[stunnel-users] Clearer and Detailed version of the mail Stunnel for HTTP encription
LoopBack Inc
loopback87 at hotmail.com
Thu Jul 20 15:37:34 CEST 2006
Hello.
I rewrote some parts of the question, and illustrated it by a small ASCII
picture to clearifiy the whole situation.
I don't know why I haven't got a single answer, because over 350 people are
subscribed to the list, so
I hope that I'll get some help now.
It would be grateful.
I use SocksCap to forward the iexplore cnnections to another port, a port on
which stunnel listens.
On PC1, the client, stunnel is listening on port 500. So when I start
iexplore.exe with SocksCap every connection goes to 127.0.0.1:500.
PC1 connects to PC2, with
connect = 192.168.0.2:123
On PC2, the server, stunnel listens on port 500. then is connects to the
internet with
connect = 127.0.0.1:80.
Here is the problem, stunnel doesn't connect to the internet over
127.0.0.1:80.
I don't know why, but it doesnt.
---Stunnel.conf SERVER---
..
[inet]
accept = 127.0.0.1:123
connect = 127.0.0.1:80
---Stunnel.conf CLIENT---
..
[inet]
accept = 127.0.0.1:500
connect = 192.168.0.2:123
LOGs from the SERVER:
2006.07.18 16:56:07 LOG7[2332:2720]: inet accepted FD=208 from
192.168.0.1:2156
2006.07.18 16:56:07 LOG7[2332:2720]: Creating a new thread
2006.07.18 16:56:07 LOG7[2332:2720]: New thread created
2006.07.18 16:56:07 LOG7[2332:1880]: inet started
2006.07.18 16:56:07 LOG7[2332:1880]: FD 208 in non-blocking mode
2006.07.18 16:56:07 LOG5[2332:1880]: inet connected from 192.168.0.1:2156
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): before/accept
initialization
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 read client
hello A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write server
hello A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write change
cipher spec A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 write
finished A
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 flush data
2006.07.18 16:56:07 LOG7[2332:1880]: SSL state (accept): SSLv3 read finished
A
2006.07.18 16:56:07 LOG7[2332:1880]: 1 items in the session cache
2006.07.18 16:56:07 LOG7[2332:1880]: 0 client connects (SSL_connect())
2006.07.18 16:56:07 LOG7[2332:1880]: 0 client connects that finished
2006.07.18 16:56:07 LOG7[2332:1880]: 0 client renegotiations requested
2006.07.18 16:56:07 LOG7[2332:1880]: 7 server connects (SSL_accept())
2006.07.18 16:56:07 LOG7[2332:1880]: 7 server connects that finished
2006.07.18 16:56:07 LOG7[2332:1880]: 0 server renegotiations requested
2006.07.18 16:56:07 LOG7[2332:1880]: 5 session cache hits
2006.07.18 16:56:07 LOG7[2332:1880]: 1 session cache misses
2006.07.18 16:56:07 LOG7[2332:1880]: 1 session cache timeouts
2006.07.18 16:56:07 LOG6[2332:1880]: SSL accepted: previous session reused
2006.07.18 16:56:07 LOG7[2332:1880]: FD 244 in non-blocking mode
2006.07.18 16:56:07 LOG7[2332:1880]: inet connecting 127.0.0.1:80
2006.07.18 16:56:07 LOG7[2332:1880]: connect_wait: waiting 10 seconds
2006.07.18 16:56:07 LOG7[2332:1880]: connect_wait: connected
2006.07.18 16:56:07 LOG7[2332:1880]: Remote FD=244 initialized
After nothing happend for 52 seconds I aborted in the iexplore.exe to open
the page.
