[KLUG Members] Stunnel and gaim.

[Adam Bultman]

Question.

Has anyone else on this list ever used stunnel before?  It's a program 
that lets you wrap traffic into an SSL tunnel, and I can't get it to work 
(three machines, two different distros).

I'm attempting to use it to tunnel jabber traffic, and I have a host that 
accepts valid SSL traffic (other people are currently doing so).


I've tried this on two gentoo linux boxes (using both stunnel 3.22 and 
stunnel 4.0.4) and on a redhat 9 laptop (using stunnel 4.0.4 from RPM).


Here's the command for stunnel 3.22:

stunnel -d 127.0.0.1:5225 -r my.remotebox.com:5223 -c

When I use this version of stunnel, my connection snaps shut to early, and 
if I try to telnet to localhost on port 5225, it shuts closed on me, and 
stunnel pukes.


For stunnel 4.02 and 4.04, I have in my stunnel config:

setuid = root
setgid = root  #Yeah, I know, but I want it to WORK

client=yes


[jabber]
accept =  5225
connect = my.remotebox.com:5223


When I use this, my connection doesn't snap shut, but it doesn't work, 
either.  I tried to use openSSL to see if it is speaking openSSL, and I 
get this:

adamb@stratawhovius $ openssl s_client -host localhost
CONNECTED(00000003)
11176:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:s23_clnt.c:470:

If I do the same command (well, with the host and port changed) to 
connect to the actual server, it shows it's speaking SSL correctly.

Debugging that isn't the easiest, and I haven't found anything that quite 
explains my problem.  


Any ideas would be welcomed.

Adam


-- 
adamb@glaven.org
[ www.glaven.org ]