[stunnel-users] Clearer and Detailed version of the mail Stunnel for HTTP encription

LoopBack Inc loopback87 at hotmail.com
Thu Jul 20 15:37:34 CEST 2006 

Hello.
I rewrote some parts of the question, and illustrated it by a small ASCII 
picture to clearifiy the whole situation.
I don't know why I haven't got  a single answer, because over 350 people are 
subscribed to the list, so
I hope that I'll get some help now.
It would be grateful.

I use SocksCap to forward the iexplore cnnections to another port, a port on 
which stunnel listens.

On PC1, the client, stunnel is listening on port 500. So when I start 
iexplore.exe with SocksCap every connection goes to 127.0.0.1:500.
PC1 connects to PC2, with
connect = 192.168.0.2:123

On PC2, the server, stunnel listens on port 500. then is connects to the 
internet with
connect = 127.0.0.1:80.


Here is the problem, stunnel doesn't connect to the internet over 
127.0.0.1:80.
I don't know why, but it doesnt.


---Stunnel.conf SERVER---
..
[inet]
accept = 127.0.0.1:123
connect = 127.0.0.1:80

---Stunnel.conf CLIENT---
..
[inet]
accept = 127.0.0.1:500
connect = 192.168.0.2:123



LOGs from the SERVER:

2006.07.18 16:56:07 LOG7[2332:2720]: inet accepted FD=208 from 
192.168.0.1:2156
2006.07.18 16:56:07 LOG7[2332:2720]: Creating a new thread
2006.07.18 16:56:07 LOG7[2332:2720]: New thread created
2006.07.18 16:56:07 LOG7[2332:1880]: inet started
2006.07.18 16:56:07 LOG7[2332:1880]: FD 208 in non-blocking mode
2006.07.18 16:56:07 LOG5[2332:1880]: inet connected from 192.168.0.1:2156
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): before/accept 
initialization
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 read client 
hello A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write server 
hello A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write change 
cipher spec A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write 
finished A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 flush data
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 read finished 
A
2006.07.18 16:56:07 LOG7[2332:1880]:    1 items in the session cache
2006.07.18 16:56:07 LOG7[2332:1880]:    0 client connects (SSL_connect())
2006.07.18 16:56:07 LOG7[2332:1880]:    0 client connects that finished
2006.07.18 16:56:07 LOG7[2332:1880]:    0 client renegotiations requested
2006.07.18 16:56:07 LOG7[2332:1880]:    7 server connects (SSL_accept())
2006.07.18 16:56:07 LOG7[2332:1880]:    7 server connects that finished
2006.07.18 16:56:07 LOG7[2332:1880]:    0 server renegotiations requested
2006.07.18 16:56:07 LOG7[2332:1880]:    5 session cache hits
2006.07.18 16:56:07 LOG7[2332:1880]:    1 session cache misses
2006.07.18 16:56:07 LOG7[2332:1880]:    1 session cache timeouts
2006.07.18 16:56:07 LOG6[2332:1880]: SSL accepted: previous session reused
2006.07.18 16:56:07 LOG7[2332:1880]: FD 244 in non-blocking mode
2006.07.18 16:56:07 LOG7[2332:1880]: inet connecting 127.0.0.1:80
2006.07.18 16:56:07 LOG7[2332:1880]: connect_wait: waiting 10 seconds
2006.07.18 16:56:07 LOG7[2332:1880]: connect_wait: connected
2006.07.18 16:56:07 LOG7[2332:1880]: Remote FD=244 initialized

After nothing happend for 52 seconds I aborted in the iexplore.exe to open 
the page.

