stunnel-users November 2009

stunnel-users@stunnel.org

14 participants
17 discussions

Stunnel 4 failing to connect to gmail
by Asif Iqbal 11 Dec '20

11 Dec '20

I am faling to connect to gmail. Not sure what that bind error means. iqbala@ghar:~$ sudo stunnel4 2008.12.15 13:53:17 LOG7[3839:3083650736]: Snagged 64 random bytes from /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: Wrote 1024 new random bytes to /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: RAND_status claims sufficient entropy for the PRNG 2008.12.15 13:53:17 LOG7[3839:3083650736]: PRNG seeded successfully 2008.12.15 13:53:17 LOG7[3839:3083650736]: Certificate: … [View More]

5 9

Re: [stunnel-users] Stunnel on the same machine
by subrata＠indiatimes.com 01 Aug '11

01 Aug '11

The configuration files are : pid = /var/stunnel.pid ;chroot = /var/lib/stunnel setuid = nobody setgid = nobody foreground =yes ; Use it for client mode client = yes ; Service-level configuration [pop3s] accept = 995 connect = 110 [imaps] accept = 993 connect = 143 [ssmtp] accept = 465 connect = 25 [mysqls] accept = 3307 connect = 192.168.1.6:3307 On 192.168.1.6 ---------------------- pid = /var/stunnel.pid setuid =nobody setgid = nobody foreground = yes client = no ; Service-… [View More]

3 3

privileges not dropped before libwrap processes are spawned
by Micah Anderson 21 Dec '09

21 Dec '09

Hi, I recently stumbled on http://mirt.net/pipermail/stunnel-users/2008-May/001977.html which is exactly what I am seeing with version 4.27 of stunnel, namely the daemon is not switching to the setuid/setgid specified in the config before it is spawned. This means that I get 6 processes, 5 run as root with only one (albeit the one lisenting on the specified sockets) dropping privs to the specified user. The follow-up response from Mike was: I'll modify stunnel to delay spawning libwrap … [View More]

2 3

build problem with 4.28 on SLES9 (SSL again)
by Andreas Vetter 27 Nov '09

27 Nov '09

Hi, there is a build problem with 4.28 on a SLES 9. May be similar to the no_ticket problem. Here is the interesting part of build log: options.c: In function `parse_ssl_option': options.c:1714: error: `SSL_OP_NO_QUERY_MTU' undeclared (first use in this function) options.c:1714: error: (Each undeclared identifier is reported only once options.c:1714: error: for each function it appears in.) options.c:1715: error: `SSL_OP_COOKIE_EXCHANGE' undeclared (first use in this function) options.c:… [View More]

