stunnel-users February 2009

stunnel-users@stunnel.org

18 participants
18 discussions

Stunnel 4 failing to connect to gmail
by Asif Iqbal 11 Dec '20

11 Dec '20

I am faling to connect to gmail. Not sure what that bind error means. iqbala@ghar:~$ sudo stunnel4 2008.12.15 13:53:17 LOG7[3839:3083650736]: Snagged 64 random bytes from /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: Wrote 1024 new random bytes to /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: RAND_status claims sufficient entropy for the PRNG 2008.12.15 13:53:17 LOG7[3839:3083650736]: PRNG seeded successfully 2008.12.15 13:53:17 LOG7[3839:3083650736]: Certificate: … [View More]

5 9

Re: [stunnel-users] Stunnel on the same machine
by subrata＠indiatimes.com 01 Aug '11

01 Aug '11

The configuration files are : pid = /var/stunnel.pid ;chroot = /var/lib/stunnel setuid = nobody setgid = nobody foreground =yes ; Use it for client mode client = yes ; Service-level configuration [pop3s] accept = 995 connect = 110 [imaps] accept = 993 connect = 143 [ssmtp] accept = 465 connect = 25 [mysqls] accept = 3307 connect = 192.168.1.6:3307 On 192.168.1.6 ---------------------- pid = /var/stunnel.pid setuid =nobody setgid = nobody foreground = yes client = no ; Service-… [View More]

3 3

Re: [stunnel-users] rewrite Destination: when rewriting Host:
by Brian Hatch 07 Oct '09

07 Oct '09

Sometime near 2007-11-11 00:15 -0500, Marcio Marchini shouted: > Researching online one can see that WebDAV's spec requires that they > check both src and dest URLs for protocol & port. But with some proxies or > SSL fronts like stunnel, only one of the URLs is rewritten, so one goes as > http and the other as https. Here's one person explaining it, much better > than me: http://svn.haxx.se/users/archive-2006-03/0549.shtml Stunnel doesn't currently have the ability to … [View More]

3 2

stunnel with libwrap does not disconnect from terminal
by Lars Kruse 02 Mar '09

02 Mar '09

Hi, starting with v4.21, stunnel does not disconnect from the terminal anymore. This can cause problems, if the caller does not redirect stdout/stderr to /dev/null. This did not happen with v4.20. The problem disappears, when I use he "--disable-libwrap" configure switch when compiling stunnel. I am running debian testing on i386 with the stunnel4 package 4.22-2. How to reproduce: 1) stunnel config file: setuid = lars pid = /tmp/stunnel.pid [server] connect = 8080 accept = 443 cert =… [View More]

