[stunnel-users] inetd Solaris Stunnel 4.05
Kenneth Simpson
ken at MILitho.COM
Fri Nov 12 00:38:11 CET 2004
Hi - I'm trying to get stunnel 4.05 to work under inetd on a Solaris
x86 platform (and Solaris 8 on a SPARC platform.)
The IMAP and POP daemons are verison 2004 from UW (or UW 2001 on a SPARC.)
The IMAP client is Thunderbird 0.8.
I can connect to IMAP inetd service on port 143 with Thunderbird.
When I attempt to connect to IMAP on port 993, I'm presented a
self signed certificate, I click OK to accept it, then Thunderbird
just hangs.
There's no indication in IMAP log file that I've connected - and there
doesn't appear to be any indication in the stunnel log file that I've
been connected to the IMAP server either.
stunnel and the IMAP servers work in the standalone mode.
When stunnel is running under inetd, I can telnet to port 143 and port 993.
Any help would be greatly appreciated.
-- Ken
; stunnel -version
stunnel 4.05 on i386-pc-solaris2.8 FORK with OpenSSL 0.9.7d 17 Mar 2004
Global options
cert = /usr/stunnel/etc/stunnel/stunnel.pem
ciphers = ALL:!ADH:+RC4:@STRENGTH
debug = 5
key = /usr/stunnel/etc/stunnel/stunnel.pem
pid = /usr/stunnel/var/run/stunnel.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
session = 300 seconds
verify = none
Service-level options
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTidle = 43200 seconds; stunnel -sockets
Socket option defaults:
Option Accept Local Remote OS default
SO_DEBUG -- -- -- 0
SO_DONTROUTE -- -- -- 0
SO_KEEPALIVE -- -- -- 0
SO_LINGER -- -- -- 0:0
SO_OOBINLINE -- -- -- 0
SO_RCVBUF -- -- -- 32768
SO_SNDBUF -- -- -- 32768
SO_RCVLOWAT -- -- -- --
SO_SNDLOWAT -- -- -- --
SO_RCVTIMEO -- -- -- --
SO_SNDTIMEO -- -- -- --
SO_REUSEADDR 1 -- -- 0
IP_TOS -- -- -- 0
IP_TTL -- -- -- 64
TCP_NODELAY -- -- -- 0
; inetd.conf
#
imap stream tcp nowait root /usr/imap/sbin/in.imapd
/usr/imap/sbin/in.imapd
pop3 stream tcp nowait root /usr/imap/sbin/in.pop3d
/usr/imap/sbin/in.pop3d
#
imaps stream tcp nowait root /usr/stunnel/sbin/stunnel
/usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf
pop3s stream tcp nowait root /usr/stunnel/sbin/stunnel
/usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf
ssmtp stream tcp nowait root /usr/stunnel/sbin/stunnel
/usr/stunnel/sbin/stunnel /usr/stunnel/etc/stunnel.conf
; stunnel.conf
#
cert = /usr/openssl/certs/stunnel.pem
#chroot = /usr/stunnel/var/run/
#pid=/stunnel.pid
pid=
setuid = nobody
setgid = nogroup
debug = local2.7
output = /var/adm/log/stunnel
exec = /usr/imap/sbin/in.pop3d
execargs = /usr/imap/sbin/in.pop3d
exec = /usr/imap/sbin/in.imapd
execargs = /usr/imap/sbin/in.imapd
exec = /usr/lib/sendmail
execargs = /usr/lib/sendmail
#
# end stunnel.conf
#
; log file
2004.11.11 14:52:25 LOG5[7844:0]: stunnel 4.05 on i386-pc-solaris2.8
FORK with OpenSSL 0.9.7d 17 Mar 2004
2004.11.11 14:52:25 LOG7[7844:0]: Snagged 64 random bytes from /dev/urandom
2004.11.11 14:52:25 LOG7[7844:0]: RAND_status claims sufficient entropy
for the PRNG
2004.11.11 14:52:25 LOG6[7844:0]: PRNG seeded successfully
2004.11.11 14:52:25 LOG7[7844:0]: Certificate:
/usr/openssl/certs/stunnel.pem
2004.11.11 14:52:25 LOG7[7844:0]: Key file: /usr/openssl/certs/stunnel.pem
2004.11.11 14:52:25 LOG7[7844:0]: stunnel started
2004.11.11 14:52:25 LOG5[7844:0]: stunnel connected from 10.0.0.15:58715
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): before/accept
initialization
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 read client
hello A
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write server
hello A
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write
certificate A
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 write server
done A
2004.11.11 14:52:25 LOG7[7844:0]: SSL state (accept): SSLv3 flush data
2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 read client
key exchange A
2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 read finished A
2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 write change
cipher spec A
2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 write finished A
2004.11.11 14:52:26 LOG7[7844:0]: SSL state (accept): SSLv3 flush data
2004.11.11 14:52:26 LOG7[7844:0]: 1 items in the session cache
2004.11.11 14:52:26 LOG7[7844:0]: 0 client connects (SSL_connect())
2004.11.11 14:52:26 LOG7[7844:0]: 0 client connects that finished
2004.11.11 14:52:26 LOG7[7844:0]: 0 client renegotiatations requested
2004.11.11 14:52:26 LOG7[7844:0]: 1 server connects (SSL_accept())
2004.11.11 14:52:26 LOG7[7844:0]: 1 server connects that finished
2004.11.11 14:52:26 LOG7[7844:0]: 0 server renegotiatiations requested
2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache hits
2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache misses
2004.11.11 14:52:26 LOG7[7844:0]: 0 session cache timeouts
2004.11.11 14:52:26 LOG6[7844:0]: Negotiated ciphers:
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(2
56) Mac=SHA1
2004.11.11 14:52:26 LOG6[7844:0]: Local mode child started (PID=7845)
2004.11.11 14:52:26 LOG7[7844:0]: Remote FD=7 initialized
; netstat -nr | grep 143
*.143 *.* 0 0 32768 0 LISTEN
; netstat -nr | grep 993
*.993 *.* 0 0 32768 0 LISTEN
More information about the stunnel-users
mailing list