stunnel broken, realpath problem

Jeffrey Walton noloader at gmail.com
Mon Jun 21 03:36:08 CEST 2021


On Sun, Jun 20, 2021 at 9:30 PM Jeffrey Walton <noloader at gmail.com> wrote:
>
> On Sun, Jun 20, 2021 at 5:10 PM Norman Wilson via users
> <users at lists.opencsw.org> wrote:
> >
> >
> > The Solaris 10 i386 stunnel package in unstable,
> > CSWstunnel 5.50,REV=2018.12.03, doesn't work.  It cannot
> > read any configuration file, always reporting
> >
> > [!] Invalid configuration file name "/etc/opt/csw/stunnel/stunnel.conf"
> > [!] realpath: Invalid argument (22)
> >
> > to standard error on startup (with whatever filename you specify,
> > of course).
> >
> > I suspect the SPARC version is affected the same way, but I can't
> > easily test that at the moment.
> >
> > The trouble is with realpath(3c).  Modern versions (including in
> > Solaris 11, I think) allow calls like s = realpath(p, NULL) to
> > mean realpath should malloc a buffer for the result; Solaris 10
> > realpath fails with EINVAL instead.  stunnel calls realpath with
> > second argument NULL, and doesn't expect the error.
> >
> > A simple workaround is to apply a manual hack while building:
> >
> > ./configure
> > ed src/config.h <<!
> > /HAVE_REALPATH/d
> > w
> > q
> > !
> >
> > i.e. remove the symbol configure made to assert that stunnel
> > may use realpath.
> >
> > I fetched stunnel 5.59 (the latest version) directly from
> > www.stunnel.org, built it with that hack interposed, and all
> > is well.
> >
> > There are probably more-graceful ways to fix this (maybe there's
> > an argument to ./configure to tell it to do that? maybe a simple
> > patch to configure.ac?).  Or maybe it's just not worth fixing,
> > since the bug has probably been there quite a while, and it
> > only affects Solaris 10.  I'm working to move to a newer OS
> > version myself, so it won't hurt my feelings if you decide to
> > let sleeping stunnels lie.  But here it is if it's worth doing.
>
> Re: configure and confgiure.ac, you can disable the realpath function
> at configure time with:
>
>     ./configure \
>         <your standard options> \
>         ac_cv_realpath=no
>
> You have to use that trick on occasion, like when configuring cURL.
> cURL enables SSLv2 and SSLv3 by default and without a --disable-*
> option. For curl, they look like ac_cv_func_SSLv2_client_method=no and
> ac_cv_func_SSLv3_client_method=no.

My bad. That should be ac_cv_func_realpath=no. Also see
https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Generic-Functions.html.

Jeff


More information about the users mailing list