Stunnel 4.12 won't work with Openssl 0.98 - stunnel-users

5 Oct 2005


      Hi
I upgraded yesterday from stunnel 4.11 to 4.12, and i had a few problems...
Basically I have been unable to use latest libeay32.dll and
libssl32.dll versions (the one that comes with stunnel's installation
file).
I use stunnel to tunnel a thightvnc connection from my windows xp sp2
workstation to a couple of windows 2000 server machine on the opposite
side of the building.
At the moment i'm keeping 0.98 files on the server machines, 0.97f on
my client and it works
These are my stunnel.conf files
-----------------------------------client
CAfile = CAcert.pem
CApath = certificates
cert = client.pem
client = yes
verify = 3
debug = 7
output = stunnel.log
[vnc]
accept = 127.0.0.1:5900
connect = 192.168.1.252:443
[vnc2]
accept = 127.0.0.1:5899
connect = 192.168.1.254:443
----------------------------------------
-------------------------------server
CAfile = CAcert.pem
CApath = certificates
cert = server.pem
client = no
verify = 3
debug = 7
output = stunnel.log
[vnc]
accept = 443
connect = 127.0.0.1:5900
--------------------------------------
And this is what i found in my log files after every connection attempt
-----------------------------------client
2005.10.05 09:50:21 LOG5[3880:3960]: stunnel 4.12 on
x86-pc-mingw32-gnu WIN32+SELECT+IPv6 with OpenSSL 0.9.8 05 Jul 2005
2005.10.05 09:50:21 LOG7[3880:3964]: RAND_status claims sufficient
entropy for the PRNG
2005.10.05 09:50:21 LOG6[3880:3964]: PRNG seeded successfully
2005.10.05 09:50:21 LOG7[3880:3964]: Certificate: client.pem
2005.10.05 09:50:21 LOG7[3880:3964]: Key file: client.pem
2005.10.05 09:50:21 LOG7[3880:3964]: Loaded verify certificates from CAcert.pem
2005.10.05 09:50:21 LOG7[3880:3964]: Verify directory set to certificates
2005.10.05 09:50:21 LOG5[3880:3964]: Peer certificate location certificates
2005.10.05 09:50:21 LOG5[3880:3964]: No limit detected for the number of clients
2005.10.05 09:50:21 LOG7[3880:3964]: FD 164 in non-blocking mode
2005.10.05 09:50:21 LOG7[3880:3964]: SO_REUSEADDR option set on accept socket
2005.10.05 09:50:21 LOG7[3880:3964]: vnc bound to 127.0.0.1:5900
2005.10.05 09:50:21 LOG7[3880:3964]: FD 168 in non-blocking mode
2005.10.05 09:50:21 LOG7[3880:3964]: SO_REUSEADDR option set on accept socket
2005.10.05 09:50:21 LOG7[3880:3964]: vnc2 bound to 127.0.0.1:5899
2005.10.05 09:50:30 LOG7[3880:3964]: vnc accepted FD=176 from 127.0.0.1:1351
2005.10.05 09:50:30 LOG7[3880:3964]: Creating a new thread
2005.10.05 09:50:30 LOG7[3880:3964]: New thread created
2005.10.05 09:50:30 LOG7[3880:388]: vnc started
2005.10.05 09:50:30 LOG7[3880:388]: FD 176 in non-blocking mode
2005.10.05 09:50:30 LOG5[3880:388]: vnc connected from 127.0.0.1:1351
2005.10.05 09:50:30 LOG7[3880:388]: FD 200 in non-blocking mode
2005.10.05 09:50:30 LOG7[3880:388]: vnc connecting 192.168.1.252:443
2005.10.05 09:50:30 LOG7[3880:388]: connect_wait: waiting 10 seconds
2005.10.05 09:50:30 LOG7[3880:388]: connect_wait: connected
2005.10.05 09:50:30 LOG7[3880:388]: Remote FD=200 initialized
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect):
before/connect initialization
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 write
client hello A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 read
server hello A
2005.10.05 09:50:30 LOG5[3880:388]: VERIFY OK: depth=1,
/C=IT/ST=Trentino/L=Trento/O=ATAS onlus/OU=Atas
Trento/CN=VNC/emailAddress=tecnico@atas.tn.it
2005.10.05 09:50:30 LOG5[3880:388]: VERIFY OK: depth=0,
/C=IT/ST=Trentino/L=Trento/O=ATAS onlus/OU=Atas
Trento/CN=VNC_server/emailAddress=tecnico@atas.tn.it
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 read
server certificate A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 read
server certificate request A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 read
server done A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 write
client certificate A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 write
client key exchange A
2005.10.05 09:50:30 LOG7[3880:388]: SSL state (connect): SSLv3 write
certificate verify A
-----------------------------------
-----------------------------------server
2005.10.04 10:49:50 LOG5[2480:2760]: stunnel 4.12 on
x86-pc-mingw32-gnu WIN32+SELECT+IPv4 with OpenSSL 0.9.8 05 Jul 2005
2005.10.04 10:49:51 LOG7[2480:2824]: RAND_status claims sufficient
entropy for the PRNG
2005.10.04 10:49:51 LOG6[2480:2824]: PRNG seeded successfully
2005.10.04 10:49:51 LOG7[2480:2824]: Certificate: server.pem
2005.10.04 10:49:51 LOG7[2480:2824]: Key file: server.pem
2005.10.04 10:49:51 LOG7[2480:2824]: Loaded verify certificates from CAcert.pem
2005.10.04 10:49:51 LOG7[2480:2824]: Verify directory set to certificates
2005.10.04 10:49:51 LOG5[2480:2824]: Peer certificate location certificates
2005.10.04 10:49:51 LOG5[2480:2824]: No limit detected for the number of clients
2005.10.04 10:49:51 LOG7[2480:2824]: FD 864 in non-blocking mode
2005.10.04 10:49:51 LOG7[2480:2824]: SO_REUSEADDR option set on accept socket
2005.10.04 10:49:51 LOG7[2480:2824]: vnc bound to 0.0.0.0:443
2005.10.04 10:51:00 LOG7[2480:2824]: vnc accepted FD=852 from
192.168.1.250:13545
2005.10.04 10:51:00 LOG7[2480:2824]: Creating a new thread
2005.10.04 10:51:00 LOG7[2480:2824]: New thread created
2005.10.04 10:51:00 LOG7[2480:2740]: vnc started
2005.10.04 10:51:00 LOG7[2480:2740]: FD 852 in non-blocking mode
2005.10.04 10:51:00 LOG5[2480:2740]: vnc connected from 192.168.1.250:13545
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): before/accept
initialization
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): SSLv3 read
client hello A
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): SSLv3 write
server hello A
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): SSLv3 write
certificate A
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): SSLv3 write
certificate request A
2005.10.04 10:51:00 LOG7[2480:2740]: SSL state (accept): SSLv3 flush data
2005.10.04 10:51:00 LOG3[2480:2740]: SSL_accept: Peer suddenly disconnected
2005.10.04 10:51:00 LOG7[2480:2740]: vnc finished (0 left)
-----------------------------------
Am i doing soething wrong?
Thanks in advance
Luca