Dear All,

 

I find the root cause for the email ip address.   Thank you for all suggestion.

 

Thanks,

Alfred

 

From: David Brower <davidbrower@hotmail.com>
Sent: Thursday, January 28, 2021 5:12 AM
To: stunnel-users@stunnel.org
Subject: [stunnel-users] Seeing Message in Plain Text in Wireshark

 

[External email] Please be cautious when clicking on any links or attachments.


First time user of Stunnel and I just wanted to check what I'm doing wrong. 

 

I have two processes running: a TCP Listener that listens on port 13000 and a TCP client that sends it a message. 

 

I'm running Stunnel on Windows 10 with the following config:

 

[myapp]

client = yes

accept = 13001

connect = 13000

cert = stunnel.pem

TIMEOUTclose=0

 

I updated the TCP client to send the message to port 13001 but when I check Wireshark I can still see the contents of the message in plaintext. Shouldn't I no longer be able to see the unencrypted contents of this message?

 

Here are the relevant logs:

 

2021.01.27 20:57:26 LOG7[main]: Found 1 ready file descriptor(s)

2021.01.27 20:57:26 LOG7[main]: FD=588 ifds=r-x ofds=r--

2021.01.27 20:57:26 LOG7[main]: FD=596 ifds=r-x ofds=---

2021.01.27 20:57:26 LOG7[main]: Service [myapp] accepted (FD=924) from 127.0.0.1:9322

2021.01.27 20:57:26 LOG7[main]: Creating a new thread

2021.01.27 20:57:26 LOG7[main]: New thread created

2021.01.27 20:57:26 LOG7[2]: Service [myapp] started

2021.01.27 20:57:26 LOG7[2]: Setting local socket options (FD=924)

2021.01.27 20:57:26 LOG7[2]: Option TCP_NODELAY set on local socket

2021.01.27 20:57:26 LOG5[2]: Service [myapp] accepted connection from 127.0.0.1:9322

2021.01.27 20:57:26 LOG6[2]: s_connect: connecting 127.0.0.1:13000

2021.01.27 20:57:26 LOG7[2]: s_connect: s_poll_wait 127.0.0.1:13000: waiting 10 seconds

2021.01.27 20:57:26 LOG7[2]: FD=940 ifds=rwx ofds=---

2021.01.27 20:57:26 LOG5[2]: s_connect: connected 127.0.0.1:13000

2021.01.27 20:57:26 LOG5[2]: Service [myapp] connected remote server from 127.0.0.1:9323

2021.01.27 20:57:26 LOG7[2]: Setting remote socket options (FD=940)

2021.01.27 20:57:26 LOG7[2]: Option TCP_NODELAY set on remote socket

2021.01.27 20:57:26 LOG7[2]: Remote descriptor (FD=940) initialized

2021.01.27 20:57:26 LOG6[2]: SNI: sending servername: localhost

2021.01.27 20:57:26 LOG6[2]: Peer certificate not required

2021.01.27 20:57:26 LOG7[2]: TLS state (connect): before SSL initialization

2021.01.27 20:57:26 LOG7[2]: Initializing application specific data for session authenticated

2021.01.27 20:57:26 LOG7[2]: TLS state (connect): SSLv3/TLS write client hello