[Pkg-openssl-devel] Bug#482111: Bug#482111: libssl0.9.8: stunnel4 tunnels should be restarted on upgrade

Luis Rodrigo Gallardo Cruz rodrigo at nul-unu.com
Tue May 27 16:15:30 UTC 2008


On Mon, May 26, 2008 at 03:31:07PM +0200, Christoph Martin wrote:
> Hi Luis,
> 
> Luis Rodrigo Gallardo Cruz schrieb:
> > On Wed, May 21, 2008 at 02:09:15PM +0200, Christoph Martin wrote:
> >> Hi Steven,
> >>
> >>> When I last upgraded OpenSSL, my stunnel4 tunnels weren't restarted.
> >> what is the name of the init script stunnel4 is using?
> >> /etc/init.d/stunnel4 ?
> >>
> >> Is "/etc/init.d/stunnel4 restart" the correct method to restart the tunnels?
> > 
> > Yes, that's the correct script and the correct method. Be aware that calling that *will* kill
> > current connections.
> > 
> 
> (Will the connections be reestablished after the restart?

No. Stunnel is just a proxy, and keeps no state beyond current
connections. The client end must restablish them.

> Does this disturb the upgrade process?)

Unknown.
 
> This should be your concern and not ours. If you demand stunnel4 to be
> restarted from openssl scripts, it is your responsibility that this is
> ok for the users of stunnel4.

I demand nothing, I'm not the OP, I'm  only the maintainer chiming in
with more info.

I do agree that this is a concern for my maintainer scripts, but I'm
held back by the fact that my upstream has not yet implemented such
functionality.

> We can't display a warning or give an options other than the current choice.
> Please confirm, that we should include stunnel4 in the restart list.

I think the OP should state their opinion, but given the contraints *my*
opinion is that it shouldn't.



More information about the Pkg-openssl-devel mailing list