[stunnel-users] Problem with stunnel 5.51
Carter Browne
cbcs at comcast.net
Wed May 8 20:47:03 CEST 2019
I received the following error trying to connect to a Windows host using
RDP. I use stunnel as a connection point with secure messages coming in
and then forwarded as secure messages going the desired end point.
Stunnel is running on all three systems, the originator, the relay, and
the destination. I have been using stunnel in this role for many
years. As an additional point, 5.51 did work properly in the same role
for secure telnet. The part of the log showing the failure is below.
Thanks,
Carter
Before
2019.05.03 15:44:02 LOG5[ui]: stunnel 5.50 on
armv7l-unknown-linux-gnueabihf platform
2019.05.03 15:44:02 LOG5[ui]: Compiled with OpenSSL 1.1.1a 20 Nov 2018
2019.05.03 15:44:02 LOG5[ui]: Running with OpenSSL 1.1.1b 26 Feb 2019
2019.05.03 15:44:02 LOG5[ui]: Threading:PTHREAD
Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.03 15:44:02 LOG5[ui]: Reading configuration from file
/etc/stunnel/stunnel.conf
2019.05.03 15:44:02 LOG5[ui]: UTF-8 byte order mark not detected
2019.05.03 15:44:02 LOG5[ui]: FIPS mode disabled
2019.05.03 15:44:52 LOG5[ui]: Configuration successful
2019.05.03 15:44:52 LOG5[ui]: Switched to chroot directory:
/var/run/stunnel/
...
2019.05.08 08:26:08 LOG5[980]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:63218
2019.05.08 08:26:09 LOG5[980]: Certificate accepted at depth=0: C=US,
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, CN=cbrowne-39,
emailAddress=cbrowne at cbcs-usa.com
2019.05.08 08:26:09 LOG5[981]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49180
2019.05.08 08:26:09 LOG5[980]: s_connect: connected 127.0.1.127:3389
2019.05.08 08:26:09 LOG5[981]: s_connect: connected 10.251.129.118:8001
2019.05.08 08:26:09 LOG5[981]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44796
2019.05.08 08:26:09 LOG5[980]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49180
2019.05.08 08:26:09 LOG5[981]: Certificate accepted at depth=0: C=US,
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS,
CN=cbrowne-13.cbcsnet.local, emailAddress=cbrowne at cbcs-usa.com
2019.05.08 08:26:23 LOG5[980]: Connection closed: 1615 byte(s) sent to
TLS, 1061 byte(s) sent to socket
2019.05.08 08:26:23 LOG5[981]: Connection closed: 1061 byte(s) sent to
TLS, 1615 byte(s) sent to socket
2019.05.08 08:26:23 LOG5[982]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:63243
2019.05.08 08:26:23 LOG5[983]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49184
2019.05.08 08:26:23 LOG5[982]: s_connect: connected 127.0.1.127:3389
2019.05.08 08:26:23 LOG5[982]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49184
2019.05.08 08:26:23 LOG5[983]: s_connect: connected 10.251.129.118:8001
2019.05.08 08:26:23 LOG5[983]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44800
After
2019.05.08 12:50:18 LOG5[ui]: stunnel 5.51 on
armv7l-unknown-linux-gnueabihf platform
2019.05.08 12:50:18 LOG5[ui]: Compiled/running with OpenSSL 1.1.1b 26
Feb 2019
2019.05.08 12:50:18 LOG5[ui]: Threading:PTHREAD
Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.08 12:50:18 LOG5[ui]: Reading configuration from file
/etc/stunnel/stunnel.conf
2019.05.08 12:50:18 LOG5[ui]: UTF-8 byte order mark not detected
2019.05.08 12:50:18 LOG5[ui]: FIPS mode disabled
2019.05.08 12:50:42 LOG5[ui]: Configuration successful
2019.05.08 12:51:01 LOG5[2]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:64139
2019.05.08 12:51:02 LOG5[2]: Certificate accepted at depth=0: C=US,
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, CN=cbrowne-39,
emailAddress=cbrowne at cbcs-usa.com
2019.05.08 12:51:02 LOG5[3]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49330
2019.05.08 12:51:02 LOG5[2]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:51:02 LOG5[2]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49330
