Hi - I'm trying to get stunnel 4.05 to work under inetd on a Solaris x86 platform (and Solaris 8 on a SPARC platform.)
The IMAP and POP daemons are verison 2004 from UW (or UW 2001 on a SPARC.)
The IMAP client is Thunderbird 0.8.
I can connect to IMAP inetd service on port 143 with Thunderbird.
When I attempt to connect to IMAP on port 993, I'm presented a self signed certificate, I click OK to accept it, then Thunderbird just hangs.
There's no indication in IMAP log file that I've connected - and there doesn't appear to be any indication in the stunnel log file that I've been connected to the IMAP server either.
stunnel and the IMAP servers work in the standalone mode.
When stunnel is running under inetd, I can telnet to port 143 and port 993.
Any help would be greatly appreciated.
-- Ken
; stunnel -version stunnel 4.05 on i386-pc-solaris2.8 FORK with OpenSSL 0.9.7d 17 Mar 2004
Global options cert = /usr/stunnel/etc/stunnel/stunnel.pem ciphers = ALL:!ADH:+RC4:@STRENGTH debug = 5 key = /usr/stunnel/etc/stunnel/stunnel.pem pid = /usr/stunnel/var/run/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes session = 300 seconds verify = none
Service-level options TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTidle = 43200 seconds; stunnel -sockets Socket option defaults: Option Accept Local Remote OS default SO_DEBUG -- -- -- 0 SO_DONTROUTE -- -- -- 0 SO_KEEPALIVE -- -- -- 0 SO_LINGER -- -- -- 0:0 SO_OOBINLINE -- -- -- 0 SO_RCVBUF -- -- -- 32768 SO_SNDBUF -- -- -- 32768 SO_RCVLOWAT -- -- -- -- SO_SNDLOWAT -- -- -- -- SO_RCVTIMEO -- -- -- -- SO_SNDTIMEO -- -- -- -- SO_REUSEADDR 1 -- -- 0 IP_TOS -- -- -- 0 IP_TTL -- -- -- 64 TCP_NODELAY -- -- -- 0
; inetd.conf # imap stream tcp nowait root /usr/imap/sbin/in.imapd /usr/imap/sbin/in.imapd pop3 stream tcp nowait root /usr/imap/sbin/in.pop3d /usr/imap/sbin/in.pop3d # imaps stream tcp nowait root /usr/stunnel/sbin/stunnel /usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf pop3s stream tcp nowait root /usr/stunnel/sbin/stunnel /usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf ssmtp stream tcp nowait root /usr/stunnel/sbin/stunnel /usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf
; stunnel.conf # cert = /usr/openssl/certs/stunnel.pem #chroot = /usr/stunnel/var/run/ #pid=/stunnel.pid pid= setuid = nobody setgid = nogroup
debug = local2.7 output = /var/adm/log/stunnel
exec = /usr/imap/sbin/in.pop3d execargs = /usr/imap/sbin/in.pop3d
exec = /usr/imap/sbin/in.imapd execargs = /usr/imap/sbin/in.imapd
exec = /usr/lib/sendmail execargs = /usr/lib/sendmail
# # end stunnel.conf #
; log file 2004.11.11 14:52:25 LOG5[7844:0]: stunnel 4.05 on i386-pc-solaris2.8 FORK with OpenSSL 0.9.7d 17 Mar 2004 2004.11.11 14:52:25 LOG7[7844:0]: Snagged 64 random bytes from /dev/urandom 2004.11.11 14:52:25 LOG7[7844:0]: RAND_status claims sufficient entropy for the PRNG 2004.11.11 14:52:25 LOG6[7844:0]: PRNG seeded successfully 2004.11.11 14:52:25 LOG7[7844:0]: Certificate: /usr/openssl/certs/stunnel.pem 2004.11.11 14:52:25 LOG7[7844:0]: Key file: /usr/openssl/certs/stunnel.pem 2004.11.11 14:52:25 LOG7[7844:0]: stunnel started 2004.11.11 14:52:25 LOG5[7844:0]: stunnel connected from 10.0.0.15:58715 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): before/accept initialization 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 read client hello A 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write server hello A 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write certificate A 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write server done A 2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 flush data 2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 read client key exchange A 2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 read finished A 2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 write change cipher spec A 2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 write finished A 2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 flush data 2004.11.11 14:52:26 LOG7[7844:0]: 1 items in the session cache 2004.11.11 14:52:26 LOG7[7844:0]: 0 client connects (SSL_connect()) 2004.11.11 14:52:26 LOG7[7844:0]: 0 client connects that finished 2004.11.11 14:52:26 LOG7[7844:0]: 0 client renegotiatations requested 2004.11.11 14:52:26 LOG7[7844:0]: 1 server connects (SSL_accept()) 2004.11.11 14:52:26 LOG7[7844:0]: 1 server connects that finished 2004.11.11 14:52:26 LOG7[7844:0]: 0 server renegotiatiations requested 2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache hits 2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache misses 2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache timeouts 2004.11.11 14:52:26 LOG6[7844:0]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(2 56) Mac=SHA1 2004.11.11 14:52:26 LOG6[7844:0]: Local mode child started (PID=7845) 2004.11.11 14:52:26 LOG7[7844:0]: Remote FD=7 initialized
; netstat -nr | grep 143 *.143 *.* 0 0 32768 0 LISTEN
; netstat -nr | grep 993 *.993 *.* 0 0 32768 0 LISTEN