[stunnel-users] Windows config with both SSL listen andnon-SSLlisten

Paul Hethmon Paul.Hethmon at callclareity.com
Wed Dec 7 15:12:05 CET 2005


Michal,

Ok, the next obvious questions then:

1. When is 4.15 expected?
2. If not in the next 7 days, what can I do to help?

I've done C/C++ and sockets for the last 10 years. I've looked at the
code briefly so far, but have not set up a build environment yet. I need
it in the next week so if there is any coding I can do which would help
you, let me know your thoughts and where to put stuff.

Also, just a public thanks for putting the package together. I started
coding my own a couple of days ago and then thought there must have been
someone else who just needed an SSL tunnel (and not a full blown SSH
setup).

Thanks,

Paul

-----Original Message-----
From: stunnel-users-bounces at mirt.net
[mailto:stunnel-users-bounces at mirt.net] On Behalf Of Michal Trojnara
Sent: Wednesday, December 07, 2005 9:03 AM
To: stunnel-users at mirt.net
Subject: RE: [stunnel-users] Windows config with both SSL listen
andnon-SSLlisten

Paul,

This feature is going to be supported in the next release (4.15).

Your config will look like this:

[inbound]
client = no
accept = 5102
connect = 5010
 
[outbound]
client = yes
accept = 5101
connect = x.x.x.x:5102

Best regards,
    Mike

________________________________

From: stunnel-users-bounces at mirt.net
[mailto:stunnel-users-bounces at mirt.net]
On Behalf Of Paul Hethmon
Sent: Wednesday, December 07, 2005 2:50 PM
To: stunnel-users at mirt.net
Subject: [stunnel-users] Windows config with both SSL listen and
non-SSLlisten


I'm trying to set up using the Windows service the ability to listen in
SSL mode on one port (5102) and forward to non-SSL port (5010) and then
also listen on one port (5101) in non-SSL mode and forward to a remote
port
(5102) in SSL mode. What I have currently in the config is:
 
[inbound]
accept = 5102
connect = 5010
 
[outbound]
accept = 5101
connect = x.x.x.x:5102
 
The first STunnel example on the website talks about doing this, sort
of, but I don't see any options to specify on a service configuration
level whether the listen port is in SSL or non-SSL mode. The use of a
service name like [pop3] vs [pop3s] seems to imply a difference, but
I've got a custom application I'm trying to tunnel two way, not a
standard IETF service.
 
A perusal of the last year's mailing list archives didn't yield
anything. I guess the next step is to look at the source and see if it's
supported unless someone here can tell me one way or the other. If it's
not supported, I guess I'll add it in.
 
thanks,
 
Paul
 
 
Paul Hethmon
Senior Engineer
ClareityT Security
SAFEMLST Security Education, Consulting and Solutions
http://www.SAFEMLS.com <http://www.safemls.com/>
paul.hethmon at callclareity.com
work: 865.671.6630
cell: 865.250.3517
 

_______________________________________________
stunnel-users mailing list
stunnel-users at mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users



More information about the stunnel-users mailing list