same questions about problems with stunnel-4.05 and the old 3.2x command line - stunnel-users

2 Dec 2004


      Hi Michal,
i'm using stunnel since version 3.2x and now i'm trying to switch to version
4.05. but there still some problems left so i searched the "net" and found
only one article about this problems
(http://stunnel.mirt.net/pipermail/stunnel-users/2004-August/000013.html).
but this solution seems not to work for me or i'm a little bit to stupid to
understand it.
i used 3.2x with the following command line:
$ stunnel -P ~/ -v2 -A ./publickey.pem -p privatekey.pem -r
target_host.net:666 -c -d 127.0.0.1:7777
Then i tried to write me my own config-file for stunnel-4.05.
$ cat /etc/stunnel/stunnel.conf
# pid is created in an jail
        pid = /home/user/.stunnel/stunnel.pid
# Some debugging stuff
        debug = 7
        output = /home/user/.stunnel/stunnel.log
# use it for client mode
        client = yes
        foreground = yes
# Authentification
        verify = 3
        cert =  /home/user/privatekey.pem
        CAfile = /home/user/publickey.pem
# Service-Level Configuration
[application]
        accept = 127.0.0.1:666
        connect = targethost.net:7777
But this one does not work. The stunnel.log told me this:
$ cat /home/user/stunnel.log
2004.12.01 22:20:12 LOG5[15233:1006686208]: stunnel 4.05 on
i386-unknown-openbsd3.6 PTHREAD+LIBWRAP with OpenSSL 0.9.7d 17 Mar 2004
2004.12.01 22:20:12 LOG7[15233:1006686208]: Snagged 64 random bytes from
/dev/arandom
2004.12.01 22:20:12 LOG7[15233:1006686208]: RAND_status claims sufficient
entropy for the PRNG
2004.12.01 22:20:12 LOG6[15233:1006686208]: PRNG seeded successfully
2004.12.01 22:20:12 LOG7[15233:1006686208]: Certificate:
/home/privatekey.pem
2004.12.01 22:20:12 LOG7[15233:1006686208]: Key file:
/home/user/privatekey.pem
2004.12.01 22:20:12 LOG7[15233:1006686208]: Loaded verify certificates from
/home/user/publickey.pem
2004.12.01 22:20:12 LOG5[15233:1006686208]: FD_SETSIZE=1024, file ulimit=128
-> 61 clients allowed
2004.12.01 22:20:12 LOG7[15233:1006686208]: FD 7 in non-blocking mode
2004.12.01 22:20:12 LOG7[15233:1006686208]: SO_REUSEADDR option set on
accept socket
2004.12.01 22:20:12 LOG7[15233:1006686208]: application bound to
127.0.0.1:666
2004.12.01 22:20:12 LOG7[15233:1006686208]: FD 8 in non-blocking mode
2004.12.01 22:20:12 LOG7[15233:1006686208]: FD 9 in non-blocking mode
2004.12.01 22:20:12 LOG7[15233:1006686208]: Created pid file
/var/run/stunnel.pid
It looks for me normal but i can not connect to this local port and i can
not seen the "stunnel" as an process in my "ps -al |grep stunnel". And there
is no error message or something like that. But when i try to connect to
this local adress 127.0.0.1:666 i get always an "lost connection".
Please tell me if my config-file is right?! So i know that the mistake must
be at the "application" and not in my stunnel.conf.
Thx for your help!
With Regards
Mario
-- 
GMX ProMail mit bestem Virenschutz http://www.gmx.net/de/go/mail
+++ Empfehlung der Redaktion +++ Internet Professionell 10/04 +++