2006.07.18 16:56:59 LOG7[2332:1880]: SSL alert (read): warning: close notify
2006.07.18 16:56:59 LOG7[2332:1880]: SSL closed on SSL_read
2006.07.18 16:56:59 LOG7[2332:1880]: Socket write shutdown
2006.07.18 16:56:59 LOG7[2332:1880]: SSL write shutdown
2006.07.18 16:56:59 LOG7[2332:1880]: SSL alert (write): warning: close 
notify
2006.07.18 16:56:59 LOG6[2332:1880]: SSL_shutdown successfully sent 
close_notify
2006.07.18 16:56:59 LOG5[2332:1880]: Connection closed: 0 bytes sent to SSL, 
3 bytes sent to socket
2006.07.18 16:56:59 LOG7[2332:1880]: inet finished (0 left)




LOGs from the CLIENT:

2006.07.18 17:10:11 LOG7[1756:4756]: inet accepted FD=444 from 
127.0.0.1:2284
2006.07.18 17:10:11 LOG7[1756:4756]: Creating a new thread
2006.07.18 17:10:11 LOG7[1756:4756]: New thread created
2006.07.18 17:10:11 LOG7[1756:2840]: inet started
2006.07.18 17:10:11 LOG7[1756:2840]: FD 444 in non-blocking mode
2006.07.18 17:10:11 LOG7[1756:2840]: TCP_NODELAY option set on local socket
2006.07.18 17:10:11 LOG5[1756:2840]: inet connected from 127.0.0.1:2284
2006.07.18 17:10:11 LOG7[1756:2840]: FD 348 in non-blocking mode
2006.07.18 17:10:11 LOG7[1756:2840]: inet connecting 192.168.0.2:123
2006.07.18 17:10:11 LOG7[1756:2840]: connect_wait: waiting 10 seconds
2006.07.18 17:10:11 LOG7[1756:2840]: connect_wait: connected
2006.07.18 17:10:11 LOG7[1756:2840]: Remote FD=348 initialized
2006.07.18 17:10:11 LOG7[1756:2840]: TCP_NODELAY option set on remote socket
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): before/connect 
initialization
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write client 
hello A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 read server 
hello A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 read 
finished A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write change 
cipher spec A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write 
finished A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 flush data
2006.07.18 17:10:11 LOG7[1756:2840]:   17 items in the session cache
2006.07.18 17:10:11 LOG7[1756:2840]:   65 client connects (SSL_connect())
2006.07.18 17:10:11 LOG7[1756:2840]:   65 client connects that finished
2006.07.18 17:10:11 LOG7[1756:2840]:    0 client renegotiations requested
2006.07.18 17:10:11 LOG7[1756:2840]:    0 server connects (SSL_accept())
2006.07.18 17:10:11 LOG7[1756:2840]:    0 server connects that finished
2006.07.18 17:10:11 LOG7[1756:2840]:    0 server renegotiations requested
2006.07.18 17:10:11 LOG7[1756:2840]:   48 session cache hits
2006.07.18 17:10:11 LOG7[1756:2840]:    0 session cache misses
2006.07.18 17:10:11 LOG7[1756:2840]:    0 session cache timeouts
2006.07.18 17:10:11 LOG6[1756:2840]: SSL connected: previous session reused

Nothing happendend, I aborted iexplore.exe

2006.07.18 17:10:25 LOG7[1756:2840]: Socket closed on read
2006.07.18 17:10:25 LOG7[1756:2840]: SSL write shutdown
2006.07.18 17:10:25 LOG7[1756:2840]: SSL alert (write): warning: close 
notify
2006.07.18 17:10:25 LOG7[1756:2840]: SSL_shutdown retrying
2006.07.18 17:10:25 LOG7[1756:2840]: SSL doesn't need to read or write
2006.07.18 17:10:25 LOG7[1756:2840]: SSL alert (read): warning: close notify
2006.07.18 17:10:26 LOG7[1756:2840]: SSL closed on SSL_read
2006.07.18 17:10:26 LOG7[1756:2840]: Socket write shutdown
2006.07.18 17:10:26 LOG5[1756:2840]: Connection closed: 3 bytes sent to SSL, 
0 bytes sent to socket
2006.07.18 17:10:26 LOG7[1756:2840]: inet finished (0 left)



So the problem is that stunnel doesn't connect to the internet on PC2.
I think i have to use something different than connect = 127.0.0.1:80 on 
PC2, but not sure.

The version of stunnel is 4.15
I'm using Windows.

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Picture.txt
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20060720/a8561da7/attachment.txt>

More information about the stunnel-users mailing list