4 6

GMail on Windows using ACT
by Richard Brust 24 Feb '09

24 Feb '09

I am attempting to send/receive to GMail through a CRM program (contains email client) called ACT! (http://www.act.com) ACT! only allows server addresses in the program configuration, NOT port numbers. (e.g. smtp.gmail.com or 127.0.0.1 - nothing else) I have configured *stunnel 4.26* as such: ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ; Some debugging stuff useful for troubleshooting debug = 7 output = stunnel.log ; Use it for client mode client = yes ; … [View More]Service-level configuration [pop] accept = localhost:110 connect = pop.gmail.com:995 [smtp] accept = localhost:25 connect = smtp.gmail.com:465 and in ACT as such: SMTP as localhost POP as localhost (also have tried 127.0.0.1, but with no difference). The log is below, but the short of it is that I still cannot get through to the GMail servers. I do not see any glaring errors below, but I'm sure there is something useful. Thank you for any help... 2009.02.24 13:34:35 LOG7[3752:2216]: RAND_status claims sufficient entropy for the PRNG 2009.02.24 13:34:35 LOG7[3752:2216]: PRNG seeded successfully 2009.02.24 13:34:35 LOG7[3752:2216]: SSL context initialized for service pop 2009.02.24 13:34:35 LOG7[3752:2216]: SSL context initialized for service smtp 2009.02.24 13:34:35 LOG5[3752:2216]: stunnel 4.26 on x86-pc-mingw32-gnu with OpenSSL 0.9.8i 15 Sep 2008 2009.02.24 13:34:35 LOG5[3752:2216]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6 2009.02.24 13:34:35 LOG5[3752:1576]: No limit detected for the number of clients 2009.02.24 13:34:35 LOG7[3752:1576]: FD 200 in non-blocking mode 2009.02.24 13:34:35 LOG7[3752:1576]: SO_REUSEADDR option set on accept socket 2009.02.24 13:34:35 LOG7[3752:1576]: pop bound to 127.0.0.1:110 2009.02.24 13:34:35 LOG7[3752:1576]: FD 208 in non-blocking mode 2009.02.24 13:34:35 LOG7[3752:1576]: SO_REUSEADDR option set on accept socket 2009.02.24 13:34:35 LOG7[3752:1576]: smtp bound to 127.0.0.1:25 2009.02.24 13:34:39 LOG7[3752:1576]: smtp accepted FD=216 from 127.0.0.1:3063 2009.02.24 13:34:39 LOG7[3752:1576]: Creating a new thread 2009.02.24 13:34:39 LOG7[3752:1576]: New thread created 2009.02.24 13:34:39 LOG7[3752:760]: smtp started 2009.02.24 13:34:39 LOG7[3752:760]: FD 216 in non-blocking mode 2009.02.24 13:34:39 LOG7[3752:760]: TCP_NODELAY option set on local socket 2009.02.24 13:34:39 LOG5[3752:760]: smtp accepted connection from 127.0.0.1:3063 2009.02.24 13:34:39 LOG7[3752:760]: FD 240 in non-blocking mode 2009.02.24 13:34:39 LOG7[3752:760]: smtp connecting 209.85.201.111:465 2009.02.24 13:34:39 LOG7[3752:760]: connect_wait: waiting 10 seconds 2009.02.24 13:34:39 LOG7[3752:760]: connect_wait: connected 2009.02.24 13:34:39 LOG5[3752:760]: smtp connected remote server from 192.168.1.100:3064 2009.02.24 13:34:39 LOG7[3752:760]: Remote FD=240 initialized 2009.02.24 13:34:39 LOG7[3752:760]: TCP_NODELAY option set on remote socket 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): before/connect initialization 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 write client hello A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 read server hello A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 read server certificate A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 read server done A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 write client key exchange A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 write change cipher spec A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 