- stunnel-users - stunnel.org

Used Multi Service
by Ramin Malekgahsemi 09 Jul '20

09 Jul '20

Hi Dear Friends I used Stunnel 5.49 32 bit For server This Config cert = C:\Program Files\stunnel\config\stunnel.pem fips = no [socks] accept = 443 connect = 1010 If define New Service For example cert = C:\Program Files\stunnel\config\stunnel.pem fips = no [s1] accept = 443 connect = 1010 [s2] accept = 445 connect = 1020 Service Not work How Solve This Problem THX

1 0

Re: [stunnel-users] winsock permissions issue (i.e. WSAEACCES 10013 / 0x271D)
by flash＠vicsmba.com 29 Jun '20

29 Jun '20

It will never be entirely random. Some range more than likely. You may be able to restrict the range. You could certainly set stunnel up for each “random” port. E VICS, LLC Eric S Eberhard 2933 W Middle Verde Rd Camp Verde, AZ 86322 928-567-3727 (land line) 928-301-7537 (cell phone) http://www.vicsmba.com <http://www.vicsmba.com/> https://www.facebook.com/groups/286143052248115 From: stunnel-users <stunnel-users-bounces(a)stunnel.org> On Behalf Of Brent Kimberley Sent: Friday, June 26, 2020 4:11 PM To: Thomas Ward <teward(a)thomas-ward.net>; stunnel-users(a)stunnel.org; Coviello, Paul <pcoviello(a)ccsusa.com> Subject: Re: [stunnel-users] winsock permissions issue (i.e. WSAEACCES 10013 / 0x271D) What are you trying to accomplish? I.e. Is TLS the best wrapper for the job? (i.e. TCP over TCP.) On Thursday, June 25, 2020, 11:44:38 a.m. EDT, Coviello, Paul <pcoviello(a)ccsusa.com <mailto:pcoviello@ccsusa.com> > wrote: Maybe, I also just found out that the port it goes out is not what I thought it was. It’s a random port. Not sure if it’s doable now. Thanks for your help

1 0

winsock permissions issue (i.e. WSAEACCES 10013 / 0x271D)
by Brent Kimberley 26 Jun '20

26 Jun '20

Hi Paul. With respect to your winsock permissions issue (i.e. WSAEACCES 10013 / 0x271D), did you open the port in your firewall and authorize communication via anti-virus? > Hi I have a windows 10 machine that I?ve got this running on, and the > screen shot below is what I keep getting and I am unable to find the issue, > > Can someone please shed some light as to what is wrong? And what else you may need.

3 4

server is down message
by Coviello, Paul 24 Jun '20

24 Jun '20

Hi I have a windows 10 machine that I've got this running on, and the screen shot below is what I keep getting and I am unable to find the issue, Can someone please shed some light as to what is wrong? And what else you may need. Thanks Paul [cid:image001.png@01D6495F.3B2D17A0]

3 4

Fwd: Update Stunnel 5.44 - Ubuntu 18.04
by Juan Amores 19 Jun '20

19 Jun '20

---------- Forwarded message --------- De: Juan Amores <canalamores(a)gmail.com> Date: jue., 18 jun. 2020 a las 20:03 Subject: *Update Stunnel 5.44 - Ubuntu 18.04* I installed Stunnel4 via apt-get install command. The version you installed for me is old (5.44), I have tried updating it via apt-get update but there are no updated packages in Ubuntu 18.04. Is there a way to update it and keep it working as a service like before? Attached screenshot with linux, stunnel and openssl versions. Any other additional data you need to provide just ask me. [image: stunnel.png] Greetings, Juan Amores

2 2

Fw: How to configure STunnel so that new log file is automatically created after a certain threshold
by Muhammad Muneeb Hashmi 17 Jun '20

17 Jun '20

Hi STunnel Team, Is there a way where a new STunnel log file is automatically generated when the current log file reaches a certain threshold in Windows. Any help will be highly appreciated. Regards,Muneeb

1 0

CAPI_GET_KEY:cryptacquirecontext error
by Michael S. Chusovitin 04 Jun '20

04 Jun '20

Dear stunnel users, whereas Stunnel itself looks fine for me, it seems to have some troubles with CAPI engine. The one I cannot manage still is *"CAPI_GET_KEY:cryptacquirecontext error"* logged when attempting to export the client's key. I tried to add *"engineCtrl = csp_name:Microsoft Enhanced RSA and AES Cryptographic Provider"* to stunnel.conf, and then *"CAPI_**CTX_SET_PROVNAME:**cryptacquirecontext error"* was logged instead of the above one. The same certificate is used happily with no-capi configuration. I suppose the problem is somehow related to sha256 signature in the certificate. Are there any chances to workaround? Stunnel version is 5.48 with OpenSSL 1.0.2o-fips. (in this very case I need to use 32bit version, so no possibility to upgrade). Thanks!

