[stunnel-users] Help please - debug and random file

Fri Sep 29 22:23:27 CEST 2006

Hello everyone.

I have not been on the list for a long time.  I last compiled openssl 
and stunnel in 2000 or so and have been using the same code ever 
since.  I use it very simply in client mode ... I have an application 
to authorize credit cards and it connect to stunnel in inetd mode 
(with -c in the command line).

visanet is now requiring version 2 SSL so I have to change so I got 
all the new stuff and compiled it up and made a .conf file.

I have two problems (for now :-) ):
         1) No matter what I do it seems that at least some debug is 
coming back through the socket, and no debug is going to my debug file
         2) The debug I am getting is very strange -- the first time 
it says "Snagged 64 from bytes from stunnel.rnd"  The second time it 
says "Unable to retrieve any random data from stunnel.rnd"  When I 
examine the file it has a current date and zero bytes.  If I copy 
back my old (2000) stunnel.rnd it always reads once, and then writes 
it back out with zero bytes.

I am AIX 4.3.3 and I compiled with xlc and the only option I used 
that was not default was to not link in the wrappers.  I did get a 
ton of warnings that the "-pthreaded" option was not valid ... but it 
executes and responds so I am not sure that matters?  Or should I do 
something (what?) about that?

My configuration files for the service (visanet) is:

output = /tmp/stunnel.log
debug = 7
RNDfile = /visanet/ssl/stunnel.rnd
[visanet]
client = yes
connect = ssllab.pgs.wcom.net:443
sslVersion = SSLv2
protocol = smtp
cert = /viasanet/ssl/stunnel.pem

The rnd file and cert file are from 2000 (old old old!).  I would 
have expected a file /tmp/stunnel.log -- the file is not even created!

The old inetd line was:

(blah blah)  stunnel -r ssllab.pgs.wcom.net:443 -c -R 
/visanet/sslold/stunnel.rnd

What stupid thing am I doing wrong?  Does anyone else have experience 
using stunnel with visanet and can they give me any pointers?

Thanks!

Eric

This email sent by:

Eric S. Eberhard
(928) 567-3727          Voice
(928) 567-6122          Fax

928-301-7537 -- you may call any time day or night, I turn it off 
when I sleep :-)  Please try to use a land line first (reception often poor).

Note the change in the domain from vicspdi.com to vicsmba.com !!!!

For Metropolis support and VICS MBA Support!!!!

http://www.vicsmba.com

Completely updated web site of personal pictures with many new 
pictures!  Includes horses, dogs, Corvairs, and more.

http://www.vicsmba.com/ourpics/index.html

Corvair pictures including the Judson setup on our 62 Sedan and lots 
of pictures of Cheryl's 62 Monza Wagon and our 62 Spyder convertible.

http://www.vicsmba.com/ourpics/corvairs.html

My younger brother Martin has started a very serious car company.  A 
hot rod (very fast) electric roadster is the first offering.  The 
chassis is built by Lotus to their specs.  Check it 
out:  http://www.teslamotors.com