write finished A 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 flush data 2009.02.24 13:34:39 LOG7[3752:760]: SSL state (connect): SSLv3 read finished A 2009.02.24 13:34:39 LOG7[3752:760]: 1 items in the session cache 2009.02.24 13:34:39 LOG7[3752:760]: 1 client connects (SSL_connect()) 2009.02.24 13:34:39 LOG7[3752:760]: 1 client connects that finished 2009.02.24 13:34:39 LOG7[3752:760]: 0 client renegotiations requested 2009.02.24 13:34:39 LOG7[3752:760]: 0 server connects (SSL_accept()) 2009.02.24 13:34:39 LOG7[3752:760]: 0 server connects that finished 2009.02.24 13:34:39 LOG7[3752:760]: 0 server renegotiations requested 2009.02.24 13:34:39 LOG7[3752:760]: 0 session cache hits 2009.02.24 13:34:39 LOG7[3752:760]: 0 session cache misses 2009.02.24 13:34:39 LOG7[3752:760]: 0 session cache timeouts 2009.02.24 13:34:39 LOG6[3752:760]: SSL connected: new session negotiated 2009.02.24 13:34:39 LOG6[3752:760]: Negotiated ciphers: RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 2009.02.24 13:34:39 LOG7[3752:760]: SSL socket closed on SSL_read 2009.02.24 13:34:39 LOG7[3752:760]: Socket write shutdown 2009.02.24 13:34:39 LOG5[3752:760]: Connection closed: 20 bytes sent to SSL, 226 bytes sent to socket 2009.02.24 13:34:39 LOG7[3752:760]: smtp finished (0 left) 2009.02.24 13:34:39 LOG7[3752:1576]: pop accepted FD=232 from 127.0.0.1:3065 2009.02.24 13:34:39 LOG7[3752:1576]: Creating a new thread 2009.02.24 13:34:39 LOG7[3752:1576]: New thread created 2009.02.24 13:34:39 LOG7[3752:376]: pop started 2009.02.24 13:34:39 LOG7[3752:376]: FD 232 in non-blocking mode 2009.02.24 13:34:39 LOG7[3752:376]: TCP_NODELAY option set on local socket 2009.02.24 13:34:39 LOG5[3752:376]: pop accepted connection from 127.0.0.1:3065 2009.02.24 13:34:39 LOG7[3752:376]: FD 240 in non-blocking mode 2009.02.24 13:34:39 LOG7[3752:376]: pop connecting 209.85.147.109:995 2009.02.24 13:34:39 LOG7[3752:376]: connect_wait: waiting 10 seconds 2009.02.24 13:34:42 LOG7[3752:376]: connect_wait: connected 2009.02.24 13:34:42 LOG5[3752:376]: pop connected remote server from 192.168.1.100:3066 2009.02.24 13:34:42 LOG7[3752:376]: Remote FD=240 initialized 2009.02.24 13:34:42 LOG7[3752:376]: TCP_NODELAY option set on remote socket 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): before/connect initialization 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 write client hello A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 read server hello A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 read server certificate A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 read server done A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 write client key exchange A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 write change cipher spec A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 write finished A 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 flush data 2009.02.24 13:34:42 LOG7[3752:376]: SSL state (connect): SSLv3 read finished A 2009.02.24 13:34:42 LOG7[3752:376]: 1 items in the session cache 2009.02.24 13:34:42 LOG7[3752:376]: 1 client connects (SSL_connect()) 2009.02.24 13:34:42 LOG7[3752:376]: 1 client connects that finished 2009.02.24 13:34:42 LOG7[3752:376]: 0 client renegotiations requested 2009.02.24 13:34:42 LOG7[3752:376]: 0 server connects (SSL_accept()) 2009.02.24 13:34:42 LOG7[3752:376]: 0 server connects that finished 2009.02.24 13:34:42 LOG7[3752:376]: 0 server renegotiations requested 2009.02.24 13:34:42 LOG7[3752:376]: 