, installed, started, and it's still running after several > > fetchnews runs. Thanks! > > Thank you for the confirmation. And now please explain why it works with > openssl 1.0.2. It should have exploded the same way… Well, the cleanup handling has changed a bit from OpenSSL 1.0 to 1.1, although stunnel's cleanup routines do seem to have been updated; maybe something was missed there. Thanks A LOT for the analysis and this patch! I'll take a look now, see if there's something else, and forward it upstream. G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p...@storpool.com PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 signature.asc Description: PGP signature
Bug#843988: stunnel4 segfaults (client mode)
On Mon, 14 Nov 2016 23:13:14 +0100, Sebastian Andrzej Siewior wrote: > > Built, installed, started, and it's still running after several > > fetchnews runs. Thanks! > Thank you for the confirmation. And now please explain why it works with > openssl 1.0.2. It should have exploded the same way… Sorry, no idea either … Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Flying Pickets: I Feel For You signature.asc Description: Digital Signature
Bug#843988: stunnel4 segfaults (client mode)
On 2016-11-14 22:43:16 [+0100], gregor herrmann wrote: > Control: tag -1 + patch > > On Mon, 14 Nov 2016 22:07:12 +0100, Sebastian Andrzej Siewior wrote: > > > On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote: > > > Thanks, but nope, still the same: > > What about this one? > > Yay, this looks good! > > Built, installed, started, and it's still running after several > fetchnews runs. Thanks! Thank you for the confirmation. And now please explain why it works with openssl 1.0.2. It should have exploded the same way… > Cheers, > gregor > Sebastian
Bug#843988: stunnel4 segfaults (client mode)
Control: tag -1 + patch On Mon, 14 Nov 2016 22:07:12 +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote: > > Thanks, but nope, still the same: > What about this one? Yay, this looks good! Built, installed, started, and it's still running after several fetchnews runs. Thanks! Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Ludwig Hirsch: Die Gelse signature.asc Description: Digital Signature
Bug#843988: stunnel4 segfaults (client mode)
On 2016-11-14 00:17:31 [+0100], gregor herrmann wrote: > Thanks, but nope, still the same: What about this one? Sebastian >From b436cd6527a2a32bd94b67ff10363e45a2f52430 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej SiewiorDate: Mon, 14 Nov 2016 21:03:24 + Subject: [PATCH] take #2 --- src/client.c | 22 +- src/tls.c| 1 + 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/src/client.c b/src/client.c index e2648d26eda3..581ca43a3372 100644 --- a/src/client.c +++ b/src/client.c @@ -131,11 +131,31 @@ void client_main(CLI *c) { c->fds=NULL; str_stats(); /* client thread allocation tracking */ /* c allocation is detached, so it is safe to call str_stats() */ -if(service_options.next) /* no tls_cleanup() in inetd mode */ +if(service_options.next) { /* no tls_cleanup() in inetd mode */ + SSL_SESSION *old_session; + + CRYPTO_THREAD_write_lock(stunnel_locks[LOCK_SESSION]); + old_session = c->opt->session; + c->opt->session = NULL; + CRYPTO_THREAD_write_unlock(stunnel_locks[LOCK_SESSION]); + if (old_session) + SSL_SESSION_free(old_session); /* release the old one */ + tls_cleanup(); + } } } else client_run(c); +{ + SSL_SESSION *old_session; + + CRYPTO_THREAD_write_lock(stunnel_locks[LOCK_SESSION]); + old_session = c->opt->session; + c->opt->session = NULL; + CRYPTO_THREAD_write_unlock(stunnel_locks[LOCK_SESSION]); + if (old_session) + SSL_SESSION_free(old_session); /* release the old one */ +} str_free(c); } diff --git a/src/tls.c b/src/tls.c index 3964f9ce6f2d..8b2b18938d74 100644 --- a/src/tls.c +++ b/src/tls.c @@ -100,6 +100,7 @@ void tls_cleanup() { tls_data=tls_get(); if(!tls_data) return; +OPENSSL_thread_stop(); str_cleanup(tls_data); str_free(tls_data->id); /* detached allocation */ tls_set(NULL); -- 2.10.2
Bug#843988: stunnel4 segfaults (client mode)
