I have several client applications running on win machine, connecting to the same server, or sometimes to different servers.
ver. 4.2 allowed me to do the following: modify .conf file to [my_section] accept=5566 connect 123.22.33.44:5005; then run stunnel.exe; modify .conf file to [my_section] accept=5567 connect 456.22.33.44:5006; then run stunnel.exe.
That would start 2 stunnel.exe processes, each one handling its own connection; which were easy to close when each respective client app closed - each one would close the one it started.
Now with 4.5 version: the single stunnel.exe process runs and is able to handle all communications perfectly, provided I prepare .conf file for all possible connections in advance, before starting stunnel.
The problem I cannot solve easily is how not to leave stunnel running after client logged out of all the applications. Without building something to keep track of "stunnels users" count, how could I do it?
Is there some way to switch to multiple instances mode? Please advise.
Larisa
larisa_y wrote:
The problem I cannot solve easily is how not to leave stunnel running after client logged out of all the applications.
Why exactly you need "not to leave stunnel running"? http://catb.org/~esr/faqs/smart-questions.html#goal
Mike
Michal Trojnara wrote:
larisa_y wrote:
The problem I cannot solve easily is how not to leave stunnel running after client logged out of all the applications.
Why exactly you need "not to leave stunnel running"? http://catb.org/~esr/faqs/smart-questions.html#goal
Mike
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Oh, I probably phrased it incorrectly. I do not really need to shut down all of the stunnel, but I want to "unchannel" ports I connected. In 4.2 version I could just kill that one instance.
1. I do not want to leave a port rerouted to a previously connected server, especially after application is closed and there is no visual indication for the user that something is going on. My app was the one who opened it, so I guess it is basically a clean-up. 2.I do not see a way to reuse this port to connect to another server/port unless I stop/start stunnel.
Or maybe I should ask another question: is there a way to reload .conf file while stunnel is running? I see a menu item, but can I do it programmatically? Thank you for your help.
larisa_y wrote:
Or maybe I should ask another question: is there a way to reload .conf file while stunnel is running? I see a menu item, but can I do it programmatically?
This is precisely the way to do it in the new architecture. "stunnel - reload" option is on the roadmap of stunnel. My plan is to implement it in 2012.
You may wish to sponsor this feature in order to get it faster. The basic infrastructure (signal pipe) is already implemented, so it won't be a huge task.
Please review the ChangeLog for other features marked as "sponsored": http://www.stunnel.org/?page=sdf_ChangeLog
Mike
Michal Trojnara wrote:
larisa_y wrote:
Or maybe I should ask another question: is there a way to reload .conf file while stunnel is running? I see a menu item, but can I do it programmatically?
This is precisely the way to do it in the new architecture. "stunnel - reload" option is on the roadmap of stunnel. My plan is to implement it in 2012.
You may wish to sponsor this feature in order to get it faster. The basic infrastructure (signal pipe) is already implemented, so it won't be a huge task.
Please review the ChangeLog for other features marked as "sponsored": http://www.stunnel.org/?page=sdf_ChangeLog
Mike
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Thanks! Could you tell me starting which version the new behaviour was implemented? (single process architecture) I tried the changelog but could not really identify the item.
larisa_y wrote:
Could you tell me starting which version the new behaviour was implemented? (single process architecture) I tried the changelog but could not really identify the item.
The implementation of this change started with stunnel 4.40 with new "stunnel -exit" option. The last version fully supporting multiple processes is 4.39.
Please be aware of security risks related to using obsolete versions of OpenSSL. Some Win32 GUI features are also unstable until version 4.50.
Mike
Mike, thank you very much for all the explanations. I will consider my options. Larisa
Larisa,
I compiled stunnel-4.39 against OpenSSL 0.9.8s. Let me know if you are interested in the binaries.
Regards Jose
________________________________ From: Michal Trojnara Michal.Trojnara@mirt.net To: Stunnel Users Mailing List stunnel-users@mirt.net Sent: Tuesday, January 17, 2012 5:08 PM Subject: Re: [stunnel-users] ver 4.5 VS 4.2: running single process now, how to close when all client apps closed?
larisa_y wrote:
Could you tell me starting which version the new behaviour was implemented? (single process architecture) I tried the changelog but could not really identify the item.
The implementation of this change started with stunnel 4.40 with new "stunnel -exit" option. The last version fully supporting multiple processes is 4.39.
Please be aware of security risks related to using obsolete versions of OpenSSL. Some Win32 GUI features are also unstable until version 4.50.
Mike
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
Jose Alf. -
larisa_y -
Michal Trojnara