我已经使用这些选项在 hpux 上编译了一个 stunnel 构建
./configure \
--prefix=/opt/stunnel \
--sbindir=/opt/stunnel/sbin \
--mandir=/opt/stunnel/man \
--docdir=/opt/stunnel/doc \
--localstatedir=/var/opt/stunnel \
--with-ssl=/usr/local \
--disable-libwrap
构建成功,但 stunnel 无法启动
/opt/stunnel/bin/stunnel /etc/opt/stunnel/stunnel.conf
[ ] Clients allowed=1000
[.] stunnel 5.50 on ia64-hp-hpux11.31 platform
[.] Compiled with OpenSSL 1.0.2q 20 Nov 2018
[.] Running with OpenSSL 1.0.2k 26 Jan 2017
[.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
[ ] errno: (*__errno())
[!] Invalid configuration file name "/etc/opt/stunnel/stunnel.conf"
[!] realpath: Invalid argument (22)
[ ] Deallocating section defaults
配置文件是正确的,因为在相同版本的linux和solaris上可以正常工作。我看到这两行:
[.] Compiled with OpenSSL 1.0.2q 20 Nov 2018
[.] Running with OpenSSL 1.0.2k 26 Jan 2017
我有两个版本的 openssl,当然不可能同时删除两个版本或只删除一次,因为会破坏很多 deps。我也尝试过换行
--with-ssl=/usr/local \
和
--with-ssl=/opt/openssl\
并且......不起作用。同样的错误
/opt/stunnel/bin/stunnel /etc/opt/stunnel/stunnel.conf
[ ] Clients allowed=1000
[.] stunnel 5.50 on ia64-hp-hpux11.31 platform
[.] Compiled/running with OpenSSL 1.0.2k 26 Jan 2017
[.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
[ ] errno: (*__errno())
[!] Invalid configuration file name "/etc/opt/stunnel/stunnel.conf"
[!] realpath: Invalid argument (22)
[ ] Deallocating section defaults
这是文件conf。
#server
chroot = /var/opt/stunnel
setuid = stunnel
setgid = stunnel
pid = /stunnel.pid
debug = 1
foreground = no
cert = /etc/ssl/certs/stunnel.pem
key = /etc/ssl/private/stunnel.pem
options = NO_SSLv2
options = NO_SSLv3
sslVersion = TLSv1.2
[TELNET]
accept=0.0.0.0:5853
connect=localhost:23
根据 HP-UX 11.31 手册页,调用中的
Invalid argument错误 (EINVAL)realpath(3X)表示指向要解析的路径名或已解析名称的缓冲区的指针为 NULL。这可能是检查配置文件名有效性的代码部分中的某种指针处理错误。这也可以解释前面的
Invalid configuration file name错误消息。