2 2

Help in making stunnel please.
by Geoff 26 Nov '09

26 Nov '09

Compiling on aix 5.3 ./configure runs fine when I run make I get this error... I am using the latest version of ssl. # make Making all in src source='env.c' object='env.lo' libtool=yes DEPDIR=.deps depmode=aix /bin/sh ../auto/depcomp /bin/sh ../libtool --tag=CC --mode=compile cc -qlanglvl=ansi -DPACKAGE_NAME=\"stunnel\" -DPACKAGE_TARNAME=\"stunnel\" -DPACKAGE_VERSION=\"4.28\" -DPACKAGE_STRING=\"stunnel\ 4.28\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"stunnel\" -DVERSION=\"4.28\" … [View More]-DHOST=\"powerpc-ibm-aix5.3.0.0\" -DCPU_POWERPC=1 -DVENDOR_IBM=1 -DOS_AIX5_3_0_0=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DSIZEOF_UNSIGNED_CHAR=1 -DSIZEOF_UNSIGNED_SHORT=2 -DSIZEOF_UNSIGNED_INT=4 -DSIZEOF_UNSIGNED_LONG=4 -DHAVE_DEV_PTS_AND_PTC=1 -DRANDOM_FILE=\"/dev/urandom\" -DHAVE_UCONTEXT_H=1 -DHAVE_PTHREAD_H=1 -DHAVE_SYS_SELECT_H=1 -DHAVE_POLL_H=1 -DHAVE_SYS_POLL_H=1 -DHAVE_SYS_IOCTL_H=1 -DHAVE_STROPTS_H=1 -DHAVE_GRP_H=1 -DHAVE_UNISTD_H=1 -DHAVE_SYS_RESOURCE_H=1 -DHAVE_SYS_SOCKET_H=1 -DHAVE_STRUCT_MSGHDR_MSG_CONTROL=1 -DHAVE_MSGHDR_MSG_CONTROL=1 -DHAVE_LIBDL=1 -DHAVE_LIBZ=1 -DHAVE_LIBPTHREAD=1 -DUSE_PTHREAD=1 -DHAVE_SNPRINTF=1 -DHAVE_VSNPRINTF=1 -DHAVE_WAITPID=1 -DHAVE_WAIT4=1 -DHAVE_SETSID=1 -DHAVE_SETGROUPS=1 -DHAVE_CHROOT=1 -DHAVE_SYSCONF=1 -DHAVE_GETRLIMIT=1 -DHAVE_PTHREAD_SIGMASK=1 -DHAVE_LOCALTIME_R=1 -DHAVE_GETCONTEXT=1 -DHAVE_POLL=1 -DHAVE_ENDHOSTENT=1 -DHAVE_GETNAMEINFO=1 -DHAVE_GETADDRINFO=1 -DHAVE_OPENSSL=1 -Dssldir=\"/usr\" -DHAVE_OSSL_ENGINE_H=1 -DUSE_IPv6=1 -I. -I. -I/usr/kerberos/include -DLIBDIR='"/usr/local/lib/stunnel"' -DCONFDIR='"/usr/local/etc/stunnel"' -DPIDFILE='"/usr/local/var/run/stunnel/stunnel.pid"' -g -I/usr/include -c -o env.lo env.c cc -qlanglvl=ansi -DPACKAGE_NAME=\"stunnel\" -DPACKAGE_TARNAME=\"stunnel\" -DPACKAGE_VERSION=\"4.28\" "-DPACKAGE_STRING=\"stunnel 4.28\"" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"stunnel\" -DVERSION=\"4.28\" -DHOST=\"powerpc-ibm-aix5.3.0.0\" -DCPU_POWERPC=1 -DVENDOR_IBM=1 -DOS_AIX5_3_0_0=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DSIZEOF_UNSIGNED_CHAR=1 -DSIZEOF_UNSIGNED_SHORT=2 -DSIZEOF_UNSIGNED_INT=4 -DSIZEOF_UNSIGNED_LONG=4 -DHAVE_DEV_PTS_AND_PTC=1 -DRANDOM_FILE=\"/dev/urandom\" -DHAVE_UCONTEXT_H=1 -DHAVE_PTHREAD_H=1 -DHAVE_SYS_SELECT_H=1 -DHAVE_POLL_H=1 -DHAVE_SYS_POLL_H=1 -DHAVE_SYS_IOCTL_H=1 -DHAVE_STROPTS_H=1 -DHAVE_GRP_H=1 -DHAVE_UNISTD_H=1 -DHAVE_SYS_RESOURCE_H=1 -DHAVE_SYS_SOCKET_H=1 -DHAVE_STRUCT_MSGHDR_MSG_CONTROL=1 -DHAVE_MSGHDR_MSG_CONTROL=1 -DHAVE_LIBDL=1 -DHAVE_LIBZ=1 -DHAVE_LIBPTHREAD=1 -DUSE_PTHREAD=1 -DHAVE_SNPRINTF=1 -DHAVE_VSNPRINTF=1 -DHAVE_WAITPID=1 -DHAVE_WAIT4=1 -DHAVE_SETSID=1 -DHAVE_SETGROUPS=1 -DHAVE_CHROOT=1 -DHAVE_SYSCONF=1 -DHAVE_GETRLIMIT=1 -DHAVE_PTHREAD_SIGMASK=1 -DHAVE_LOCALTIME_R=1 -DHAVE_GETCONTEXT=1 -DHAVE_POLL=1 -DHAVE_ENDHOSTENT=1 -DHAVE_GETNAMEINFO=1 -DHAVE_GETADDRINFO=1 -DHAVE_OPENSSL=1 -Dssldir=\"/usr\" -DHAVE_OSSL_ENGINE_H=1 -DUSE_IPv6=1 -I. -I. -I/usr/kerberos/include -DLIBDIR=\"/usr/local/lib/stunnel\" -DCONFDIR=\"/usr/local/etc/stunnel\" -DPIDFILE=\"/usr/local/var/run/stunnel/stunnel.pid\" -g -I/usr/include -c -M env.c -DPIC -o .libs/env.o "/usr/include/sys/socket.h", line 141.9: 1506-213 (S) Macro name getpeername cannot be redefined. "/usr/include/sys/socket.h", line 141.9: 1506-358 (I) "getpeername" is defined on line 39 of env.c. make: 1254-004 The error code from the last command is 1. Stop. make: 1254-004 The error code from the last command is 1. Here is the configure # ./configure configure: **************************************** initialization checking for a BSD-compatible install... auto/install-sh -c checking whether build environment is sane... yes checking for gawk... no checking for mawk... no checking for nawk... nawk checking whether make sets $(MAKE)... yes checking build system type... powerpc-ibm-aix5.3.0.0 checking host system type... powerpc-ibm-aix5.3.0.0 