[Oh wise list folks... I haven't seen any responses to this. Does
anybody have any experience either with using stunnel on Fedora 7,
or with the particular error? I cannot find any other hints or
reasons as to why the resolution is failing... Andy]
----original message------
I can't get stunnel to run on a freshly-installed Fedora 7 system.
It fails with "Error resolving '0.0.0.0': servname is not supported for
ai_socktype" but the usual other causes of that error (ie. ports not
defined in /etc/services, bad settings in /etc/nsswitch.conf) are not
the culprit this time.
COMMAND LINE:
/usr/sbin/stunnel /home/amdunn/security/stunnel.conf
COMMAND OUTPUT:
2007.08.29 11:44:12 LOG3[13614:3086243520]: Error resolving '0.0.0.0':
servname is not supported for ai_socktype (EAI_SERVICE)
file /home/amdunn/security/stunnel.conf line 10: Failed to resolve
accepting address
STUNNEL.CONF FILE:
;
; stunnel file for testing 443 access to local http server
;
cert=/home/amdunn/security/xxxxxxx
key=/home/amdunn/security/yyyyyyy
foreground=yes
;
;
[sweb]
accept=443 ; https port
connect=80 ; standard httpd listening port
TIMEOUTclose=0 ; must set this or IE waits 60sec on page end
client=no
STUNNEL -VERSION OUTPUT:
stunnel 4.20 on i686-redhat-linux-gnu with OpenSSL 0.9.8b 04 May 2006
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
Global options
debug = 5
pid = /var/run/stunnel.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options
cert = /etc/stunnel/stunnel.pem
ciphers = ALL:!ADH:+RC4:@STRENGTH
key = /etc/stunnel/stunnel.pem
session = 300 seconds
sslVersion = SSLv3 for client, all for server
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none