I have a winXP machine which should connect to a linux samba. Everything installed following http://wiki.netbsd.se/index.php/How_to_secure_samba_with_stunnel
but it don't connect. I have both loglevels set to 7, and as serverlog don't change I thing the error is at clientside. stunnel.conf is:
client=yes debug = 7 [smb] accept=222.222.222.222:139 connect=85.48.253.144:8888
And the client log is:
2007.11.27 12:46:58 LOG7[3716:720]: RAND_status claims sufficient entropy for the PRNG 2007.11.27 12:46:58 LOG7[3716:720]: PRNG seeded successfully 2007.11.27 12:46:58 LOG7[3716:720]: Certificate: stunnel.pem 2007.11.27 12:46:58 LOG7[3716:720]: Certificate loaded 2007.11.27 12:46:58 LOG7[3716:720]: Key file: stunnel.pem 2007.11.27 12:46:58 LOG7[3716:720]: Private key loaded 2007.11.27 12:46:58 LOG7[3716:720]: SSL context initialized for service smb 2007.11.27 12:46:58 LOG5[3716:720]: stunnel 4.21 on x86-pc-mingw32-gnu with OpenSSL 0.9.8g 19 Oct 2007 2007.11.27 12:46:58 LOG5[3716:720]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6 2007.11.27 12:46:58 LOG5[3716:3292]: No limit detected for the number of clients 2007.11.27 12:46:59 LOG7[3716:3292]: FD 216 in non-blocking mode 2007.11.27 12:46:59 LOG7[3716:3292]: SO_REUSEADDR option set on accept socket 2007.11.27 12:46:59 LOG7[3716:3292]: smb bound to 222.222.222.222:139 2007.11.27 12:47:15 LOG7[3716:3292]: smb accepted FD=248 from 88.31.107.217:1625 2007.11.27 12:47:15 LOG7[3716:3292]: Creating a new thread 2007.11.27 12:47:15 LOG7[3716:3292]: New thread created 2007.11.27 12:47:15 LOG7[3716:4028]: smb started 2007.11.27 12:47:15 LOG7[3716:4028]: FD 248 in non-blocking mode 2007.11.27 12:47:15 LOG7[3716:4028]: TCP_NODELAY option set on local socket 2007.11.27 12:47:15 LOG5[3716:4028]: smb accepted connection from 88.31.107.217:1625 2007.11.27 12:47:15 LOG7[3716:4028]: FD 272 in non-blocking mode 2007.11.27 12:47:15 LOG7[3716:4028]: smb connecting 85.48.253.144:8888 2007.11.27 12:47:15 LOG7[3716:4028]: connect_wait: waiting 10 seconds 2007.11.27 12:47:25 LOG7[3716:3292]: smb accepted FD=308 from 88.31.107.217:1628 2007.11.27 12:47:25 LOG7[3716:3292]: Creating a new thread 2007.11.27 12:47:25 LOG7[3716:3292]: New thread created 2007.11.27 12:47:25 LOG7[3716:3012]: smb started 2007.11.27 12:47:25 LOG7[3716:3012]: FD 308 in non-blocking mode 2007.11.27 12:47:25 LOG7[3716:3012]: TCP_NODELAY option set on local socket 2007.11.27 12:47:25 LOG5[3716:3012]: smb accepted connection from 88.31.107.217:1628 2007.11.27 12:47:25 LOG7[3716:3012]: FD 340 in non-blocking mode 2007.11.27 12:47:25 LOG7[3716:3012]: smb connecting 85.48.253.144:8888 2007.11.27 12:47:25 LOG7[3716:3012]: connect_wait: waiting 10 seconds 2007.11.27 12:47:25 LOG6[3716:4028]: connect_wait: s_poll_wait timeout 2007.11.27 12:47:25 LOG5[3716:4028]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.11.27 12:47:25 LOG7[3716:4028]: smb finished (1 left) 2007.11.27 12:47:35 LOG6[3716:3012]: connect_wait: s_poll_wait timeout 2007.11.27 12:47:35 LOG5[3716:3012]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.11.27 12:47:35 LOG7[3716:3012]: smb finished (0 left)
Where is the problem?
Thanks
Quoting webmaster@escoltesiguies.cat:
I have a winXP machine which should connect to a linux samba. Everything installed following http://wiki.netbsd.se/index.php/How_to_secure_samba_with_stunnel ...
I have checked and stunnel4 was failing to run, now it starts correctly but it don't establish the connection:
server-config: #### Simple stunnel configuration for a secure samba setup ####
; Some debugging stuff useful for troubleshooting debug = 7 output = /var/log/stunnel4/stunnel.log # OpenSSL certificate ;cert = /usr/pkg/etc/stunnel/stunnel.pem # Run chrooted as nobody chroot = /var/run/stunnel4 setuid = nobody setgid = nogroup # This file is created after chrooting pid = /var/lock/stunnel.pid # Accept connections on port 800, on any interface [smb] accept = 0.0.0.0:8888 # instead of port 139, port 445 will also work, unless you're using Mac OS X clients connect = localhost:139
server-log: 2007.11.27 13:28:14 LOG5[3103:3082884800]: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP with OpenSSL 0.9.8a 11 Oct 2005 2007.11.27 13:28:14 LOG4[3103:3082884800]: Wrong permissions on /etc/stunnel/stunnel.pem 2007.11.27 13:28:14 LOG7[3103:3082884800]: Snagged 64 random bytes from /root/.rnd 2007.11.27 13:28:14 LOG7[3103:3082884800]: Wrote 1024 new random bytes to /root/.rnd 2007.11.27 13:28:14 LOG7[3103:3082884800]: RAND_status claims sufficient entropy for the PRNG 2007.11.27 13:28:14 LOG6[3103:3082884800]: PRNG seeded successfully 2007.11.27 13:28:14 LOG7[3103:3082884800]: Certificate: /etc/stunnel/stunnel.pem 2007.11.27 13:28:14 LOG7[3103:3082884800]: Key file: /etc/stunnel/stunnel.pem 2007.11.27 13:28:16 LOG6[3103:3082884800]: file ulimit = 1024 (can be changed with 'ulimit -n') 2007.11.27 13:28:16 LOG6[3103:3082884800]: poll() used - no FD_SETSIZE limit for file descriptors 2007.11.27 13:28:16 LOG5[3103:3082884800]: 500 clients allowed 2007.11.27 13:28:16 LOG7[3103:3082884800]: FD 4 in non-blocking mode 2007.11.27 13:28:16 LOG7[3103:3082884800]: FD 5 in non-blocking mode 2007.11.27 13:28:16 LOG7[3103:3082884800]: FD 6 in non-blocking mode 2007.11.27 13:28:16 LOG7[3103:3082884800]: SO_REUSEADDR option set on accept socket 2007.11.27 13:28:16 LOG7[3103:3082884800]: smb bound to 0.0.0.0:8888 2007.11.27 13:28:16 LOG7[3104:3082884800]: Created pid file /var/lock/stunnel.pid
-
webmaster@escoltesiguies.cat