0 session cache hits 2009.02.24 13:34:42 LOG7[3752:376]: 0 session cache misses 2009.02.24 13:34:42 LOG7[3752:376]: 0 session cache timeouts 2009.02.24 13:34:42 LOG6[3752:376]: SSL connected: new session negotiated 2009.02.24 13:34:42 LOG6[3752:376]: Negotiated ciphers: RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 2009.02.24 13:34:42 LOG7[3752:1576]: smtp accepted FD=264 from 127.0.0.1:3067 2009.02.24 13:34:42 LOG7[3752:1576]: Creating a new thread 2009.02.24 13:34:42 LOG7[3752:1576]: New thread created 2009.02.24 13:34:42 LOG7[3752:216]: smtp started 2009.02.24 13:34:42 LOG7[3752:216]: FD 264 in non-blocking mode 2009.02.24 13:34:42 LOG7[3752:216]: TCP_NODELAY option set on local socket 2009.02.24 13:34:42 LOG5[3752:216]: smtp accepted connection from 127.0.0.1:3067 2009.02.24 13:34:42 LOG7[3752:216]: FD 288 in non-blocking mode 2009.02.24 13:34:42 LOG7[3752:216]: smtp connecting 209.85.201.109:465 2009.02.24 13:34:42 LOG7[3752:216]: connect_wait: waiting 10 seconds 2009.02.24 13:34:42 LOG7[3752:216]: connect_wait: connected 2009.02.24 13:34:42 LOG5[3752:216]: smtp connected remote server from 192.168.1.100:3068 2009.02.24 13:34:42 LOG7[3752:216]: Remote FD=288 initialized 2009.02.24 13:34:42 LOG7[3752:216]: TCP_NODELAY option set on remote socket 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): before/connect initialization 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 write client hello A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 read server hello A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 read server certificate A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 read server done A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 write client key exchange A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 write change cipher spec A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 write finished A 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 flush data 2009.02.24 13:34:42 LOG7[3752:216]: SSL state (connect): SSLv3 read finished A 2009.02.24 13:34:42 LOG7[3752:216]: 2 items in the session cache 2009.02.24 13:34:42 LOG7[3752:216]: 2 client connects (SSL_connect()) 2009.02.24 13:34:42 LOG7[3752:216]: 2 client connects that finished 2009.02.24 13:34:42 LOG7[3752:216]: 0 client renegotiations requested 2009.02.24 13:34:42 LOG7[3752:216]: 0 server connects (SSL_accept()) 2009.02.24 13:34:42 LOG7[3752:216]: 0 server connects that finished 2009.02.24 13:34:42 LOG7[3752:216]: 0 server renegotiations requested 2009.02.24 13:34:42 LOG7[3752:216]: 0 session cache hits 2009.02.24 13:34:42 LOG7[3752:216]: 0 session cache misses 2009.02.24 13:34:42 LOG7[3752:216]: 0 session cache timeouts 2009.02.24 13:34:42 LOG6[3752:216]: SSL connected: new session negotiated 2009.02.24 13:34:42 LOG6[3752:216]: Negotiated ciphers: RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 2009.02.24 13:34:43 LOG3[3752:216]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2009.02.24 13:34:43 LOG5[3752:216]: Connection reset: 63 bytes sent to SSL, 335 bytes sent to socket 2009.02.24 13:34:43 LOG7[3752:216]: smtp finished (1 left) 2009.02.24 13:35:43 LOG7[3752:376]: SSL socket closed on SSL_read 2009.02.24 13:35:43 LOG7[3752:376]: Socket write shutdown 2009.02.24 13:35:43 LOG5[3752:376]: Connection closed: 48 bytes sent to SSL, 131 bytes sent to socket 2009.02.24 13:35:43 LOG7[3752:376]: pop finished (0 left) Richard Brust rbrDataSolutions/ACT! Certified Consulting http://www.rbrDataSolutions.com 916/769-9411 [View Less]

