From: "Massimo S." Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 1730779 for ecs-isp@2rosenthals.com; Mon, 08 Mar 2021 05:48:11 -0500 Received: from [192.168.200.201] (port=46450 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1lJDQf-0007Ae-00 for ecs-isp@2rosenthals.com; Mon, 08 Mar 2021 05:48:01 -0500 Received: from mail2.quasarbbs.net ([80.86.52.115]:10028) by mail2.2rosenthals.com with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1lJDQU-0005FO-2K for ecs-isp@2rosenthals.com; Mon, 08 Mar 2021 05:47:51 -0500 Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v2.74) for ; 08 Mar 2021 11:47:47 X-CTCH-RefID: str=0001.0A742F29.604600E1.000E,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 X-CTCH-RefID: str=0001.0A742F25.604600D7.000A,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 Reply-To: ml@ecomstation.it Subject: Re: [eCS-ISP] Stunnel 5.58 To: eCS ISP Mailing List References: Organization: eComStation dot it Message-ID: <87ce4d72-0e27-f9e3-5819-769d276a9e33@ecomstation.it> Date: Mon, 8 Mar 2021 11:47:46 +0100 User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424 Thunderbird/1.0.8 Mnenhy/0.7.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: it-IT Content-Transfer-Encoding: 8bit Il 06/03/2021 21:29, Paul Smedley ha scritto: > Hi Max, > > On 6/3/21 10:36 pm, Massimo S. wrote: >> >> >> Il 05/03/2021 21:33, Paul Smedley ha scritto: >>> Hi Max, >>> >>> On 1/3/21 8:41 pm, Massimo S. wrote: >>>> >>>> >>>> Il 01/03/2021 11:06, Massimo S. ha scritto: >>>>> >>>>> >>>>> Il 27/02/2021 22:29, Paul Smedley ha scritto: >>>>>> Hi All, >>>>>> >>>>>> On 28/2/21 5:47 am, Massimo S. wrote: >>>>>>> >>>>>>> >>>>>>> Il 27/02/2021 09:52, Paul Smedley ha scritto: >>>>>>>> Hey Steven, >>>>>>>> >>>>>>>> On 27/2/21 7:03 pm, Steven Levine wrote: >>>>>>>>> In , on 02/27/21 >>>>>>>>>     at 06:16 PM, "Paul Smedley" said: >>>>>>>>> >>>>>>>>> Hi Paul, >>>>>>>>> >>>>>>>>>> Not tested - but I'd expect it to work... >>>>>>>>> >>>>>>>>>> https://smedley.id.au/tmp/stunnel-5.56-os2-20210227.zip >>>>>>>>> >>>>>>>>> I will install it here soon-ish.  Does it include debug data? Since >>>>>>>>> Massimo fixed his mantis mail issues, I expect to resume working on >>>>>>>>> Massimo's ticket # 709 once I finish up some other work in progress. >>>>>>>> It doesn't - but I can rebuild in the morning. >>>>>>>> >>>>>>>>> I don't know if I mentioned it, but I suspect the 100% is some sort of >>>>>>>>> fast select retry loop.  I should be able to confirm with with the >>>>>>>>> debugger. >>>>>>>> >>>>>>>> That wouldn't surprise me - our select() is pretty buggy. >>>>>>>> >>>>>>>> Cheers, >>>>>>>> >>>>>>>> Paul >>>>>>> >>>>>>> hi all, >>>>>>> >>>>>>> thanks a lot will wait debug build >>>>>>> >>>>>>> i add in the last days stunnel on the 2nd server (1core VM) gave a lot of >>>>>>> 100% cpu, i had to put an hour close & restart >>>>>>> >>>>>>> on the other server i don't see much issues (about cpu load) since it's 4core >>>>>> >>>>>> https://smedley.id.au/tmp/stunnel-5.58-os2-20210228-debug.zip >>>>>> >>>>>> Cheers, >>>>>> >>>>>> Paul >>>>> >>>>> hi all, >>>>> >>>>> upgraded server 2 to this build >>>>> thanks >>>>> >>>>> massimo >>>> >>>> hi, >>>> >>>> gone back to 5.56 debug since this one crash on startup: >>>> >>>> INTERNAL ERROR: TLS initialization failed at stunnel.c, line 124 >>>> Killed by SIGABRT >>>> >>>> pid=0x69aa ppid=0x696f tid=0x0001 slot=0x005e pri=0x0200 mc=0x0001 ps=0x0010 >>>> >>>> \STUNNEL.EXE >>>> Process dumping was disabled, use DUMPPROC / PROCDUMP to enable it. >>> >>> I am NOT seeing this here.  I just tested the build and it's working fine in my environment. Please post >>> the full output of trying to run stunnel, not just the one line with the internal error. There may be >>> useful additional context around that error. >>> >>> Cheers, >>> >>> Paul >> >> Hi, >> >> what you mean about full output? >> i've no exceptQ dump, nor entry in popuplog.os2 > > Contrast Steven's error message: > > Starting Stunnel daemon from > D:\SLAInc\stunnel\stunnel-to-steven-dnacih-com\etc stunnel > stunnel_to_steven.conf > [ ] Initializing inetd mode configuration > [ ] Clients allowed=4882 > [.] stunnel 5.58 on i386-pc-os2-emx built by Paul Smedley on Feb 28 2021 > [.] Compiled/running with OpenSSL 1.1.1j  16 Feb 2021 > [.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI [ ] errno: > (* _errno()) > [ ] Initializing inetd mode configuration > [.] Reading configuration from file > D:/SLAInc/stunnel/stunnel-to-steven-dnacih-com/etc/stunnel_to_steven.conf > [.] UTF-8 byte order mark not detected > [.] FIPS mode disabled > [ ] Compression disabled > [ ] No PRNG seeding was required > [ ] Initializing service [vnc] > [ ] stunnel default security level set: 2 > [ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK > [ ] TLSv1.3 ciphersuites: > TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 > [ ] TLS options: 0x02100004 (+0x00000000, -0x00000000) > [ ] Loading certificate from file: ssl/private/slainc.crt > [!] SSL_CTX_use_certificate_chain_file: ssl/ssl_rsa.c:301: > error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small [!] > Service [vnc]: Failed to initialize TLS context > [!] Configuration failed > [ ] Deallocating temporary section defaults > [ ] Deallocating section [vnc] > > With yours: > INTERNAL ERROR: TLS initialization failed at stunnel.c, line 124 > > I suspect there was more than a single line of output when you ran stunnel, which would provide useful context > as to why TLS could not be initialised. > > Cheers, > > Paul as i've put in the original email the complete output is this: INTERNAL ERROR: TLS initialization failed at stunnel.c, line 124 Killed by SIGABRT pid=0x69aa ppid=0x696f tid=0x0001 slot=0x005e pri=0x0200 mc=0x0001 ps=0x0010 \STUNNEL.EXE Process dumping was disabled, use DUMPPROC / PROCDUMP to enable it. massimo