[KLUG Members] Stunnel and gaim.

Adam Bultman members@kalamazoolinux.org
Tue, 2 Sep 2003 21:12:35 -0400 (EDT) 

Yep, here's the debug (and there's a lot of it):


Well, first things first: I'm up to 4.0.2 on my workstation here now, so I 
think it just listens on INADDR_ANY.  But I get the same error if I 
exchange '192.168.1.3' for 'localhost'.

Ok, debug:

Sep  2 21:09:29 stratawhovius stunnel[11230]: RAND_status claims 
sufficient entropy for the PRNG
Sep  2 21:09:29 stratawhovius stunnel[11230]: PRNG seeded successfully
Sep  2 21:09:29 stratawhovius stunnel[11230]: FD_SETSIZE=1024, file 
ulimit=1024 -> 500 clients allowed
Sep  2 21:09:29 stratawhovius stunnel[11230]: FD 4 in non-blocking mode
Sep  2 21:09:29 stratawhovius stunnel[11230]: SO_REUSEADDR option set on 
accept socket
Sep  2 21:09:29 stratawhovius stunnel[11230]: jabber bound to 0.0.0.0:5225
Sep  2 21:09:29 stratawhovius stunnel[11231]: Created pid file 
/var/run/stunnel.pid
Sep  2 21:09:30 stratawhovius stunnel[11231]: jabber accepted FD=5 from 
192.168.1.3:34776
Sep  2 21:09:30 stratawhovius stunnel[11231]: FD 5 in non-blocking mode
Sep  2 21:09:30 stratawhovius stunnel[11234]: jabber started
Sep  2 21:09:30 stratawhovius stunnel[11234]: jabber connected from 
192.168.1.3:34776
Sep  2 21:09:30 stratawhovius stunnel[11234]: FD 8 in non-blocking mode
Sep  2 21:09:30 stratawhovius stunnel[11234]: jabber connecting 
remotebox.com:5223
Sep  2 21:09:30 stratawhovius stunnel[11234]: remote connect #1: 
EINPROGRESS: retrying
Sep  2 21:09:30 stratawhovius stunnel[11234]: waitforsocket: FD=8, 
DIR=write
Sep  2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep  2 21:09:31 stratawhovius stunnel[11234]: Remote FD=8 initialized
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): 
before/connect initialization
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
write client hello A
Sep  2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: FD=8, 
DIR=read
Sep  2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
read server hello A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
read server certificate A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
read server done A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
write client key exchange A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
write change cipher spec A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
write finished A
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
flush data
Sep  2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: FD=8, 
DIR=read
Sep  2 21:09:31 stratawhovius stunnel[11234]: waitforsocket: ok
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL state (connect): SSLv3 
read finished A
Sep  2 21:09:31 stratawhovius stunnel[11234]:    1 items in the session 
cache
Sep  2 21:09:31 stratawhovius stunnel[11234]:    1 client connects 
(SSL_connect())
Sep  2 21:09:31 stratawhovius stunnel[11234]:    1 client connects that 
finished
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 client renegotiatations 
requested
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 server connects 
(SSL_accept())
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 server connects that 
finished
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 server 
renegotiatiations requested
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 session cache hits
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 session cache misses
Sep  2 21:09:31 stratawhovius stunnel[11234]:    0 session cache timeouts
Sep  2 21:09:31 stratawhovius stunnel[11234]: Negotiated ciphers: 
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
Sep  2 21:09:31 stratawhovius stunnel[11234]: SSL socket closed on 
SSL_read
Sep  2 21:09:31 stratawhovius stunnel[11234]: Connection closed: 130 bytes 
sent to SSL, 41 bytes sent to socket
Sep  2 21:09:31 stratawhovius stunnel[11234]: jabber finished (0 left)



Yeah, that's verbose.

Anyway, I'm still kinda stuck, but I'm going to continue to fiddle with 
this and see what happens.

Adam


-- 
adamb@glaven.org
[ www.glaven.org ]

On Tue, 2 Sep 2003, Jamie McCarthy wrote:

> adamb@glaven.org (Adam Bultman) writes:
> 
> > Here's the command for stunnel 3.22:
> > 
> > stunnel -d 127.0.0.1:5225 -r my.remotebox.com:5223 -c
> > 
> > When I use this version of stunnel, my connection snaps shut to
> > early, and if I try to telnet to localhost on port 5225, it
> > shuts closed on me, and stunnel pukes.
> 
> Add a -D 7 to turn on some debugging and see what the log says.
> 
> Have you tried it with a real IP number instead of the loopback?
> 
> The command I use with stunnel 3.x to tunnel an intranet port to an
> encrypted port on the internet is:
> 
> /usr/sbin/stunnel -D 5 -c -d 192.168.0.20:25 -r ralph.jamiemccarthy.com:465 &
>