[stunnel-users] Trying to Upgrade stunnel, but compile isn't working?

Michael D. Setzer II mikes at kuentos.guam.net
Sat Mar 30 14:39:10 CET 2013


I have been using stunnel for a long time, but was just trying to 
compile the latest version from source, and it compiles, but 
doesn't work like the older version, so I must have some option 
wrong. With the current version on my Fedora 14 machine using 
the latest version it loads the stunnel ports and works, but the 
newer version does seem to load or give an error message. 

I've tested the stunnel from Fedora 16 and Fedora 17, and they 
work fine with the stunnel.conf to load the settings.

Current version info from Fedora 14 system.

stunnel 4.34 on x86_64-redhat-linux-gnu with OpenSSL 
1.0.0e-fips 6 Sep 2011
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 
Auth:LIBWRAP
 
Global options
debug           = daemon.notice
pid             = /var/run/stunnel.pid
RNDbytes        = 64
RNDfile         = /dev/urandom
RNDoverwrite    = yes
 
Service-level options
cert            = /etc/stunnel/stunnel.pem
ciphers         = ALL:!aNULL:!eNULL:!SSLv2
curve           = sect163r2
session         = 300 seconds
stack           = 65536 bytes
sslVersion      = SSLv3 for client, all for server
TIMEOUTbusy     = 300 seconds
TIMEOUTclose    = 60 seconds
TIMEOUTconnect  = 10 seconds
TIMEOUTidle     = 43200 seconds
verify          = none

The new build does this.
stunnel 4.56 on x86_64-unknown-linux-gnu platform
Compiled/running with OpenSSL 1.0.0e-fips 6 Sep 2011
Threading:PTHREAD Sockets:POLL,IPv6 
SSL:ENGINE,OCSP,FIPS
 
Global options:
debug                  = daemon.notice
pid                    = /usr/local/var/run/stunnel/stunnel.pid
RNDbytes               = 64
RNDfile                = /dev/urandom
RNDoverwrite           = yes
 
Service-level options:
ciphers                = FIPS (with "fips = yes")
ciphers                = 
ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH (with "fips 
= no")
sessionCacheSize       = 1000
sessionCacheTimeout    = 300 seconds
sslVersion             = TLSv1 (with "fips = yes")
sslVersion             = TLSv1 for client, all for server (with "fips = 
no")
stack                  = 65536 bytes
TIMEOUTbusy            = 300 seconds
TIMEOUTclose           = 60 seconds
TIMEOUTconnect         = 10 seconds
TIMEOUTidle            = 43200 seconds
verify                 = none

Have also tried it with --disable-fips

With the new version I have to provide the 
/etc/stunnel/stunnel.conf, but it doesn't load any of the options.

Sure it is just a simple configure setting I am missing. 

Thanks.


+----------------------------------------------------------+
  Michael D. Setzer II -  Computer Science Instructor      
  Guam Community College  Computer Center                  
  mailto:mikes at kuentos.guam.net                            
  mailto:msetzerii at gmail.com
  http://www.guam.net/home/mikes
  Guam - Where America's Day Begins                        
  G4L Disk Imaging Project maintainer 
  http://sourceforge.net/projects/g4l/
+----------------------------------------------------------+

http://setiathome.berkeley.edu (Original)
Number of Seti Units Returned:  19,471
Processing time:  32 years, 290 days, 12 hours, 58 minutes
(Total Hours: 287,489)

BOINC at HOME CREDITS
SETI        14305761.074364   |   EINSTEIN    10610832.119852
ROSETTA      6726167.419674   |   ABC         15903532.519753




More information about the stunnel-users mailing list