[stunnel-users] Windows config with both SSL listen andnon-SSLlisten
Paul Hethmon
Paul.Hethmon at callclareity.com
Wed Dec 7 15:12:05 CET 2005
Michal,
Ok, the next obvious questions then:
1. When is 4.15 expected?
2. If not in the next 7 days, what can I do to help?
I've done C/C++ and sockets for the last 10 years. I've looked at the
code briefly so far, but have not set up a build environment yet. I need
it in the next week so if there is any coding I can do which would help
you, let me know your thoughts and where to put stuff.
Also, just a public thanks for putting the package together. I started
coding my own a couple of days ago and then thought there must have been
someone else who just needed an SSL tunnel (and not a full blown SSH
setup).
Thanks,
Paul
-----Original Message-----
From: stunnel-users-bounces at mirt.net
[mailto:stunnel-users-bounces at mirt.net] On Behalf Of Michal Trojnara
Sent: Wednesday, December 07, 2005 9:03 AM
To: stunnel-users at mirt.net
Subject: RE: [stunnel-users] Windows config with both SSL listen
andnon-SSLlisten
Paul,
This feature is going to be supported in the next release (4.15).
Your config will look like this:
[inbound]
client = no
accept = 5102
connect = 5010
[outbound]
client = yes
accept = 5101
connect = x.x.x.x:5102
Best regards,
Mike
________________________________
From: stunnel-users-bounces at mirt.net
[mailto:stunnel-users-bounces at mirt.net]
On Behalf Of Paul Hethmon
Sent: Wednesday, December 07, 2005 2:50 PM
To: stunnel-users at mirt.net
Subject: [stunnel-users] Windows config with both SSL listen and
non-SSLlisten
I'm trying to set up using the Windows service the ability to listen in
SSL mode on one port (5102) and forward to non-SSL port (5010) and then
also listen on one port (5101) in non-SSL mode and forward to a remote
port
(5102) in SSL mode. What I have currently in the config is:
[inbound]
accept = 5102
connect = 5010
[outbound]
accept = 5101
connect = x.x.x.x:5102
The first STunnel example on the website talks about doing this, sort
of, but I don't see any options to specify on a service configuration
level whether the listen port is in SSL or non-SSL mode. The use of a
service name like [pop3] vs [pop3s] seems to imply a difference, but
I've got a custom application I'm trying to tunnel two way, not a
standard IETF service.
A perusal of the last year's mailing list archives didn't yield
anything. I guess the next step is to look at the source and see if it's
supported unless someone here can tell me one way or the other. If it's
not supported, I guess I'll add it in.
thanks,
Paul
Paul Hethmon
Senior Engineer
ClareityT Security
SAFEMLST Security Education, Consulting and Solutions
http://www.SAFEMLS.com <http://www.safemls.com/>
paul.hethmon at callclareity.com
work: 865.671.6630
cell: 865.250.3517
_______________________________________________
stunnel-users mailing list
stunnel-users at mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
More information about the stunnel-users
mailing list