checking for gcc... no checking for cc... cc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... no checking whether cc accepts -g... yes checking for cc option to accept ISO C89... -qlanglvl=ansi checking for style of include used by make... GNU checking dependency style of cc -qlanglvl=ansi... aix checking for a BSD-compatible install... auto/install-sh -c checking whether make sets $(MAKE)... (cached) yes configure: **************************************** libtool checking for a sed that does not truncate output... /usr/bin/sed checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for non-GNU ld... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... no checking for /usr/bin/ld option to reload object files... -r checking for BSD-compatible nm... /usr/bin/nm -B checking whether ln -s works... yes checking how to recognize dependent libraries... pass_all checking how to run the C preprocessor... cc -qlanglvl=ansi -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking dlfcn.h usability... yes checking dlfcn.h presence... yes checking for dlfcn.h... yes checking for g++... no checking for c++... no checking for gpp... no checking for aCC... no checking for CC... no checking for cxx... no checking for cc++... no checking for cl.exe... no checking for FCC... no checking for KCC... no checking for RCC... no checking for xlC_r... no checking for xlC... no checking whether we are using the GNU C++ compiler... no checking whether g++ accepts -g... no checking dependency style of g++... none checking for g77... no checking for xlf... no checking for f77... no checking for frt... no checking for pgf77... no checking for cf77... no checking for fort77... no checking for fl32... no checking for af77... no checking for xlf90... no checking for f90... no checking for pgf90... no checking for pghpf... no checking for epcf90... no checking for gfortran... no checking for g95... no checking for xlf95... no checking for f95... no checking for fort... no checking for ifort... no checking for ifc... no checking for efc... no checking for pgf95... no checking for lf95... no checking for ftn... no checking whether we are using the GNU Fortran 77 compiler... no checking whether accepts -g... no checking the maximum length of command line arguments... 18432 checking command to parse /usr/bin/nm -B output from cc -qlanglvl=ansi object... ok checking for objdir... .libs checking for ar... ar checking for ranlib... ranlib checking for strip... strip checking for cc -qlanglvl=ansi option to produce PIC... checking if cc -qlanglvl=ansi static flag -bnso -bI:/lib/syscalls.exp works... no checking if cc -qlanglvl=ansi supports -c -o file.o... yes checking whether the cc -qlanglvl=ansi linker (/usr/bin/ld) supports shared libraries... yes checking dynamic linker characteristics... aix5.3.0.0 ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... no checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... no configure: creating libtool appending configuration tag "CXX" to libtool appending configuration tag "F77" to libtool configure: **************************************** types checking for unsigned char... yes checking size of unsigned char... 1 checking for unsigned short... yes checking size of unsigned short... 2 checking for unsigned int... yes checking size of unsigned int... 4 checking for unsigned long... yes checking size of unsigned long... 4 checking for socklen_t... yes configure: **************************************** PTY device files checking for "/dev/ptmx"... no checking for "/dev/ptc"... yes configure: **************************************** entropy checking for "/dev/urandom"... yes configure: **************************************** default group checking for default group... nobody configure: **************************************** header files checking ucontext.h usability... yes checking ucontext.h presence... yes checking for ucontext.h... yes checking pthread.h