2006.07.18 16:56:59 LOG7[2332:1880]: SSL alert (read): warning: close notify
2006.07.18 16:56:59 LOG7[2332:1880]: SSL closed on SSL_read
2006.07.18 16:56:59 LOG7[2332:1880]: Socket write shutdown
2006.07.18 16:56:59 LOG7[2332:1880]: SSL write shutdown
2006.07.18 16:56:59 LOG7[2332:1880]: SSL alert (write): warning: close
notify
2006.07.18 16:56:59 LOG6[2332:1880]: SSL_shutdown successfully sent
close_notify
2006.07.18 16:56:59 LOG5[2332:1880]: Connection closed: 0 bytes sent to SSL,
3 bytes sent to socket
2006.07.18 16:56:59 LOG7[2332:1880]: inet finished (0 left)
LOGs from the CLIENT:
2006.07.18 17:10:11 LOG7[1756:4756]: inet accepted FD=444 from
127.0.0.1:2284
2006.07.18 17:10:11 LOG7[1756:4756]: Creating a new thread
2006.07.18 17:10:11 LOG7[1756:4756]: New thread created
2006.07.18 17:10:11 LOG7[1756:2840]: inet started
2006.07.18 17:10:11 LOG7[1756:2840]: FD 444 in non-blocking mode
2006.07.18 17:10:11 LOG7[1756:2840]: TCP_NODELAY option set on local socket
2006.07.18 17:10:11 LOG5[1756:2840]: inet connected from 127.0.0.1:2284
2006.07.18 17:10:11 LOG7[1756:2840]: FD 348 in non-blocking mode
2006.07.18 17:10:11 LOG7[1756:2840]: inet connecting 192.168.0.2:123
2006.07.18 17:10:11 LOG7[1756:2840]: connect_wait: waiting 10 seconds
2006.07.18 17:10:11 LOG7[1756:2840]: connect_wait: connected
2006.07.18 17:10:11 LOG7[1756:2840]: Remote FD=348 initialized
2006.07.18 17:10:11 LOG7[1756:2840]: TCP_NODELAY option set on remote socket
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): before/connect
initialization
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write client
hello A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 read server
hello A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 read
finished A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write change
cipher spec A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 write
finished A
2006.07.18 17:10:11 LOG7[1756:2840]: SSL state (connect): SSLv3 flush data
2006.07.18 17:10:11 LOG7[1756:2840]: 17 items in the session cache
2006.07.18 17:10:11 LOG7[1756:2840]: 65 client connects (SSL_connect())
2006.07.18 17:10:11 LOG7[1756:2840]: 65 client connects that finished
2006.07.18 17:10:11 LOG7[1756:2840]: 0 client renegotiations requested
2006.07.18 17:10:11 LOG7[1756:2840]: 0 server connects (SSL_accept())
2006.07.18 17:10:11 LOG7[1756:2840]: 0 server connects that finished
2006.07.18 17:10:11 LOG7[1756:2840]: 0 server renegotiations requested
2006.07.18 17:10:11 LOG7[1756:2840]: 48 session cache hits
2006.07.18 17:10:11 LOG7[1756:2840]: 0 session cache misses
2006.07.18 17:10:11 LOG7[1756:2840]: 0 session cache timeouts
2006.07.18 17:10:11 LOG6[1756:2840]: SSL connected: previous session reused
Nothing happendend, I aborted iexplore.exe
2006.07.18 17:10:25 LOG7[1756:2840]: Socket closed on read
2006.07.18 17:10:25 LOG7[1756:2840]: SSL write shutdown
2006.07.18 17:10:25 LOG7[1756:2840]: SSL alert (write): warning: close
notify
2006.07.18 17:10:25 LOG7[1756:2840]: SSL_shutdown retrying
2006.07.18 17:10:25 LOG7[1756:2840]: SSL doesn't need to read or write
2006.07.18 17:10:25 LOG7[1756:2840]: SSL alert (read): warning: close notify
2006.07.18 17:10:26 LOG7[1756:2840]: SSL closed on SSL_read
2006.07.18 17:10:26 LOG7[1756:2840]: Socket write shutdown
2006.07.18 17:10:26 LOG5[1756:2840]: Connection closed: 3 bytes sent to SSL,
0 bytes sent to socket
2006.07.18 17:10:26 LOG7[1756:2840]: inet finished (0 left)
So the problem is that stunnel doesn't connect to the internet on PC2.
I think i have to use something different than connect = 127.0.0.1:80 on
PC2, but not sure.
The version of stunnel is 4.15
I'm using Windows.
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Picture.txt
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20060720/a8561da7/attachment.txt>
More information about the stunnel-users
mailing list