1 0

Stunnel error
by Reinier van der Gugten 23 Feb '09

23 Feb '09

Hi, I use the STunnel tool to connect to my Ms-SQL database. And so far this works nice. However at one organization I have the following problem: << connect_wait: s_poll_wait timeout>> And the connection fails. Here is the log file and config file. Can you give me any hints how to check where it goes wrong? Thanks. Reinier. 2009.02.23 14:45:12 LOG7[2156:3096]: RAND_status claims sufficient entropy for the PRNG 2009.02.23 14:45:12 LOG7[2156:3096]: PRNG seeded … [View More]successfully 2009.02.23 14:45:12 LOG7[2156:3096]: Certificate: stunnel.pem 2009.02.23 14:45:12 LOG7[2156:3096]: Certificate loaded 2009.02.23 14:45:12 LOG7[2156:3096]: Key file: stunnel.pem 2009.02.23 14:45:12 LOG7[2156:3096]: Private key loaded 2009.02.23 14:45:12 LOG7[2156:3096]: SSL context initialized for service SQLServer 2009.02.23 14:45:12 LOG5[2156:3096]: stunnel 4.26 on x86-pc-mingw32-gnu with OpenSSL 0.9.8i 15 Sep 2008 2009.02.23 14:45:12 LOG5[2156:3096]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6 2009.02.23 14:45:12 LOG5[2156:3852]: No limit detected for the number of clients 2009.02.23 14:45:12 LOG7[2156:3852]: FD 184 in non-blocking mode 2009.02.23 14:45:12 LOG7[2156:3852]: SO_REUSEADDR option set on accept socket 2009.02.23 14:45:12 LOG7[2156:3852]: SQLServer bound to 127.0.0.1:31433 2009.02.23 14:49:25 LOG7[2156:3852]: SQLServer accepted FD=208 from 127.0.0.1:2912 2009.02.23 14:49:25 LOG7[2156:3852]: Creating a new thread 2009.02.23 14:49:25 LOG7[2156:3852]: New thread created 2009.02.23 14:49:25 LOG7[2156:996]: SQLServer started 2009.02.23 14:49:25 LOG7[2156:996]: FD 208 in non-blocking mode 2009.02.23 14:49:25 LOG7[2156:996]: TCP_NODELAY option set on local socket 2009.02.23 14:49:25 LOG5[2156:996]: SQLServer accepted connection from 127.0.0.1:2912 2009.02.23 14:49:25 LOG7[2156:996]: FD 232 in non-blocking mode 2009.02.23 14:49:25 LOG7[2156:996]: SQLServer connecting 10.17.98.33:8080 2009.02.23 14:49:25 LOG7[2156:996]: connect_wait: waiting 60 seconds 2009.02.23 14:50:25 LOG6[2156:996]: connect_wait: s_poll_wait timeout 2009.02.23 14:50:25 LOG5[2156:996]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2009.02.23 14:50:25 LOG7[2156:996]: SQLServer finished (0 left) ; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration ; Certificate/key is needed in server mode and optional in client mode ; The default certificate is provided only for testing and should not ; be used in a production environment cert = stunnel.pem ;key = stunnel.pem ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem ; Some debugging stuff useful for troubleshooting debug = 7 ;output = stunnel.log ; Use it for client mode client = yes ; Service-level configuration [SQLServer] accept = 127.0.0.1:31433 ;connect = xx.xx.xxx.xxx:443 connect = 10.17.98.33:8080 protocol = connect protocolHost = xx.xx.xxx.xxx:443 ;session cache timeout session = 60 ;time to wait for expected data TIMEOUTbusy = 60 ;time to wait for close_notify (set to 0 for buggy MSIE) ;TIMEOUTclose = 30 ;time to wait to connect a remote host TIMEOUTconnect = 60 ;time to keep an idle connection ;TIMEOUTidle = 60 [View Less]

1 0

Re: [stunnel-users] stunnel client connecting to host with dynamic
by Adamson H 13 Feb '09

13 Feb '09

>Adamson H wrote: >> Hi, stunnel 4.26 solves a number of issues running on FreeBSD. However, >> a stunnel client still has a problem reconnecting to a host with dynamic >> DNS service after the host IP has changed. Stunnel client seems unaware >> of the host update, pointing the dynamic DNS name to the old outdated >> IP. In order to get reconnected to the host, I have to create a cron >> script to detect the IP change and restart stunnel on the … [View More]