usability... yes checking pthread.h presence... yes checking for pthread.h... yes checking sys/select.h usability... yes checking sys/select.h presence... yes checking for sys/select.h... yes checking poll.h usability... yes checking poll.h presence... yes checking for poll.h... yes checking sys/poll.h usability... yes checking sys/poll.h presence... yes checking for sys/poll.h... yes checking tcpd.h usability... no checking tcpd.h presence... no checking for tcpd.h... no checking sys/ioctl.h usability... yes checking sys/ioctl.h presence... yes checking for sys/ioctl.h... yes checking sys/filio.h usability... no checking sys/filio.h presence... no checking for sys/filio.h... no checking stropts.h usability... yes checking stropts.h presence... yes checking for stropts.h... yes checking grp.h usability... yes checking grp.h presence... yes checking for grp.h... yes checking for unistd.h... (cached) yes checking util.h usability... no checking util.h presence... no checking for util.h... no checking libutil.h usability... no checking libutil.h presence... no checking for libutil.h... no checking sys/resource.h usability... yes checking sys/resource.h presence... yes checking for sys/resource.h... yes checking pty.h usability... no checking pty.h presence... no checking for pty.h... no checking sys/socket.h usability... yes checking sys/socket.h presence... yes checking for sys/socket.h... yes checking for struct msghdr.msg_control... yes configure: **************************************** libraries checking for library containing gethostbyname... none required checking for library containing yp_get_default_domain... none required checking for socket in -lsocket... no checking for openpty in -lutil... no checking for dlopen in -ldl... yes checking for shl_load in -ldld... no checking for inflateEnd in -lz... yes configure: **************************************** thread model checking for pthread_create in -lc_r... no checking for pthread_create in -lpthread... yes configure: PTHREAD thread model detected configure: **************************************** library functions checking for snprintf... yes checking for vsnprintf... yes checking for openpty... no checking for _getpty... no checking for daemon... no checking for waitpid... yes checking for wait4... yes checking for setsid... yes checking for setgroups... yes checking for chroot... yes checking for sysconf... yes checking for getrlimit... yes checking for pthread_sigmask... yes checking for localtime_r... yes checking for getcontext... yes checking for __makecontext_v2... no checking for poll... yes checking for endhostent... yes checking for getnameinfo... yes checking for getaddrinfo... yes checking for broken poll() implementation... no configure: **************************************** SSL checking for SSL directory... /usr checking for obsolete RSAref library... no checking /usr/include/openssl/engine.h usability... yes checking /usr/include/openssl/engine.h presence... yes checking for /usr/include/openssl/engine.h... yes configure: **************************************** optional features checking whether to disable RSA support... no checking whether to enable DH support... no checking whether to enable IPv6 support... yes checking whether to disable TCP wrappers library support... autodetecting checking for hosts_access in -lwrap... no checking whether to enable FIPS mode support... autodetecting checking for FIPS_mode_set... no configure: **************************************** write the results configure: creating ./config.status config.status: creating Makefile config.status: creating src/Makefile config.status: creating src/stunnel3 config.status: creating doc/Makefile config.status: creating tools/Makefile config.status: creating tools/stunnel.conf-sample config.status: creating tools/stunnel.init config.status: executing depfiles commands configure: **************************************** success [View Less]