2 5

Re: [stunnel-users] Need help connecting Eudora to mail servers
by Phil Smith III 28 May '20

28 May '20

I'm still tinkering here, trying to get Yahoo+stunnel working to help out Joe Slaven. I still can't get it to work. Yahoo userid is y_phsiii. I manually logged into Yahoo and verified that I have the right password. The config section: -- [Yahoo] client = yes accept = localhost:1234 connect = pop.mail.yahoo.com:995 sslVersion = TLSv1.2 -- Eudora has -- POPPort=1234 -- for that personality. Log: -- 2020.05.27 11:36:48 LOG5[29]: Service [Yahoo] accepted connection from 127.0.0.1:50287 2020.05.27 11:36:48 LOG6[29]: failover: priority, starting at entry #0 2020.05.27 11:36:48 LOG6[29]: s_connect: connecting 98.137.157.46:995 2020.05.27 11:36:48 LOG5[29]: s_connect: connected 98.137.157.46:995 2020.05.27 11:36:48 LOG5[29]: Service [Yahoo] connected remote server from 192.168.1.4:50288 2020.05.27 11:36:48 LOG6[29]: SNI: sending servername: pop.mail.yahoo.com 2020.05.27 11:36:48 LOG6[29]: Peer certificate not required 2020.05.27 11:36:48 LOG6[29]: Certificate verification disabled 2020.05.27 11:36:48 LOG6[29]: Certificate verification disabled 2020.05.27 11:36:48 LOG6[29]: Client certificate not requested 2020.05.27 11:36:48 LOG6[29]: Session id: F26CEF81143B96B8BD0D2C504CBB534082242BF337D3D29DE911CD5AC05B6DE0 2020.05.27 11:36:48 LOG6[29]: TLS connected: new session negotiated 2020.05.27 11:36:48 LOG6[29]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2020.05.27 11:37:48 LOG6[29]: TLS socket closed (SSL_read) 2020.05.27 11:37:48 LOG5[29]: Connection closed: 38 byte(s) sent to TLS, 130 byte(s) sent to socket -- Eudora error (Personality is named just "y" since it's just a test): -- y, Logging into POP Server, PASS [11:33:29 AM] There has been an error transferring your mail. I said: PASS <shhhh! Don't tell anyone.> and then the POP server (y_phsiii(a)127.0.0.1) said: ERR [SYS/TEMP] Server error - Please try again later. --

3 3

blackhole problem - please help to tune stunnel
by Michael S. Chusovitin 28 May '20

28 May '20

Dear stunnel users, please advise how to solve the following: - an Application connects to stunnel-client (installed at the same machine); - stunnel-client tries to connect to stunnel-server (remote), fails and sends RST to the App; - but the App has already sent some datagrams to stunnel-client during TIMEOUTconnect period and they aren't transferred to stunnel-server. Is there any way to make stunnel-client delay its ACK to the App until the connection to stunnel-server is established? Thanks!

1 0

Need help connecting Eudora to mail servers
by Joe Slaven 26 May '20

26 May '20

Below are the contents of my config file: Question 1. Is the output statement correct? I cannot find the log file. I expected it to be in the stunnel folder in the Program (x86) folders Question 2. Is it permissable to install code for all three email servers, using the same ports and settings in Eudora? Question 3. All three have error messages in Eudora ie none of them work via stunnel. Can anyone please show me where I am going wrong? I have listed the error message for Gmail below. There is no log file that I can find. Bigpond error message: There has been an error transferring your mail POP server [JoeS4814(a)127.0.0.1 ] said ERR[AUTH] Username and Password not accepted thanks for helping out, Joe ;*************************************************************** ; STUNNEL LOG output = stunnel.log ; ;***************************************************************** ;******************************************************* ;Yahoo connection ;******************************************************* [yahoo-pop3] client = yes accept = 127.0.0.1:110 connect = pop.mail.yahoo.com:995 verify = 2 CAfile = ca-certs.pem checkHost = pop.mail.yahoo.com OCSPaia = yes [yahoo-smtp] client = yes accept = 127.0.0.1:25 connect = smtp.mail.yahoo.com:465 verify = 2 CAfile = ca-certs.pem checkHost = smtp.mail.yahoo.com OCSPaia = yes ; ;******************************************************* ;Bigpond connection ;***************************************************** [bigpond-pop3] client = yes accept = 127.0.0.1:110 connect = pop.bigpond.com:995 verify = 2 CAfile = ca-certs.pem checkHost = pop.bigpond.com OCSPaia = yes [bigpond-smtp] client = yes accept = 127.0.0.1:25 connect = smtp.bigpond.com:465 verify = 2 CAfile = ca-certs.pem checkHost = smtp.bigpond.com OCSPaia = yes ;************************************* ;Gmail connection ;******************************************** [gmail-pop3] client = yes accept = 127.0.0.1:110 connect = pop.gmail.com:995 verifyChain = yes CAfile = ca-certs.pem checkHost = pop.gmail.com OCSPaia = yes [gmail-smtp] client = yes accept = 127.0.0.1:25 connect = smtp.gmail.com:465 verifyChain = yes CAfile = ca-certs.pem checkHost = smtp.gmail.com OCSPaia = yes

3 7