3 4

stunnel hanging (libwrap)
by Ulrich Wisser 11 Feb '09

11 Feb '09

Hi, on my current project I have a strange error. Stunnel will work for months and suddenly stop accepting connections. At other times it will fail after a couple of hours. It doesn't crash. Connections are still accepted, but no SSL negotiation does take place. Please find a log below. It seems to be some problem with libwrap. As you can see in the logs the last usage of libwrap doesn't release libwrap properly. "Released libwrap process" log statement is missing. And after that just … [View More]everything hangs waiting for libwrap. But why is this happening? Our host.allow and host.deny files are empty. libwrap is supposed to allow everything. Any suggestions are welcome! Thanks in advance Ulrich 2009.02.10 09:23:16 LOG7[24594:3083130544]: epp accepted FD=22 from 212.227.111.32:59551 2009.02.10 09:23:16 LOG7[24594:3082640272]: epp started 2009.02.10 09:23:16 LOG7[24594:3082640272]: FD 22 in non-blocking mode 2009.02.10 09:23:16 LOG7[24594:3082640272]: TCP_NODELAY option set on local socket 2009.02.10 09:23:16 LOG7[24594:3082640272]: Waiting for a libwrap process 2009.02.10 09:23:16 LOG7[24594:3082640272]: Acquired libwrap process #4 2009.02.10 09:23:16 LOG7[24594:3082640272]: Releasing libwrap process #4 2009.02.10 09:23:16 LOG7[24594:3082640272]: Released libwrap process #4 2009.02.10 09:23:16 LOG7[24594:3082640272]: epp permitted by libwrap from 212.227.111.32:59551 2009.02.10 09:23:16 LOG5[24594:3082640272]: epp accepted connection from 212.227.111.32:59551 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): before/accept initialization 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 read client hello A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 write server hello A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 write certificate A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 write server done A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 flush data 2009.02.10 09:23:16 LOG7[24594:3082918800]: Socket closed on read 2009.02.10 09:23:16 LOG7[24594:3082918800]: SSL write shutdown 2009.02.10 09:23:16 LOG7[24594:3082918800]: SSL alert (write): warning: close notify 2009.02.10 09:23:16 LOG6[24594:3082918800]: SSL socket closed on SSL_shutdown 2009.02.10 09:23:16 LOG7[24594:3082918800]: Socket write shutdown 2009.02.10 09:23:16 LOG5[24594:3082918800]: Connection closed: 2249 bytes sent to SSL, 1169 bytes sent to socket 2009.02.10 09:23:16 LOG7[24594:3082918800]: epp finished (5 left) 2009.02.10 09:23:16 LOG7[24594:3082709904]: SSL state (accept): SSLv3 read client key exchange A 2009.02.10 09:23:16 LOG7[24594:3082709904]: SSL state (accept): SSLv3 read finished A 2009.02.10 09:23:16 LOG7[24594:3082709904]: SSL state (accept): SSLv3 write change cipher spec A 2009.02.10 09:23:16 LOG7[24594:3082709904]: SSL state (accept): SSLv3 write finished A 2009.02.10 09:23:16 LOG7[24594:3082709904]: SSL state (accept): SSLv3 flush data 2009.02.10 09:23:16 LOG7[24594:3082709904]: 36 items in the session cache 2009.02.10 09:23:16 LOG7[24594:3082709904]: 0 client connects (SSL_connect()) 2009.02.10 09:23:16 LOG7[24594:3082709904]: 0 client connects that finished 2009.02.10 09:23:16 LOG7[24594:3082709904]: 0 client renegotiations requested 2009.02.10 09:23:16 LOG7[24594:3082709904]: 292 server connects (SSL_accept()) 2009.02.10 09:23:16 LOG7[24594:3082709904]: 290 server connects that finished 2009.02.10 09:23:16 LOG7[24594:3082709904]: 0 server renegotiations requested 2009.02.10 09:23:16 LOG7[24594:3082709904]: 41 session cache hits 2009.02.10 09:23:16 LOG7[24594:3082709904]: 1 session cache misses 2009.02.10 09:23:16 