2 1

problem with -fd option on Linux
by Sorkin, David 21 Nov '09

21 Nov '09

I'd like to report an interesting problem I found that occurs on Linux but not Solaris when using the -fd 0 option to read the stunnel configuration in from stdin. I am using stunnel to establish client tunnels on the fly for one time use by programs such as rsync. The client config file is generated automatically with some dynamic parameters. After the client tunnel is established a client program connects to the specified port on localhost. This works fine on Solaris but on Linux I found … [View More]that the client program has to be invoked *twice* before it works. My work around is to write the config to a temp file and starting stunnel with the location of the file as its argument instead of writing to its standard input. I am using tcp wrappers to protect the stunnel servers and to limit the connects to the client to localhost. This isn't an issue for me anymore but it took a bit of troubleshooting to figure out. On Solaris I am running the same version of stunnel, openssl, etc... all compiled very similarly. One difference could be iconv but I don't know enough about it to say. Regards, David Sorkin Debug log from the first client invocation: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Nov 10 15:37:02 test03 stunnel: LOG5[32303:182894071744]: stunnel 4.27 on x86_64-unknown-linux-gnu with OpenSSL 0.9.8k 25 Mar 2009 Nov 10 15:37:02 test03 stunnel: LOG5[32303:182894071744]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP Nov 10 15:37:02 test03 stunnel: LOG6[32303:182894071744]: file ulimit = 1024 (can be changed with 'ulimit -n') Nov 10 15:37:02 test03 stunnel: LOG6[32303:182894071744]: poll() used - no FD_SETSIZE limit for file descriptors Nov 10 15:37:02 test03 stunnel: LOG5[32303:182894071744]: 500 clients allowed Nov 10 15:37:03 test03 stunnel: LOG3[32309:1073809760]: Unexpected socket close (read_blocking) Nov 10 15:37:03 test03 stunnel: LOG5[32309:1073809760]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket Nov 10 15:37:03 test03 stunnel: LOG5[32309:182894071744]: Received signal 15; terminating My client config is similar to the following: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ debug = local4.info foreground = no sslVersion = TLSv1 RNDfile = /dev/random RNDoverwrite = no pid = %s [stunnel] client = yes key = /path/to/private_key.pem cert = /path/to/public_key_cert.pem verify = 0 accept = 127.0.0.1:12345 # ephemeral port connect = remote_host:123 # well known port ciphers = AES256-SHA Server Config: ^^^^^^^^^^^^^^ debug = local4.info foreground = no pid = /var/run/stunnel.pid sslVersion = TLSv1 RNDfile = /dev/random RNDoverwrite = no [rsync] client = no key = /path/to/private_key.pem cert = /path/to/public_key_cert.pem CAfile = /path/to/authority_certs.pem verify = 3 accept = 123 exec = /usr/bin/rsync execargs = rsync --daemon --no-detach ciphers = AES256-SHA hosts.allow ^^^^^^^^^^^^ stunnel: 127.0.0.1 rsync: <ip of authorized server> > /usr/local/bin/stunnel -version stunnel 4.27 on x86_64-unknown-linux-gnu with OpenSSL 0.9.8k 25 Mar 2009 Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP Global options debug = 5 pid = /var/run/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes Service-level options cert = /usr/local/etc/stunnel.pem ciphers = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH key = /usr/local/etc/stunnel.pem session = 300 seconds stack = 65536 bytes sslVersion = SSLv3 for client, all for server TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds verify = none > /usr/local/bin/stunnel -sockets Socket option defaults: Option Accept Local Remote OS default SO_DEBUG -- -- -- 0 SO_DONTROUTE -- -- -- 0 SO_KEEPALIVE -- -- -- 0 SO_LINGER -- -- -- 0:0 SO_OOBINLINE -- -- -- 0 SO_RCVBUF -- -- -- 87380 SO_SNDBUF -- -- -- 16384 SO_RCVLOWAT -- -- -- 1 SO_SNDLOWAT -- -- -- 1 SO_RCVTIMEO -- -- -- 0:0 SO_SNDTIMEO -- -- -- 0:0 SO_REUSEADDR 1 -- -- 0 SO_BINDTODEVICE -- -- -- -- IP_TOS -- -- -- 0 IP_TTL -- -- -- 64 TCP_NODELAY -- -- -- 0 > uname -a Linux test1 2.6.9-89.0.11.ELsmp #1 SMP Mon Aug 31 11:00:34 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux -- David Sorkin <david.sorkin(a)citi.com> CATE - Network Engineering (908) 563-0017 [View Less]

