Hi Mike, Tried 5.41b3 and it's no longer segfaulting. I'll keep an eye out for 5.41 stable. Here's the debug log if it should help Peter with his workaround:
Thanks! Andrew 2017.02.23 17:28:47 LOG7[ui]: Service [uwo2local] accepted (FD=3) from 129.100.6.17:61027 2017.02.23 17:28:47 LOG7[2]: Service [uwo2local] started 2017.02.23 17:28:47 LOG7[2]: Option TCP_NODELAY set on local socket 2017.02.23 17:28:47 LOG5[2]: Service [uwo2local] accepted connection from 129.100.6.17:61027 2017.02.23 17:28:47 LOG6[2]: failover: round-robin, starting at entry #0 2017.02.23 17:28:47 LOG6[2]: s_connect: connecting ::1:20587 2017.02.23 17:28:47 LOG7[2]: s_connect: s_poll_wait ::1:20587: waiting 10 seconds 2017.02.23 17:28:47 LOG3[2]: s_connect: connect ::1:20587: Connection refused (111) 2017.02.23 17:28:47 LOG6[2]: s_connect: connecting 127.0.0.1:20587 2017.02.23 17:28:47 LOG7[2]: s_connect: s_poll_wait 127.0.0.1:20587: waiting 10 seconds 2017.02.23 17:28:47 LOG5[2]: s_connect: connected 127.0.0.1:20587 2017.02.23 17:28:47 LOG5[2]: Service [uwo2local] connected remote server from 127.0.0.1:33552 2017.02.23 17:28:47 LOG7[2]: Option TCP_NODELAY set on remote socket 2017.02.23 17:28:47 LOG7[2]: Remote descriptor (FD=9) initialized 2017.02.23 17:28:47 LOG7[ui]: Found 1 ready file descriptor(s) 2017.02.23 17:28:47 LOG7[ui]: FD=4 events=0x2001 revents=0x0 2017.02.23 17:28:47 LOG7[ui]: FD=7 events=0x2001 revents=0x0 2017.02.23 17:28:47 LOG7[ui]: FD=8 events=0x2001 revents=0x1 2017.02.23 17:28:47 LOG7[ui]: Service [local2o365] accepted (FD=10) from 127.0.0.1:33552 2017.02.23 17:28:47 LOG7[3]: Service [local2o365] started 2017.02.23 17:28:47 LOG7[3]: Option TCP_NODELAY set on local socket 2017.02.23 17:28:47 LOG5[3]: Service [local2o365] accepted connection from 127.0.0.1:33552 2017.02.23 17:28:47 LOG6[3]: failover: round-robin, starting at entry #9 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:902:2c::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:902:2c::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:101:4b::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:101:4b::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:3e::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:3e::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:ca::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:ca::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:902:a2::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:902:a2::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:404:68::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:404:68::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:102:67::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:102:67::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:404:2a::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:404:2a::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 2603:1036:3:16::2:587 2017.02.23 17:28:47 LOG3[3]: s_connect: connect 2603:1036:3:16::2:587: Network is unreachable (101) 2017.02.23 17:28:47 LOG6[3]: s_connect: connecting 40.97.112.66:587 2017.02.23 17:28:47 LOG7[3]: s_connect: s_poll_wait 40.97.112.66:587: waiting 10 seconds 2017.02.23 17:28:47 LOG5[3]: s_connect: connected 40.97.112.66:587 2017.02.23 17:28:47 LOG5[3]: Service [local2o365] connected remote server from 172.18.58.248:46284 2017.02.23 17:28:47 LOG7[3]: Option TCP_NODELAY set on remote socket 2017.02.23 17:28:47 LOG7[3]: Remote descriptor (FD=11) initialized 2017.02.23 17:28:47 LOG7[3]: <- 220 DM5PR07CA0043.outlook.office365.com Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000 2017.02.23 17:28:47 LOG7[3]: -> 220 DM5PR07CA0043.outlook.office365.com Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000 2017.02.23 17:28:47 LOG7[3]: -> EHLO localhost 2017.02.23 17:28:47 LOG7[3]: <- 250-DM5PR07CA0043.outlook.office365.com Hello [129.100.1.192] 2017.02.23 17:28:47 LOG7[3]: <- 250-SIZE 157286400 2017.02.23 17:28:47 LOG7[3]: <- 250-PIPELINING 2017.02.23 17:28:47 LOG7[3]: <- 250-DSN 2017.02.23 17:28:47 LOG7[3]: <- 250-ENHANCEDSTATUSCODES 2017.02.23 17:28:47 LOG7[3]: <- 250-STARTTLS 2017.02.23 17:28:47 LOG7[3]: <- 250-8BITMIME 2017.02.23 17:28:47 LOG7[3]: <- 250-BINARYMIME 2017.02.23 17:28:47 LOG7[3]: <- 250-CHUNKING 2017.02.23 17:28:47 LOG7[3]: <- 250 SMTPUTF8 2017.02.23 17:28:47 LOG7[3]: -> STARTTLS 2017.02.23 17:28:47 LOG7[3]: <- 220 2.0.0 SMTP