Hello,
I would like to report two bugs. I recently upgraded to stunnel 5.50 on FreeBSD
12.0 and noticed that the stunnel server service now crashes periodically. When
checking the logs after a crash, I see the following error:
INTERNAL ERROR: Dead canary at /usr/src/crypto/openssl/ssl/statem/extensions_sr
The stunnel server service only ever talks to a stunnel client service, also
running version 5.50 on FreeBSD 12.0. The server configuration is as follows.
Anything in {} brackets has been redacted. I have seen this issue on multiple
servers configured the same way.
<config>
client = no
setuid = stunnel
setgid = stunnel
pid = {/path/to/file}
output = {/path/to/file}
debug = 4
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
[server]
accept = {ip}:{port}
connect = {ip}:{port}
ciphers = PSK
PSKsecrets = {/path/to/file}
</config>
Additionally, I have noticed another error in the logs. Although it appears far
more frequently than the error above, it does not seem to cause the server
service to crash.
INTERNAL ERROR: Double free attempt: ptr=0x802119050
alloc=/usr/src/crypto/openssl/crypto/stack/stack.c:198
free#1=/usr/src/crypto/openssl/crypto/stack/stack.c:376
free#2=/usr/src/crypto/openssl/ssl/ssl_sess.c:814
Please let me know if additional information is needed to fix these bugs.
Thank you.
_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