2 1

Examples are for V3?
by James Bowery 18 Nov '09

18 Nov '09

The examples at: http://www.stunnel.org/examples/ appear to be for version 3. This wasted a lot of my time.

2 1

Stunnel with a enterprise proxy server
by Vandooren, Pascal 16 Nov '09

16 Nov '09

Hello, I have a problem ... on my network i have more than one proxy server, and y use Stunnel for a remote RDP. if my computer is directly connected to internet there is no problem. If i connect my computer on my domain with my proxies servers i'm not able to connect me on RDP to my remote RDP server. Is it possible to indicate my proxy server to user ? Kind regards PascalV --------------------------------------------------------------------------- This e-mail is confidential. If … [View More]

1 0

Error installing Stunnel-4.28
by th＠ftlabs.com 13 Nov '09

13 Nov '09

I could not get Stunnel-4.27 to work as described in a previous post on Mon Nov 9 17:12:38 CET 2009 to which nobody responded. So I tried installing the latest version, Stunnel-4.28, and received the following error when running the 'make' command... options.c: In function ‘service_options’: options.c:1139: error: ‘SSL_OP_NO_TICKET’ undeclared (first use in this function) options.c:1139: error: (Each undeclared identifier is reported only once options.c:1139: error: for each function it … [View More]

2 1

Re: [stunnel-users] stunnel-users Digest, Vol 64, Issue 8
by Michael Wilson 12 Nov '09

