Tuesday, January 29, 2008

Random SSL problem of the day

So I get the following trying to connect to a sendmail SMTPS port:

2008.01.29 19:41:14 LOG5[8849:3083409072]: stunnel 4.21 on i486-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
2008.01.29 19:41:14 LOG5[8849:3083409072]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.01.29 19:41:14 LOG5[8849:3083409072]: stunnel connected remote server from 10.1.0.2:50824
2008.01.29 19:41:15 LOG3[8849:3083409072]: SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2008.01.29 19:41:15 LOG5[8849:3083409072]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket

The answer was check to see that the other end really is running SSL. In my case it wasn't. It was amazing how many people were searching the Internet and only after not seeing anything I tried the port... *sigh*

1 comment:

just jon said...

The other problem is using the threaded version of stunnel.. Not quite as stable (er, thread-safe, that is) as they would like you to think.

I can handle 1000 simultaneous connections with forking stunnel, but with only a few simultaneous connections on a threaded version you get lots of bizarre errors.

jon