[stunnel-users] How do I do a one-time client connection?

• Previous message (by thread): [stunnel-users] How do I do a one-time client connection?
• Next message (by thread): [stunnel-users] How do I do a one-time client connection?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 13 Jan 2009, "D. Richard Hipp" <drh at hwaci.com> wrote:
> 
> Apparently stunnel will work as a pipe if I create a config file like  
> this:
> 
>       client=yes
>       connect=remosthost:port
> 
> Then run stunnel and talk over standard input and standard output.

One problem I have found in doing this is that if socketpair(2) is used
to create the file descriptor that will be connected to stunnel's stdio,
then stunnel's libwrap checking is activated because it detects it to
be a socket.

Using socketpair is a nice way to turn a TCP client into one that connects
via a two-way pipe with stunnel (because the client app doesn't have
to special case the two file descriptors for stunnel's stdin and stdout
when reading and writing.)

Since a user (i.e. not a sysadmin) has no control over the libwrap settings
in /etc, stunnel's libwrap check will always fail when used this way.

In my opinion, stunnel should allow disabling of libwrap (and syslog too)
via the config file (i.e. not just compile time options).  This makes the
"one connection" client usage you describe work better.

Karl

• Previous message (by thread): [stunnel-users] How do I do a one-time client connection?
• Next message (by thread): [stunnel-users] How do I do a one-time client connection?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]