[stunnel-users] Problem with stunnel 5.51

Carter Browne cbcs at comcast.net
Wed May 8 20:47:03 CEST 2019 

I received the following error trying to connect to a Windows host using 
RDP.  I use stunnel as a connection point with secure messages coming in 
and then forwarded as secure messages going the desired end point.  
Stunnel is running on all three systems, the originator, the relay, and 
the destination.  I have been using stunnel in this role for many 
years.  As an additional point, 5.51 did work properly in the same role 
for secure telnet.  The part of the log showing the failure is below.

Thanks,
Carter

Before
2019.05.03 15:44:02 LOG5[ui]: stunnel 5.50 on 
armv7l-unknown-linux-gnueabihf platform
2019.05.03 15:44:02 LOG5[ui]: Compiled with OpenSSL 1.1.1a  20 Nov 2018
2019.05.03 15:44:02 LOG5[ui]: Running  with OpenSSL 1.1.1b  26 Feb 2019
2019.05.03 15:44:02 LOG5[ui]: Threading:PTHREAD 
Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.03 15:44:02 LOG5[ui]: Reading configuration from file 
/etc/stunnel/stunnel.conf
2019.05.03 15:44:02 LOG5[ui]: UTF-8 byte order mark not detected
2019.05.03 15:44:02 LOG5[ui]: FIPS mode disabled
2019.05.03 15:44:52 LOG5[ui]: Configuration successful
2019.05.03 15:44:52 LOG5[ui]: Switched to chroot directory: 
/var/run/stunnel/
...
2019.05.08 08:26:08 LOG5[980]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:63218
2019.05.08 08:26:09 LOG5[980]: Certificate accepted at depth=0: C=US, 
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, CN=cbrowne-39, 
emailAddress=cbrowne at cbcs-usa.com
2019.05.08 08:26:09 LOG5[981]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49180
2019.05.08 08:26:09 LOG5[980]: s_connect: connected 127.0.1.127:3389
2019.05.08 08:26:09 LOG5[981]: s_connect: connected 10.251.129.118:8001
2019.05.08 08:26:09 LOG5[981]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44796
2019.05.08 08:26:09 LOG5[980]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49180
2019.05.08 08:26:09 LOG5[981]: Certificate accepted at depth=0: C=US, 
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, 
CN=cbrowne-13.cbcsnet.local, emailAddress=cbrowne at cbcs-usa.com
2019.05.08 08:26:23 LOG5[980]: Connection closed: 1615 byte(s) sent to 
TLS, 1061 byte(s) sent to socket
2019.05.08 08:26:23 LOG5[981]: Connection closed: 1061 byte(s) sent to 
TLS, 1615 byte(s) sent to socket
2019.05.08 08:26:23 LOG5[982]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:63243
2019.05.08 08:26:23 LOG5[983]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49184
2019.05.08 08:26:23 LOG5[982]: s_connect: connected 127.0.1.127:3389
2019.05.08 08:26:23 LOG5[982]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49184
2019.05.08 08:26:23 LOG5[983]: s_connect: connected 10.251.129.118:8001
2019.05.08 08:26:23 LOG5[983]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44800
After
2019.05.08 12:50:18 LOG5[ui]: stunnel 5.51 on 
armv7l-unknown-linux-gnueabihf platform
2019.05.08 12:50:18 LOG5[ui]: Compiled/running with OpenSSL 1.1.1b  26 
Feb 2019
2019.05.08 12:50:18 LOG5[ui]: Threading:PTHREAD 
Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.08 12:50:18 LOG5[ui]: Reading configuration from file 
/etc/stunnel/stunnel.conf
2019.05.08 12:50:18 LOG5[ui]: UTF-8 byte order mark not detected
2019.05.08 12:50:18 LOG5[ui]: FIPS mode disabled
2019.05.08 12:50:42 LOG5[ui]: Configuration successful
2019.05.08 12:51:01 LOG5[2]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:64139
2019.05.08 12:51:02 LOG5[2]: Certificate accepted at depth=0: C=US, 
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, CN=cbrowne-39, 
emailAddress=cbrowne at cbcs-usa.com
2019.05.08 12:51:02 LOG5[3]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49330
2019.05.08 12:51:02 LOG5[2]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:51:02 LOG5[2]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49330