On Sun, 13 Nov 2016 23:56:09 +0100, Sebastian Andrzej Siewior wrote: > > The messages in the syslog: > > Nov 11 15:53:55 jadzia stunnel: LOG2[2]: Double free attempt: > > ptr=0x7f6340010430 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 > > free#2=crypto/asn1/asn1_lib.c:323 > … > > Nov 11 15:53:55 jadzia stunnel: LOG2[3]: Double free attempt: > > ptr=0x7f633800ff60 alloc=`..8c.:277 free#1=:200 > > free#2=crypto/asn1/asn1_lib.c:323 > > Nov 11 15:53:55 jadzia stunnel: INTERNAL ERROR: Bad magic at > > crypto/asn1/asn1_lib.c, line 323 > > based on this it seems that stunnel itself tries to free memory > allocated by openssl which it should not do. And this goes on until it > finds that is not a chunk but something completely different and then > goes boom. > Can you try the patch attached on stunnel, recompile it and check if it > still goes boom? Thanks, but nope, still the same: Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c80010430 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000fe30 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c800102a0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000fc40 alloc=crypto/buffer/buffer.c:96 free#1=str.c:200 free#2=crypto/buffer/buffer.c:52 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000f210 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000dc20 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e5f0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e3e0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000f5c0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000efc0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000fbc0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000f4a0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000f730 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000edd0 alloc=crypto/buffer/buffer.c:96 free#1=str.c:200 free#2=crypto/buffer/buffer.c:52 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000ddd0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e060 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e2f0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e580 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000e830 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000eac0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000ed50 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000d9a0 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000d930 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c80008f80 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 free#2=crypto/asn1/asn1_lib.c:323 Nov 14 00:10:03 jadzia stunnel: LOG2[2]: Double free attempt: ptr=0x7f0c8000abc0
Bug#843988: stunnel4 segfaults (client mode)
On 2016-11-11 16:05:05 [+0100], gregor herrmann wrote: > As soon as fetchnews connects, stunnel4 segfaults. I tried your config against a http server and mail server with no luck. > The messages in the syslog: > Nov 11 15:53:55 jadzia stunnel: LOG2[2]: Double free attempt: > ptr=0x7f6340010430 alloc=crypto/asn1/asn1_lib.c:277 free#1=str.c:200 > free#2=crypto/asn1/asn1_lib.c:323 … > Nov 11 15:53:55 jadzia stunnel: LOG2[3]: Double free attempt: > ptr=0x7f633800ff60 alloc=`..8c.:277 free#1=:200 > free#2=crypto/asn1/asn1_lib.c:323 > Nov 11 15:53:55 jadzia stunnel: INTERNAL ERROR: Bad magic at > crypto/asn1/asn1_lib.c, line 323 based on this it seems that stunnel itself tries to free memory allocated by openssl which it should not do. And this goes on until it finds that is not a chunk but something completely different and then goes boom. Can you try the patch attached on stunnel, recompile it and check if it still goes boom? > Cheers, > gregor Sebastian diff --git a/src/tls.c b/src/tls.c index 3964f9ce6f2d..8b2b18938d74 100644 --- a/src/tls.c +++ b/src/tls.c @@ -100,6 +100,7 @@ void tls_cleanup() { tls_data=tls_get(); if(!tls_data) return; +OPENSSL_thread_stop(); str_cleanup(tls_data); str_free(tls_data->id); /* detached allocation */ tls_set(NULL);
Bug#843988: stunnel4 segfaults (client mode)