LOG7[24594:3082709904]: 6 session cache timeouts 2009.02.10 09:23:16 LOG6[24594:3082709904]: SSL accepted: new session negotiated 2009.02.10 09:23:16 LOG6[24594:3082709904]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 2009.02.10 09:23:16 LOG7[24594:3082709904]: FD 16 in non-blocking mode 2009.02.10 09:23:16 LOG7[24594:3082709904]: epp connecting 127.0.0.1:9777 2009.02.10 09:23:16 LOG7[24594:3082709904]: connect_wait: waiting 10 seconds 2009.02.10 09:23:16 LOG7[24594:3082709904]: connect_wait: connected 2009.02.10 09:23:16 LOG5[24594:3082709904]: epp connected remote server from 127.0.0.1:40831 2009.02.10 09:23:16 LOG7[24594:3082709904]: Remote FD=16 initialized 2009.02.10 09:23:16 LOG7[24594:3082709904]: TCP_NODELAY option set on remote socket 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 read client key exchange A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 read finished A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 write change cipher spec A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 write finished A 2009.02.10 09:23:16 LOG7[24594:3082640272]: SSL state (accept): SSLv3 flush data 2009.02.10 09:23:16 LOG7[24594:3082640272]: 37 items in the session cache 2009.02.10 09:23:16 LOG7[24594:3082640272]: 0 client connects (SSL_connect()) 2009.02.10 09:23:16 LOG7[24594:3082640272]: 0 client connects that finished 2009.02.10 09:23:16 LOG7[24594:3082640272]: 0 client renegotiations requested 2009.02.10 09:23:16 LOG7[24594:3082640272]: 292 server connects (SSL_accept()) 2009.02.10 09:23:16 LOG7[24594:3082640272]: 291 server connects that finished 2009.02.10 09:23:16 LOG7[24594:3082640272]: 0 server renegotiations requested 2009.02.10 09:23:16 LOG7[24594:3082640272]: 41 session cache hits 2009.02.10 09:23:16 LOG7[24594:3082640272]: 1 session cache misses 2009.02.10 09:23:16 LOG7[24594:3082640272]: 6 session cache timeouts 2009.02.10 09:23:16 LOG6[24594:3082640272]: SSL accepted: new session negotiated 2009.02.10 09:23:16 LOG6[24594:3082640272]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 2009.02.10 09:23:16 LOG7[24594:3082640272]: FD 18 in non-blocking mode 2009.02.10 09:23:16 LOG7[24594:3082640272]: epp connecting 127.0.0.1:9777 2009.02.10 09:23:16 LOG7[24594:3082640272]: connect_wait: waiting 10 seconds 2009.02.10 09:23:16 LOG7[24594:3082640272]: connect_wait: connected 2009.02.10 09:23:16 LOG5[24594:3082640272]: epp connected remote server from 127.0.0.1:40832 2009.02.10 09:23:16 LOG7[24594:3082640272]: Remote FD=18 initialized 2009.02.10 09:23:16 LOG7[24594:3082640272]: TCP_NODELAY option set on remote socket 2009.02.10 09:23:16 LOG7[24594:3083127696]: Socket closed on read 2009.02.10 09:23:16 LOG7[24594:3083127696]: SSL write shutdown 2009.02.10 09:23:16 LOG7[24594:3083127696]: SSL alert (write): warning: close notify 2009.02.10 09:23:16 LOG6[24594:3083127696]: SSL socket closed on SSL_shutdown 2009.02.10 09:23:16 LOG7[24594:3083127696]: Socket write shutdown 2009.02.10 09:23:16 LOG5[24594:3083127696]: Connection closed: 2249 bytes sent to SSL, 1169 bytes sent to socket 2009.02.10 09:23:16 LOG7[24594:3083127696]: epp finished (4 left) 2009.02.10 09:23:30 LOG7[24594:3083130544]: epp accepted FD=15 from 62.116.129.3:3503 2009.02.10 09:23:30 LOG7[24594:3083127696]: epp started 2009.02.10 09:23:30 LOG7[24594:3083127696]: FD 15 in non-blocking mode 2009.02.10 09:23:30 LOG7[24594:3083127696]: TCP_NODELAY option set on local socket 2009.02.10 09:23:30 LOG7[24594:3083127696]: Waiting for a libwrap process 2009.02.10 09:23:30 LOG7[24594:3083127696]: Acquired libwrap process #4 2009.02.10 09:23:30 LOG7[24594:3083130544]: epp accepted FD=17 from 62.116.129.3:3504 2009.02.10 09:23:30 