2019.05.08 12:51:02 LOG5[3]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:51:02 LOG5[3]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44946
2019.05.08 12:51:02 LOG5[3]: Certificate accepted at depth=0: C=US, 
ST=Massachusetts, L=Winchester, O=CBCS, OU=MIS, 
CN=cbrowne-13.cbcsnet.local, emailAddress=cbrowne at cbcs-usa.com
2019.05.08 12:51:15 LOG5[2]: Connection closed: 1615 byte(s) sent to 
TLS, 1061 byte(s) sent to socket
2019.05.08 12:51:15 LOG5[3]: Connection closed: 1061 byte(s) sent to 
TLS, 1615 byte(s) sent to socket
2019.05.08 12:51:15 LOG5[4]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:64141
2019.05.08 12:51:15 LOG5[5]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49334
2019.05.08 12:51:15 LOG5[4]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:51:15 LOG5[4]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49334
2019.05.08 12:51:15 LOG5[5]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:51:15 LOG5[5]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44950
2019.05.08 12:51:18 LOG3[4]: transfer() loop executes not transferring 
any data
2019.05.08 12:51:18 LOG3[4]: please report the problem to 
Michal.Trojnara at stunnel.org
2019.05.08 12:51:18 LOG3[4]: stunnel 5.51 on 
armv7l-unknown-linux-gnueabihf platform
2019.05.08 12:51:18 LOG3[4]: Compiled/running with OpenSSL 1.1.1b 26 Feb 
2019
2019.05.08 12:51:18 LOG3[4]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD 
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.05.08 12:51:18 LOG3[4]: protocol=TLSv1.2, SSL_pending=0
2019.05.08 12:51:18 LOG3[4]: sock_open_rd=Y, sock_open_wr=Y
2019.05.08 12:51:18 LOG3[4]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n
2019.05.08 12:51:18 LOG3[4]: sock_can_rd=n, sock_can_wr=n
2019.05.08 12:51:18 LOG3[4]: ssl_can_rd=n, ssl_can_wr=n
2019.05.08 12:51:18 LOG3[4]: read_wants_read=Y, read_wants_write=n
2019.05.08 12:51:18 LOG3[4]: write_wants_read=n, write_wants_write=n
2019.05.08 12:51:18 LOG3[4]: shutdown_wants_read=n, shutdown_wants_write=n
2019.05.08 12:51:18 LOG3[4]: socket input buffer: 0 byte(s), TLS input 
buffer: 0 byte(s)
2019.05.08 12:51:18 LOG5[4]: Connection reset: 2786 byte(s) sent to TLS, 
5077 byte(s) sent to socket
2019.05.08 12:51:18 LOG5[5]: Connection closed: 5077 byte(s) sent to 
TLS, 2989 byte(s) sent to socket
2019.05.08 12:52:03 LOG5[6]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:64144
2019.05.08 12:52:03 LOG5[6]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:52:03 LOG5[6]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49340
2019.05.08 12:52:03 LOG5[7]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49340
2019.05.08 12:52:03 LOG5[7]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:52:03 LOG5[7]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44956
2019.05.08 12:52:14 LOG5[6]: Connection closed: 1615 byte(s) sent to 
TLS, 1061 byte(s) sent to socket
2019.05.08 12:52:14 LOG5[7]: Connection closed: 1061 byte(s) sent to 
TLS, 1615 byte(s) sent to socket
2019.05.08 12:52:14 LOG5[8]: Service [c13alt-rdp] accepted connection 
from 192.168.179.22:64147
2019.05.08 12:52:14 LOG5[9]: Service [cbrowne-13-rdp] accepted 
connection from 127.0.0.1:49344
2019.05.08 12:52:14 LOG5[9]: s_connect: connected 10.251.129.118:8001
2019.05.08 12:52:14 LOG5[9]: Service [cbrowne-13-rdp] connected remote 
server from 10.251.129.84:44960
2019.05.08 12:52:14 LOG5[8]: s_connect: connected 127.0.1.127:3389
2019.05.08 12:52:14 LOG5[8]: Service [c13alt-rdp] connected remote 
server from 127.0.0.1:49344
2019.05.08 12:52:16 LOG3[8]: transfer() loop executes not transferring 
any data
2019.05.08 12:52:16 LOG3[8]: please report the problem to 
Michal.Trojnara at stunnel.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20190508/8a466cd6/attachment.html>

More information about the stunnel-users mailing list