2019.05.08 12:51:02 LOG5[3]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:51:02 LOG5[3]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44946
2019.05.08 12:51:02 LOG5[3]: Certificate accepted at depth=0: C=US,
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS,
CN=cbrowne-13.cbcsnet.local, emailAddress=cbrowne at cbcs-usa.com
2019.05.08 12:51:15 LOG5[2]: Connection closed: 1615 byte(s) sent to
TLS, 1061 byte(s) sent to socket
2019.05.08 12:51:15 LOG5[3]: Connection closed: 1061 byte(s) sent to
TLS, 1615 byte(s) sent to socket
2019.05.08 12:51:15 LOG5[4]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:64141
2019.05.08 12:51:15 LOG5[5]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49334
2019.05.08 12:51:15 LOG5[4]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:51:15 LOG5[4]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49334
2019.05.08 12:51:15 LOG5[5]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:51:15 LOG5[5]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44950
2019.05.08 12:51:18 LOG3[4]: transfer() loop executes not transferring
any data
2019.05.08 12:51:18 LOG3[4]: please report the problem to
Michal.Trojnara at stunnel.org
2019.05.08 12:51:18 LOG3[4]: stunnel 5.51 on
armv7l-unknown-linux-gnueabihf platform
2019.05.08 12:51:18 LOG3[4]: Compiled/running with OpenSSL 1.1.1b 26 Feb
2019
2019.05.08 12:51:18 LOG3[4]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.08 12:51:18 LOG3[4]: protocol=TLSv1.2, SSL_pending=0
2019.05.08 12:51:18 LOG3[4]: sock_open_rd=Y, sock_open_wr=Y
2019.05.08 12:51:18 LOG3[4]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n
2019.05.08 12:51:18 LOG3[4]: sock_can_rd=n, sock_can_wr=n
2019.05.08 12:51:18 LOG3[4]: ssl_can_rd=n, ssl_can_wr=n
2019.05.08 12:51:18 LOG3[4]: read_wants_read=Y, read_wants_write=n
2019.05.08 12:51:18 LOG3[4]: write_wants_read=n, write_wants_write=n
2019.05.08 12:51:18 LOG3[4]: shutdown_wants_read=n, shutdown_wants_write=n
2019.05.08 12:51:18 LOG3[4]: socket input buffer: 0 byte(s), TLS input
buffer: 0 byte(s)
2019.05.08 12:51:18 LOG5[4]: Connection reset: 2786 byte(s) sent to TLS,
5077 byte(s) sent to socket
2019.05.08 12:51:18 LOG5[5]: Connection closed: 5077 byte(s) sent to
TLS, 2989 byte(s) sent to socket
2019.05.08 12:52:03 LOG5[6]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:64144
2019.05.08 12:52:03 LOG5[6]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:52:03 LOG5[6]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49340
2019.05.08 12:52:03 LOG5[7]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49340
2019.05.08 12:52:03 LOG5[7]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:52:03 LOG5[7]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44956
2019.05.08 12:52:14 LOG5[6]: Connection closed: 1615 byte(s) sent to
TLS, 1061 byte(s) sent to socket
2019.05.08 12:52:14 LOG5[7]: Connection closed: 1061 byte(s) sent to
TLS, 1615 byte(s) sent to socket
2019.05.08 12:52:14 LOG5[8]: Service [c13alt-rdp] accepted connection
from 192.168.179.22:64147
2019.05.08 12:52:14 LOG5[9]: Service [cbrowne-13-rdp] accepted
connection from 127.0.0.1:49344
2019.05.08 12:52:14 LOG5[9]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:52:14 LOG5[9]: Service [cbrowne-13-rdp] connected remote
server from 10.251.129.84:44960
2019.05.08 12:52:14 LOG5[8]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:52:14 LOG5[8]: Service [c13alt-rdp] connected remote
server from 127.0.0.1:49344
2019.05.08 12:52:16 LOG3[8]: transfer() loop executes not transferring
any data
2019.05.08 12:52:16 LOG3[8]: please report the problem to
Michal.Trojnara at stunnel.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20190508/8a466cd6/attachment.html>
More information about the stunnel-users
mailing list