package stunnel4 severity 787062 serious merge 787062 771241 thanks On Thu, May 28, 2015 at 10:45:52AM +0200, Enrico Zini wrote: > Package: stunnel4 > Version: 3:5.06-2 > Severity: normal > > Hello, > > I have been running stunnel4 as a nc/socat replacement that can do SNI. > However, since migrating to jessie, the setup fails... [snip] > The bug seems likely to be here: > https://github.com/copiousfreetime/stunnel/blob/master/src/client.c#L512 > > I guess s_poll_wait returns to notify of EOF on the input, but since in > that case none of the sockets can read or write, it errors out. > > I deployed the sleep workaround in production, but it's slow and racey. > There are unfortunately a surprisingly small amount of tools that can do > this job and support SNI :(
Right, I think that this is indeed a known problem and it is fixed in later versions of stunnel. Could you try the patch in #771421 and see if it works for you? In fact, I am preparing an update to a (much) more recent upstream version; it should be ready for review by my co-maintainer and sponsor, László Böszörményi, within a day or two. Thanks for your interest in stunnel, and sorry for not fixing this in time for jessie! G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p.penc...@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: Digital signature
