Closed slingamn closed 4 years ago
I put this up on port 6698.
I was feeling conflicted about this, but then stunnel crashed, briefly disconnecting everyone:
Jan 17 05:43:10 vps202336 stunnel[848]: LOG2[6216]: Double free attempt: ptr=0x55bbdfb67d40 alloc=../crypto/bn/bn_mont.c:232 free#1=../crypto/bn/bn_mont.c:260 free#2=ssl.c:117
Jan 17 05:43:10 vps202336 stunnel4[848]: 2020.01.17 05:43:10 LOG2[6216]: Double free attempt: ptr=0x55bbdfb67d40 alloc=../crypto/bn/bn_mont.c:232 free#1=../crypto/bn/bn_mont.c:260 free#2=ssl.c:117
Jan 17 05:43:10 vps202336 stunnel4[848]: INTERNAL ERROR: Bad magic at ssl.c, line 117
Jan 17 05:43:10 vps202336 stunnel[848]: INTERNAL ERROR: Bad magic at ssl.c, line 117
This was completed in 3f4510e8280286560b9ab77e2487e7017e4c68bb
As per https://github.com/oragono/oragono/issues/651, it is possible to use nginx instead of stunnel as the TLS terminator. This would eliminate a moving part. The major downside is that IIRC Ubuntu will restart nginx on package updates, kicking everyone off the server without warning.