12 Nov '09

Thanks Ludholf, Re Q2 - Solved. Re Q1 - Thanks, but I should have been clearer, I wanted an automated solution. My nightly Blat e-mails come from a command line .cmd file. I have recently added a javascript to check if stunnel is active and, if not, start it before my e-mails. Now I would like to create a similar script that, if stunnel is running, stops it after my e-mail. I may just have to use Windows Script Host's Terminate. Mike On Thu, Nov 12, 2009 at 6:00 AM, <stunnel-users-… [View More]request(a)mirt.net> wrote: > Send stunnel-users mailing list submissions to > stunnel-users(a)mirt.net > > To subscribe or unsubscribe via the World Wide Web, visit > http://stunnel.mirt.net/mailman/listinfo/stunnel-users > or, via email, send a message with subject or body 'help' to > stunnel-users-request(a)mirt.net > > You can reach the person managing the list at > stunnel-users-owner(a)mirt.net > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of stunnel-users digest..." > > > Today's Topics: > > 1. Vista questions (Michael Wilson) > 2. Re: Vista questions (Ludolf Holzheid) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 11 Nov 2009 13:22:53 -0500 > From: Michael Wilson <michael.r.wilson(a)gmail.com> > Subject: [stunnel-users] Vista questions > To: stunnel-users(a)mirt.net > Message-ID: > <6d39888c0911111022r39c898c5je24d6808075bc0ba(a)mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > I am running 4.27 on Vista and can successfully start it and use Blat > to e-mail via my gmail account using stunnel. > > However, I have two questions: > > Q1: I would like to close down stunnel after sending my e-mails. How > can I do that on Vista? > > Q2: Why do I get the following when I enter "stunnel -help" at the command line > > A window with the heading "Stunnel 4.27 on Win32 (not configured)" that says: > Stunnel server is down due to an error. > You will need to exit and correct the problem > Click OK to see the error log window > > The error log is: > > Global options > compression = zlib|rle compression type > debug = [facility].level (e.g. daemon.info) > EGD = path to Entropy Gathering Daemon socket > engine = auto|engine_id > engineCtrl = cmd[:arg] > output = file to append log messages > RNDbytes = bytes to read from random seed files > RNDfile = path to file with random seed data > RNDoverwrite = yes|no overwrite seed datafiles with new random data > service = service name > socket = a|l|r:option=value[:value] > set an option on accept/local/remote socket > taskbar = yes|no enable the taskbar icon > > Service-level options > accept = [host:]port accept connections on specified host:port > CApath = CA certificate directory for 'verify' option > CAfile = CA certificate file for 'verify' option > cert = certificate chain > ciphers = list of permitted SSL ciphers > client = yes|no client mode (remote service uses SSL) > connect = [host:]port connect remote host:port > CRLpath = CRL directory > CRLfile = CRL file > delay = yes|no delay DNS lookup for 'connect' option > engineNum = number of engine to read the key from > failover = rr|prio chose failover strategy > ident = username for IDENT (RFC 1413) checking > key = certificate private key > local = IP address to be used as source for remote connections > ocsp = OCSP server URL > OCSPflag = OCSP server flags > options = SSL option > set an SSL option > protocol = protocol to negotiate before SSL initialization > currently supported: cifs, connect, nntp, pop3, smtp > protocolAuthentication = authentication type for protocol negotiations > protocolHost = host:port for protocol negotiations > protocolPassword = password for protocol negotiations > protocolUsername = username for protocol negotiations > session = session cache timeout (in seconds) > stack = thread stack size (in bytes) > sslVersion = all|SSLv2|SSLv3|TLSv1 SSL method > TIMEOUTbusy = seconds to wait for expected data > TIMEOUTclose = seconds to wait for close_notify (set to 0 for buggy MSIE) > TIMEOUTconnect = seconds to connect remote host > TIMEOUTidle = seconds to keep an idle connection > verify = level of peer certificate verification > level 1 - verify peer certificate if present > level 2 - require valid peer certificate always > level 3 - verify peer with locally installed certificate > > 2009.11.11 13:03:36 LOG3[5440:5128]: Server is down > > > ------------------------------ > > Message: 2 > Date: Wed, 11 Nov 2009 20:06:20 +0100 > From: Ludolf Holzheid <lholzheid(a)bihl-wiedemann.de> > Subject: Re: [stunnel-users] Vista questions > To: stunnel-users(a)mirt.net > Message-ID: <20091111190620.GD29581(a)svr5.bihl-wiedemann.de> > Content-Type: text/plain; charset=iso-8859-1 > > On Wed, 2009-11-11 13:22:53 -0500, Michael Wilson wrote: >> I am running 4.27 on Vista and can successfully start it and use Blat >> to e-mail via my gmail account using stunnel. >> >> However, I have two questions: >> >> Q1: I would like to close down stunnel after sending my e-mails. How >> can I do that on Vista? > > Michael, > > did you try to right-click on the stunnel icon in the systray and select "Exit"? > >> Q2: Why do I get the following when I enter "stunnel -help" at the command line > > This is stunnel's way to output the help message (or other messages) > on windows. > > If stunnel used stdio for messages, you would have seen the help > message in the command prompt window you entered "stunnel -help" > in. However, there isn't necessarily a command prompt window stunnel > is attached to. Imagine to invoke "stunnel -help" via [start]->[run]. > > Ludolf > > -- > > --------------------------------------------------------------- > Ludolf Holzheid Tel: +49 621 339960 > Bihl+Wiedemann GmbH Fax: +49 621 3392239 > Flo?w?rthstra?e 41 e-mail: lholzheid(a)bihl-wiedemann.de > D-68199 Mannheim, Germany > --------------------------------------------------------------- > > > > ------------------------------ > > _______________________________________________ > stunnel-users mailing list > stunnel-users(a)mirt.net > http://stunnel.mirt.net/mailman/listinfo/stunnel-users > > > End of stunnel-users Digest, Vol 64, Issue 8 > ******************************************** > [View Less]

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-users November 2009