Package: stunnel4 Version: 3:5.37-1 Severity: grave Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'm using stunnel4 in client mode on my laptop to let leafnode's fetchnews access newsservers over SSL. # egrep -v '^(;|$)' /etc/stunnel/stunnel.leafnode.conf chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 pid = /stunnel4.leafnode.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 debug = warning syslog = yes client = yes [guinan] connect = somehost:563 accept = localhost:563 [colleen] connect = anotherhost:563 accept = localhost:564 And then /etc/news/leafnode/config contains: server = localhost port = 563 server = localhost port = 564 As soon as fetchnews connects, stunnel4 segfaults. Hm, no, according to strace, the first server works, and there's lots of talk to the second, even including a QUIT and a Bye and then it explodes: ... [pid 7488] read(3, "QUIT\r\n", 18432) = 6 [pid 7488] poll([{fd=3, events=POLLIN|0x2000}, {fd=9, events=POLLIN|POLLOUT|0x2000}], 2, 4320) = 2 ([{fd=3, revents=POLLIN|0x2000}, {fd=9, revents=POLLOUT}]) [pid 7488] read(3, "", 18426) = 0 [pid 7488] write(9, "\27\3\3\0\36[s\5^\360\365\365\315H\n\f\261\333\26\211\216\35#37]\245\265\224\26\202\276"..., 35) = 35 [pid 7488] poll([{fd=3, events=0}, {fd=9, events=POLLIN|POLLOUT|0x2000}], 2, 6) = 1 ([{fd=9, revents=POLLOUT}]) [pid 7488] write(9, "\25\3\3\0\32[s\5^\360\365\365\316\353\327\225\312\23\247\362\36s4:\5}\334C6=\t", 31) = 31 [pid 7488] poll([{fd=3, events=0}, {fd=9, events=POLLIN|0x2000}], 2, 6 [pid 4055] <... poll resumed> )= 1 ([{fd=8, revents=POLLIN}]) [pid 4055] accept4(8, {sa_family=AF_INET, sin_port=htons(37104), sin_addr=inet_addr("127.0.0.1")}, [112->16], SOCK_CLOEXEC|SOCK_NONBLOCK) = 10 [pid 4055] mmap(NULL, 40960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f634aae8000 [pid 4055] rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], [], 8) = 0 [pid 4055] clone(strace: Process 7489 attached [pid 7489] set_robust_list(0x7f634ab029e0, 24 [pid 4055] <... clone resumed> child_stack=0x7f634ab01e70, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f634ab029d0, tls=0x7f634ab02700, child_tidptr=0x7f634ab029d0) = 7489 [pid 7489] <... set_robust_list resumed> ) = 0 [pid 4055] rt_sigprocmask(SIG_SETMASK, [], [pid 7489] getpeername(10, [pid 4055] <... rt_sigprocmask resumed> NULL, 8) = 0 [pid 7489] <... getpeername resumed> {sa_family=AF_INET, sin_port=htons(37104), sin_addr=inet_addr("127.0.0.1")}, [112->16]) = 0 [pid 4055] poll([{fd=4, events=POLLIN|0x2000}, {fd=7, events=POLLIN|0x2000}, {fd=8, events=POLLIN|0x2000}], 3, -1 [pid 7489] setsockopt(10, SOL_TCP, TCP_NODELAY, [1], 4) = 0 [pid 7489] socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 11 [pid 7489] connect(11, {sa_family=AF_INET, sin_port=htons(563), sin_addr=inet_addr("82.150.197.101")}, 16) = -1 EINPROGRESS (Operation now in progress) [pid 7489] poll([{fd=11, events=POLLIN|POLLOUT|0x2000}], 1, 1 [pid 7488] <... poll resumed> )= 1 ([{fd=9, revents=POLLIN}]) [pid 7488] read(9, "\27\3\3\0\"", 5) = 5 [pid 7488] read(9, "\337l^\354\21\223\214\360G\213:\207\33I\225S\21}\6\276RE\220\373\325F\335\235\367\355\263\260"..., 34) = 34 [pid 7488] poll([{fd=3, events=POLLOUT}, {fd=9, events=POLLIN|0x2000}], 2, 4320) = 1 ([{fd=3, revents=POLLOUT}]) [pid 7488] write(3, "205 Bye!\r\n", 10) = 10 [pid 7488] poll([{fd=3, events=0}, {fd=9, events=POLLIN|0x2000}], 2, 6) = 1 ([{fd=3, revents=POLLERR|POLLHUP}]) [pid 7488] getsockopt(3, SOL_SOCKET, SO_ERROR, [32], [4]) = 0 [pid 7488] sendto(6, "<27>Nov 11 15:53:55 stunnel: LOG"..., 65, MSG_NOSIGNAL, NULL, 0) = 65 [pid 7488] write(3, "", 0) = -1 EPIPE (Broken pipe) [pid 7488] close(9)= 0 [pid 7488] close(3)= 0 [pid 7488] madvise(0x7f634aa36000, 45056, MADV_DONTNEED) = 0 [pid 7488] exit(0) = ? [pid 7488] +++ exited with 0 +++ [pid 7489] <... poll resumed> )= 1 ([{fd=11, revents=POLLOUT}]) [pid 7489] getsockopt(11, SOL_SOCKET, SO_ERROR, [0], [4]) = 0 [pid 7489] setsockopt(11, SOL_TCP, TCP_NODELAY, [1], 4) = 0 [pid 7489] write(11, "\26\3\1\1{\1\0\1w\3\3\337\3\230\270\233\317*3\241\246\207\377\364,\211\f\213\\\331\350\177"..., 384) = 384 [pid 7489] read(11, 0x7f634000f0c3, 5) = -1 EAGAIN (Resource temporarily unavailable) [pid 7489] poll([{fd=11, events=POLLIN|0x2000}], 1, 30) = 1 ([{fd=11, revents=POLLIN}]) [pid 7489] read(11, "\26\3\3\0=", 5) = 5 [pid 7489] read(11, "\2\0\0009\3\3h\363\27\246\0243\20|5\24M\325\232b\355_\342\266\212A}\243\234\304Pn"..., 61) = 61 [pid 7489] read(11, "\26\3\3\4\21", 5) = 5 [pid 7489] read(11, "\v\0\4\r\0\4\n\0\4\0070\202\4\0030\202\2\353\240\3\2\1\2\2\t\0\207\314\32C@@"..., 1041) = 1041 [pid 7489]