[KLUG Members] Stunnel and gaim.
Adam Bultman
members@kalamazoolinux.org
Tue, 2 Sep 2003 21:12:35 -0400 (EDT)
Yep, here's the debug (and there's a lot of it):
Well, first things first: I'm up to 4.0.2 on my workstation here now, so I
think it just listens on INADDR_ANY. But I get the same error if I
exchange '192.168.1.3' for 'localhost'.
Ok, debug:
Sep 2 21:09:29 stratawhovius stunnel[11230]: RAND_status claims
sufficient entropy for the PRNG
Sep 2 21:09:29 stratawhovius stunnel[11230]: PRNG seeded successfully
Sep 2 21:09:29 stratawhovius stunnel[11230]: FD_SETSIZE=1024, file
ulimit=1024 -> 500 clients allowed
Sep 2 21:09:29 stratawhovius stunnel[11230]: FD 4 in non-blocking mode
Sep 2 21:09:29 stratawhovius stunnel[11230]: SO_REUSEADDR option set on
accept socket
Sep 2 21:09:29 stratawhovius stunnel[11230]: jabber bound to 0.0.0.0:5225
Sep 2 21:09:29 stratawhovius stunnel[11231]: Created pid file
/var/run/stunnel.pid
Sep 2 21:09:30 stratawhovius stunnel[11231]: jabber accepted FD=5 from
192.168.1.3:34776
Sep 2 21:09:30 stratawhovius stunnel[11231]: FD 5 in non-blocking mode
Sep 2 21:09:30 stratawhovius stunnel[11234]: jabber started
Sep 2 21:09:30 stratawhovius stunnel[11234]: jabber connected from
192.168.1.3:34776
Sep 2 21:09:30 stratawhovius stunnel[11234]: FD 8 in non-blocking mode
Sep 2 21:09:30 stratawhovius stunnel[11234]: jabber connecting
remotebox.com:5223
Sep 2 21:09:30 stratawhovius stunnel[11234]: remote connect #1:
EINPROGRESS: retrying
Sep 2 21:09:30 stratawhovius stunnel[11234]: waitforsocket: FD=8,
DIR=write
Sep 2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep 2 21:09:31 stratawhovius stunnel[11234]: Remote FD=8 initialized
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect):
before/connect initialization
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
write client hello A
Sep 2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: FD=8,
DIR=read
Sep 2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
read server hello A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
read server certificate A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
read server done A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
write client key exchange A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
write change cipher spec A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
write finished A
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
flush data
Sep 2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: FD=8,
DIR=read
Sep 2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3
read finished A
Sep 2 21:09:31 stratawhovius stunnel[11234]: 1 items in the session
cache
Sep 2 21:09:31 stratawhovius stunnel[11234]: 1 client connects
(SSL_connect())
Sep 2 21:09:31 stratawhovius stunnel[11234]: 1 client connects that
finished
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 client renegotiatations
requested
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 server connects
(SSL_accept())
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 server connects that
finished
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 server
renegotiatiations requested
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 session cache hits
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 session cache misses
Sep 2 21:09:31 stratawhovius stunnel[11234]: 0 session cache timeouts
Sep 2 21:09:31 stratawhovius stunnel[11234]: Negotiated ciphers:
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
Sep 2 21:09:31 stratawhovius stunnel[11234]: SSL socket closed on
SSL_read
Sep 2 21:09:31 stratawhovius stunnel[11234]: Connection closed: 130 bytes
sent to SSL, 41 bytes sent to socket
Sep 2 21:09:31 stratawhovius stunnel[11234]: jabber finished (0 left)
Yeah, that's verbose.
Anyway, I'm still kinda stuck, but I'm going to continue to fiddle with
this and see what happens.
Adam
--
adamb@glaven.org
[ www.glaven.org ]
On Tue, 2 Sep 2003, Jamie McCarthy wrote:
> adamb@glaven.org (Adam Bultman) writes:
>
> > Here's the command for stunnel 3.22:
> >
> > stunnel -d 127.0.0.1:5225 -r my.remotebox.com:5223 -c
> >
> > When I use this version of stunnel, my connection snaps shut to
> > early, and if I try to telnet to localhost on port 5225, it
> > shuts closed on me, and stunnel pukes.
>
> Add a -D 7 to turn on some debugging and see what the log says.
>
> Have you tried it with a real IP number instead of the loopback?
>
> The command I use with stunnel 3.x to tunnel an intranet port to an
> encrypted port on the internet is:
>
> /usr/sbin/stunnel -D 5 -c -d 192.168.0.20:25 -r ralph.jamiemccarthy.com:465 &
>