Re: [stunnel-users] more stunnel problems

On Thursday 10 November 2005 11:18, Michal Trojnara wrote:

You've configured SSL on port 465, so you should use something like "openssl s_client" instead of "telnet" for testing.

OK, this works, but what if I have a client and a server that knows nothing about SSL, e.g.

I've got a windows vnc server configure like this:

[VNC] accept = 5901 connect = 5900

And then on the linux client:

[VNC] accept = 5901 connect = 192.168.100.57:5901

The vncviewer just hangs:

Again the same result in the log file:

2005.11.10 11:34:01 LOG5[15516:1]: stunnel 4.14 on i686-pc-linux-gnu UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.11.10 11:34:01 LOG7[15516:1]: Snagged 64 random bytes from /root/.rnd 2005.11.10 11:34:01 LOG7[15516:1]: Wrote 1024 new random bytes to /root/.rnd 2005.11.10 11:34:01 LOG7[15516:1]: RAND_status claims sufficient entropy for the PRNG 2005.11.10 11:34:01 LOG6[15516:1]: PRNG seeded successfully 2005.11.10 11:34:01 LOG7[15516:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.11.10 11:34:01 LOG7[15516:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.11.10 11:34:01 LOG6[15516:1]: file ulimit = 1024 (can be changed with 'ulimit -n') 2005.11.10 11:34:01 LOG6[15516:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.11.10 11:34:01 LOG5[15516:1]: 500 clients allowed 2005.11.10 11:34:01 LOG7[15516:1]: FD 4 in non-blocking mode 2005.11.10 11:34:01 LOG7[15516:1]: FD 5 in non-blocking mode 2005.11.10 11:34:01 LOG7[15516:1]: FD 6 in non-blocking mode 2005.11.10 11:34:01 LOG7[15516:1]: SO_REUSEADDR option set on accept socket 2005.11.10 11:34:01 LOG7[15516:1]: VNC bound to 0.0.0.0:5901 2005.11.10 11:34:01 LOG7[15517:1]: Created pid file /stunnel.pid 2005.11.10 11:34:01 LOG7[15517:0]: Waiting -1 second(s) for 2 file descriptor(s) 2005.11.10 11:34:04 LOG7[15517:0]: CONTEXT 1, FD=4, (IN)->() 2005.11.10 11:34:04 LOG7[15517:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.11.10 11:34:04 LOG7[15517:1]: VNC accepted FD=7 from 127.0.0.1:17007 2005.11.10 11:34:04 LOG7[15517:1]: Creating a new context 2005.11.10 11:34:04 LOG7[15517:1]: Context 2 created 2005.11.10 11:34:04 LOG7[15517:2]: Context swap: 1 -> 2 2005.11.10 11:34:04 LOG7[15517:2]: VNC started 2005.11.10 11:34:04 LOG7[15517:2]: FD 7 in non-blocking mode 2005.11.10 11:34:04 LOG7[15517:2]: TCP_NODELAY option set on local socket 2005.11.10 11:34:04 LOG5[15517:2]: VNC connected from 127.0.0.1:17007 2005.11.10 11:34:04 LOG7[15517:2]: SSL state (accept): before/accept initialization 2005.11.10 11:34:04 LOG7[15517:0]: Waiting 300 second(s) for 3 file descriptor(s)

Cheers Louis