LOG7[24594:3082918800]: epp started 2009.02.10 09:23:30 LOG7[24594:3082918800]: FD 17 in non-blocking mode 2009.02.10 09:23:30 LOG7[24594:3082918800]: TCP_NODELAY option set on local socket 2009.02.10 09:23:30 LOG7[24594:3082918800]: Waiting for a libwrap process 2009.02.10 09:23:30 LOG7[24594:3083127696]: Releasing libwrap process #4 2009.02.10 09:23:45 LOG7[24594:3083130544]: epp accepted FD=23 from 62.116.129.3:35076 2009.02.10 09:23:45 LOG7[24594:3082779536]: epp started 2009.02.10 09:23:45 LOG7[24594:3082779536]: FD 23 in non-blocking mode 2009.02.10 09:23:45 LOG7[24594:3082779536]: TCP_NODELAY option set on local socket 2009.02.10 09:23:45 LOG7[24594:3082779536]: Waiting for a libwrap process 2009.02.10 09:23:48 LOG7[24594:3083130544]: epp accepted FD=24 from 212.209.10.53:4853 2009.02.10 09:23:48 LOG7[24594:3083058064]: epp started 2009.02.10 09:23:48 LOG7[24594:3083058064]: FD 24 in non-blocking mode 2009.02.10 09:23:48 LOG7[24594:3083058064]: TCP_NODELAY option set on local socket 2009.02.10 09:23:48 LOG7[24594:3083058064]: Waiting for a libwrap process 2009.02.10 09:24:01 LOG7[24594:3083130544]: epp accepted FD=25 from 62.116.129.3:35084 2009.02.10 09:24:01 LOG7[24594:3082570640]: epp started 2009.02.10 09:24:01 LOG7[24594:3082570640]: FD 25 in non-blocking mode 2009.02.10 09:24:01 LOG7[24594:3082570640]: TCP_NODELAY option set on local socket 2009.02.10 09:24:01 LOG7[24594:3082570640]: Waiting for a libwrap process 2009.02.10 09:24:50 LOG7[24594:3083130544]: epp accepted FD=26 from 91.203.4.58:3814 2009.02.10 09:24:50 LOG7[24594:3082501008]: epp started 2009.02.10 09:24:50 LOG7[24594:3082501008]: FD 26 in non-blocking mode 2009.02.10 09:24:50 LOG7[24594:3082501008]: TCP_NODELAY option set on local socket 2009.02.10 09:24:50 LOG7[24594:3082501008]: Waiting for a libwrap process 2009.02.10 09:25:29 LOG7[24594:3083130544]: epp accepted FD=27 from 87.96.215.128:34595 2009.02.10 09:25:29 LOG7[24594:3082431376]: epp started 2009.02.10 09:25:29 LOG7[24594:3082431376]: FD 27 in non-blocking mode 2009.02.10 09:25:29 LOG7[24594:3082431376]: TCP_NODELAY option set on local socket 2009.02.10 09:25:29 LOG7[24594:3082431376]: Waiting for a libwrap process 2009.02.10 09:25:40 LOG7[24594:3083130544]: epp accepted FD=28 from 195.249.40.26:36799 2009.02.10 09:25:40 LOG7[24594:3082361744]: epp started 2009.02.10 09:25:40 LOG7[24594:3082361744]: FD 28 in non-blocking mode [View Less]

2 1

stunnel client connecting to host with dynamic dns service
by Adamson H 09 Feb '09

09 Feb '09

Hi, stunnel 4.26 solves a number of issues running on FreeBSD. However, a stunnel client still has a problem reconnecting to a host with dynamic DNS service after the host IP has changed. Stunnel client seems unaware of the host update, pointing the dynamic DNS name to the old outdated IP. In order to get reconnected to the host, I have to create a cron script to detect the IP change and restart stunnel on the stunnel client. My client conf file has the following: [1873] accept = … [View More]

2 1

Re: [stunnel-users] Stunnel via proxy CONNECT
by Michal Trojnara 09 Feb '09

09 Feb '09

kommersz wrote: > My understanding was that there was a patch merged into Stunnel codeline > with version 4.05 a long time ago which allows the parameters > "httpsproxy_dest" and some others to be used when specifying a [https] > connection in stunnel.conf. Your understanding is not correct, but similar functionality was re-implemented from scratch. You may consider Reading The Fine Manual at: http://stunnel.mirt.net/static/stunnel.html The relevant part is: protocol = proto … [View More]

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-users February 2009