Mailing List Archived Message #172

From: "Paul Smedley" <> Full Headers
Undecoded message
Subject: Re: [eCS-ISP] Stunnel 5.58
Date: Sun, 7 Mar 2021 06:59:42 +1030
To: eCS ISP Mailing List <>

Hi Max,

On 6/3/21 10:36 pm, Massimo S. wrote:

Il 05/03/2021 21:33, Paul Smedley ha scritto:
Hi Max,

On 1/3/21 8:41 pm, Massimo S. wrote:

Il 01/03/2021 11:06, Massimo S. ha scritto:

Il 27/02/2021 22:29, Paul Smedley ha scritto:
Hi All,

On 28/2/21 5:47 am, Massimo S. wrote:

Il 27/02/2021 09:52, Paul Smedley ha scritto:
Hey Steven,

On 27/2/21 7:03 pm, Steven Levine wrote:
In <>, on 02/27/21
    at 06:16 PM, "Paul Smedley" <> said:

Hi Paul,

Not tested - but I'd expect it to work...

I will install it here soon-ish.  Does it include debug data?  Since
Massimo fixed his mantis mail issues, I expect to resume working on
Massimo's ticket # 709 once I finish up some other work in progress.
It doesn't - but I can rebuild in the morning.

I don't know if I mentioned it, but I suspect the 100% is some sort of
fast select retry loop.  I should be able to confirm with with the

That wouldn't surprise me - our select() is pretty buggy.



hi all,

thanks a lot will wait debug build

i add in the last days stunnel on the 2nd server (1core VM) gave a lot of
100% cpu, i had to put an hour close & restart

on the other server i don't see much issues (about cpu load) since it's 4core



hi all,

upgraded server 2 to this build



gone back to 5.56 debug since this one crash on startup:

INTERNAL ERROR: TLS initialization failed at stunnel.c, line 124
                                                                                             Killed by SIGABRT

pid=0x69aa ppid=0x696f tid=0x0001 slot=0x005e pri=0x0200 mc=0x0001 ps=0x0010

Process dumping was disabled, use DUMPPROC / PROCDUMP to enable it.

I am NOT seeing this here.  I just tested the build and it's working fine in my environment. Please post the full output of trying to run stunnel, not just the one line with the internal error. There may be useful additional context around that error.




what you mean about full output?
i've no exceptQ dump, nor entry in popuplog.os2

Contrast Steven's error message:

Starting Stunnel daemon from
D:\SLAInc\stunnel\stunnel-to-steven-dnacih-com\etc stunnel
[ ] Initializing inetd mode configuration
[ ] Clients allowed=4882
[.] stunnel 5.58 on i386-pc-os2-emx built by Paul Smedley on Feb 28 2021
[.] Compiled/running with OpenSSL 1.1.1j  16 Feb 2021
[.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI [ ] errno:
(* _errno())
[ ] Initializing inetd mode configuration
[.] Reading configuration from file
[.] UTF-8 byte order mark not detected
[.] FIPS mode disabled
[ ] Compression disabled
[ ] No PRNG seeding was required
[ ] Initializing service [vnc]
[ ] stunnel default security level set: 2
[ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
[ ] TLSv1.3 ciphersuites:
[ ] TLS options: 0x02100004 (+0x00000000, -0x00000000)
[ ] Loading certificate from file: ssl/private/slainc.crt
[!] SSL_CTX_use_certificate_chain_file: ssl/ssl_rsa.c:301:
error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small [!]
Service [vnc]: Failed to initialize TLS context
[!] Configuration failed
[ ] Deallocating temporary section defaults
[ ] Deallocating section [vnc]

With yours:
INTERNAL ERROR: TLS initialization failed at stunnel.c, line 124

I suspect there was more than a single line of output when you ran stunnel, which would provide useful context as to why TLS could not be initialised.



Subscribe: Feed, Digest, Index.
Mail to ListMaster