server ready 2017.02.23 17:28:47 LOG6[3]: SNI: sending servername: smtp.office365.com 2017.02.23 17:28:47 LOG6[3]: Peer certificate required 2017.02.23 17:28:47 LOG7[3]: TLS state (connect): before SSL initialization 2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS write client hello 2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS write client hello 2017.02.23 17:28:47 LOG7[3]: TLS state (connect): SSLv3/TLS read server hello 2017.02.23 17:28:47 LOG7[3]: Verification started at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2017.02.23 17:28:47 LOG4[3]: CERT: Pre-verification error: unable to get local issuer certificate 2017.02.23 17:28:47 LOG4[3]: Rejected by CERT at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2017.02.23 17:28:47 LOG7[3]: Remove session callback 2017.02.23 17:28:47 LOG7[3]: TLS alert (write): fatal: unknown CA 2017.02.23 17:28:47 LOG3[3]: SSL_connect: 1416F086: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed 2017.02.23 17:28:47 LOG5[3]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2017.02.23 17:28:47 LOG7[3]: Deallocating application specific data for addr index 2017.02.23 17:28:47 LOG7[3]: Remote descriptor (FD=11) closed 2017.02.23 17:28:47 LOG7[3]: Local descriptor (FD=10) closed 2017.02.23 17:28:47 LOG7[3]: Service [local2o365] finished (1 left) 2017.02.23 17:28:47 LOG7[2]: RFC 2487 detected 2017.02.23 17:28:47 LOG7[2]: <- 220 DM5PR07CA0043.outlook.office365.com Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000 2017.02.23 17:28:47 LOG7[2]: -> 220 DM5PR07CA0043.outlook.office365.com stunnel for Microsoft ESMTP MAIL Service ready at Thu, 23 Feb 2017 22:28:47 +0000 2017.02.23 17:28:53 LOG7[ui]: Found 1 ready file descriptor(s) 2017.02.23 17:28:53 LOG7[ui]: FD=4 events=0x2001 revents=0x0 2017.02.23 17:28:53 LOG7[ui]: FD=7 events=0x2001 revents=0x1 2017.02.23 17:28:53 LOG7[ui]: FD=8 events=0x2001 revents=0x0 2017.02.23 17:28:53 LOG7[ui]: Service [uwo2local] accepted (FD=10) from 172.18.58.5:25268 2017.02.23 17:28:53 LOG7[4]: Service [uwo2local] started 2017.02.23 17:28:53 LOG7[4]: Option TCP_NODELAY set on local socket 2017.02.23 17:28:53 LOG5[4]: Service [uwo2local] accepted connection from 172.18.58.5:25268 2017.02.23 17:28:53 LOG6[4]: failover: round-robin, starting at entry #1 2017.02.23 17:28:53 LOG6[4]: s_connect: connecting 127.0.0.1:20587 2017.02.23 17:28:53 LOG7[4]: s_connect: s_poll_wait 127.0.0.1:20587: waiting 10 seconds 2017.02.23 17:28:53 LOG5[4]: s_connect: connected 127.0.0.1:20587 2017.02.23 17:28:53 LOG5[4]: Service [uwo2local] connected remote server from 127.0.0.1:33556 2017.02.23 17:28:53 LOG7[4]: Option TCP_NODELAY set on remote socket 2017.02.23 17:28:53 LOG7[4]: Remote descriptor (FD=11) initialized 2017.02.23 17:28:53 LOG7[4]: RFC 2487 not detected 2017.02.23 17:28:53 LOG6[4]: Peer certificate not required 2017.02.23 17:28:53 LOG7[4]: TLS state (accept): before SSL initialization 2017.02.23 17:28:53 LOG3[4]: SSL_accept: Peer suddenly disconnected 2017.02.23 17:28:53 LOG5[4]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2017.02.23 17:28:53 LOG7[4]: Remote descriptor (FD=11) closed 2017.02.23 17:28:53 LOG7[4]: Local descriptor (FD=10) closed 2017.02.23 17:28:53 LOG7[4]: Service [uwo2local] finished (1 left) 2017.02.23 17:28:53 LOG7[ui]: Found 1 ready file descriptor(s) 2017.02.23 17:28:53 LOG7[ui]: FD=4 events=0x2001 revents=0x0 2017.02.23 17:28:53 LOG7[ui]: FD=7 events=0x2001 revents=0x0 2017.02.23 17:28:53 LOG7[ui]: FD=8 events=0x2001 revents=0x1 *Andrew Culver* System Administrator Information Technology Services <https://www.uwo.ca/its> University of Western Ontario <https://www.uwo.ca> e: [email protected] p: 519-661-2111 x80265 <15196612111,80265> cal: html <http://goo.gl/wVoDlo> | ics <http://goo.gl/ncUjV0> On Thu, Feb 23, 2017 at 4:54 PM, Michał Trojnara < [email protected]> wrote: > On 23.02.2017 17:41, Andrew Culver wrote: > > I'm running stunnel 5.40 and I'm having the same problem on 2 different > > servers running openssl 1.1.0d and 1.1.0e. > > Apparently, sessions are no longer expected to be explicitly released > with OpenSSL 1.1.x. Peter Pentchev is currently investigating this > issue. In the meantime, please try the following workaround: > https://www.stunnel.org/downloads/beta/stunnel-5.41b3.tar.gz > > Best regards, > Mike > >
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
