[stunnel-users] Need help to configure STUNNEL using proxy socks v5 to send file to a server

laurent.uk at bnpparibas.com laurent.uk at bnpparibas.com
Mon Mar 11 22:38:45 CET 2013


Hi everyone, 

I need to connect to proxy socks V5 in order to send file in my server. 

I configure my stunnel like this :

sslVersion = SSLv3
client=yes
cert = /opt/freeware/etc/stunnel/ca_nopass.pem
pid = /var/adm/stunnel_test.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /logs/stunnel/stunnel.log
; Don't forget to c_rehash CApath
; CApath is located inside chroot jail
CApath = /opt/freeware/etc/stunnel/CA_files/
protocol = connect
protocolAuthentication = basic
protocolHost = ***:8080
[pesit]
accept = 12099
connect = ***:433

But it doesn't works!

The log from my stunnel client :
2013.03.11 18:57:30 LOG5[26673178:260]: Service pesit accepted connection 
from ***:48549
2013.03.11 18:57:30 LOG7[26673178:260]: remote socket: FD=1 allocated 
(non-blocking mode)
2013.03.11 18:57:30 LOG6[26673178:260]: connect_blocking: connecting 
::1:10443
2013.03.11 18:57:30 LOG3[26673178:260]: connect_blocking: connect 
::1:10443: Connection refused (79)
2013.03.11 18:57:30 LOG7[26673178:260]: remote socket: FD=1 allocated 
(non-blocking mode)
2013.03.11 18:57:30 LOG6[26673178:260]: connect_blocking: connecting 
****:10443
2013.03.11 18:57:30 LOG5[26673178:260]: connect_blocking: connected 
****:10443
2013.03.11 18:57:30 LOG5[26673178:260]: Service pesit connected remote 
server from ****:48551
2013.03.11 18:57:30 LOG7[26673178:260]: Remote FD=1 initialized
2013.03.11 18:57:30 LOG7[26673178:260]: Option TCP_NODELAY set on remote 
socket
2013.03.11 18:57:30 LOG6[26673178:260]: Client-mode connect protocol 
negotiations started
2013.03.11 18:57:30 LOG7[26673178:260]:  -> CONNECT ****:1080 HTTP/1.1
2013.03.11 18:57:30 LOG7[26673178:260]:  -> Host: ****:1080
2013.03.11 18:57:30 LOG7[26673178:260]:  ->
2013.03.11 18:57:30 LOG3[26673178:260]: fdgetline: readsocket: Connection 
reset by peer (73)
2013.03.11 18:57:30 LOG5[26673178:260]: Connection reset: 0 bytes sent to 
SSL, 0 bytes sent to socket
2013.03.11 18:57:30 LOG7[26673178:260]: Service pesit finished (0 left)
2013.03.11 18:57:30 LOG7[26673178:260]: str_stats: 0 block(s), 0 data 
byte(s), 0 control byte(s)
2013.03.11 18:57:32 LOG7[26673178:1]: local socket: FD=0 allocated 
(non-blocking mode)

In my stunnel server, i have the following message :
"SSL_accept: 1407609B: error:1407609B:SSL 
routines:SSL23_GET_CLIENT_HELLO:https proxy request"
2013.03.11 18:57:30 LOG7[27525210:1]: Service pesitip accepted FD=0 from 
****:48551
2013.03.11 18:57:30 LOG7[27525210:265]: Service pesitip started
2013.03.11 18:57:30 LOG7[27525210:265]: Option TCP_NODELAY set on local 
socket
2013.03.11 18:57:30 LOG5[27525210:265]: Service pesitip accepted 
connection from 159.50.49.69:48551
2013.03.11 18:57:30 LOG3[27525210:265]: SSL_accept: 1407609B: 
error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request
2013.03.11 18:57:30 LOG5[27525210:265]: Connection reset: 0 bytes sent to 
SSL, 0 bytes sent to socket
2013.03.11 18:57:30 LOG7[27525210:265]: Service pesitip finished (0 left)
2013.03.11 18:57:30 LOG7[27525210:265]: str_stats: 0 block(s), 0 data 
byte(s), 0 control byte(s)
2013.03.11 18:57:32 LOG7[27525210:1]: local socket: FD=0 allocated 
(non-blocking mode)

Can you help me to configure my stunnel please?

Thanks.

Regards,

Laurent UK



This message and any attachments (the "message") is
intended solely for the intended addressees and is confidential. 
If you receive this message in error,or are not the intended recipient(s), 
please delete it and any copies from your systems and immediately notify
the sender. Any unauthorized view, use that does not comply with its purpose, 
dissemination or disclosure, either whole or partial, is prohibited. Since the internet 
cannot guarantee the integrity of this message which may not be reliable, BNP PARIBAS 
(and its subsidiaries) shall not be liable for the message if modified, changed or falsified. 
Do not print this message unless it is necessary,consider the environment.

----------------------------------------------------------------------------------------------------------------------------------

Ce message et toutes les pieces jointes (ci-apres le "message") 
sont etablis a l'intention exclusive de ses destinataires et sont confidentiels.
Si vous recevez ce message par erreur ou s'il ne vous est pas destine,
merci de le detruire ainsi que toute copie de votre systeme et d'en avertir
immediatement l'expediteur. Toute lecture non autorisee, toute utilisation de 
ce message qui n'est pas conforme a sa destination, toute diffusion ou toute 
publication, totale ou partielle, est interdite. L'Internet ne permettant pas d'assurer
l'integrite de ce message electronique susceptible d'alteration, BNP Paribas 
(et ses filiales) decline(nt) toute responsabilite au titre de ce message dans l'hypothese
ou il aurait ete modifie, deforme ou falsifie. 
N'imprimez ce message que si necessaire, pensez a l'environnement.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130311/cdad89c8/attachment.html>


More information about the stunnel-users mailing list