Hello all, I installed stunnel and freetds last August. I use a custom stunnel config file (see below). It runs very well for about 5 minutes, but then receives signal 15 from somewhere and terminates.
The box OS is CentOS release 6.5 (Final) and CPanel is running on it (I believe CPanel uses its own stunnel for its ssl). Below I have the info for the stunnel software that I installed. Do you have any idea what process could be sending this termination signal to my stunnel, or if something else is happening? Thanks in advance for your help -- Jenna stunnel info: ============================================= stunnel 4.56 on x86_64-unknown-linux-gnu platform Compiled/running with OpenSSL 1.0.0-fips 29 Mar 2010 Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP Global options: debug = daemon.notice pid = /usr/local/var/run/stunnel/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes Service-level options: ciphers = FIPS (with "fips = yes") ciphers = ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH (with "fips = no") sessionCacheSize = 1000 sessionCacheTimeout = 300 seconds sslVersion = TLSv1 (with "fips = yes") sslVersion = TLSv1 for client, all for server (with "fips = no") stack = 65536 bytes TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds verify = none Config file: ============================================= cert = /usr/local/etc/stunnel/certs/server.crt key = /usr/local/etc/stunnel/certs/server.key CAFile = /usr/local/etc/stunnel/certs/ca.crt CAPath = /usr/local/etc/stunnel/certs pid = /usr/local/etc/stunnel/stunnel.pid options = NO_SSLv2 debug = 7 output = /usr/local/etc/stunnel/stunnel.log foreground = no socket = r:TCP_NODELAY=1 [njstunnel] accept = njstunnel connect = web.mycompanyname.net:61667 retry = yes client = yes TIMEOUTconnect = 1 verify = 2 TIMEOUTbusy =1 TIMEOUTidle = 500 Here is the output from start up to receiving the signal 15: ============================================= 2014.08.13 15:47:01 LOG5[25039:140284139354048]: stunnel 4.29 on x86_64-redhat-linux-gnu with OpenSSL 1.0.0-fips 29 Mar 2010 2014.08.13 15:47:01 LOG5[25039:140284139354048]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP 2014.08.13 15:47:01 LOG5[25039:140284139354048]: 500 clients allowed 2014.08.13 15:50:03 LOG5[25045:140284139354048]: Received signal 15; terminating 2014.08.13 15:51:02 LOG5[25347:140674811922368]: stunnel 4.29 on x86_64-redhat-linux-gnu with OpenSSL 1.0.0-fips 29 Mar 2010 2014.08.13 15:51:02 LOG5[25347:140674811922368]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP 2014.08.13 15:51:02 LOG5[25347:140674811922368]: 500 clients allowed 2014.08.13 15:51:44 LOG5[25355:140674811922368]: Received signal 15; terminating 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Snagged 64 random bytes from /dev/urandom 2014.08.13 15:51:46 LOG7[25419:140090284656576]: RAND_status claims sufficient entropy for the PRNG 2014.08.13 15:51:46 LOG7[25419:140090284656576]: PRNG seeded successfully 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Configuration SSL options: 0x01000000 2014.08.13 15:51:46 LOG7[25419:140090284656576]: SSL options set: 0x01000004 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Certificate: /usr/local/etc/stunnel/certs/server.crt 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Certificate loaded 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Key file: /usr/local/etc/stunnel/certs/server.key 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Private key loaded 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Loaded verify certificates from /usr/local/etc/stunnel/certs/ca.crt 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Loaded /usr/local/etc/stunnel/certs/ca.crt revocation lookup file 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Verify directory set to /usr/local/etc/stunnel/certs 2014.08.13 15:51:46 LOG7[25419:140090284656576]: Added /usr/local/etc/stunnel/certs revocation lookup directory 2014.08.13 15:51:46 LOG7[25419:140090284656576]: SSL context initialized for service njstunnel 2014.08.13 15:51:46 LOG5[25419:140090284656576]: stunnel 4.29 on x86_64-redhat-linux-gnu with OpenSSL 1.0.0-fips 29 Mar 2010 2014.08.13 15:51:46 LOG5[25419:140090284656576]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP 2014.08.13 15:51:46 LOG6[25419:140090284656576]: file ulimit = 4096 (can be changed with 'ulimit -n') 2014.08.13 15:51:46 LOG6[25419:140090284656576]: poll() used - no FD_SETSIZE limit for file descriptors 2014.08.13 15:51:46 LOG5[25419:140090284656576]: 2000 clients allowed 2014.08.13 15:51:46 LOG7[25419:140090284656576]: FD 10 in non-blocking mode 2014.08.13 15:51:46 LOG7[25419:140090284656576]: FD 11 in non-blocking mode 2014.08.13 15:51:46 LOG7[25419:140090284656576]: FD 12 in non-blocking mode 2014.08.13 15:51:46 LOG7[25419:140090284656576]: SO_REUSEADDR option set on accept socket 2014.08.13 15:51:46 LOG7[25419:140090284656576]: njstunnel bound to 0.0.0.0:19770 2014.08.13 15:51:46 LOG7[25425:140090284656576]: Created pid file /usr/local/etc/stunnel/stunnel.pid 2014.08.13 15:55:03 LOG5[25425:140090284656576]: Received signal 15; terminating 2014.08.13 15:55:03 LOG7[25425:140090284656576]: removing pid file /usr/local/etc/stunnel/stunnel.pid
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
