[stunnel-users] Mac stunnel not attempting to connect to host

Michael Kreykenbohm mkj1 at 8ksolutions.com
Tue Aug 28 07:17:23 CEST 2007


I'v used FreeBsd with stunnel without problem,
so I'm a little stumped that it doesn't work properly on darwin for Mac.
I recall that it might get hung up in the ssl certificates, but I can't find
where to look and openssl -connect works perfectly.

Any help, appreciated.

Symptom:
	The stunnel is running in debug mode,
	the client makes a connection to stunnel,
	stunnel reports the connection
	stunnel does not attempt to connect to the host
	(the connect string)
	No messages suggest it is trying, no network logic show it is connecting.

 	(Since I am using it for email, I can not copy and paste from the orginal
to
	send this email)

openssl connects fine to the server and get the correct results

Any ideas how/ where to find out what is wrong with the Mac.

Thanks

stunnel 4.20 on i686-apple-darwin8.10.1 with OpenSSL 0.9.7l 28 Sep 2006
Threading:PTHREAD SSL:ENGINE Sockets:SELECT,IPv4 Auth:LIBWRAP

Global options
debug           = 5
pid             = /opt/local/var/run/stunnel/stunnel.pid
RNDbytes        = 64
RNDfile         = /dev/urandom
RNDoverwrite    = yes

Service-level options
cert            = /opt/local/etc/stunnel/stunnel.pem
ciphers         = ALL:!ADH:+RC4:@STRENGTH
key             = /opt/local/etc/stunnel/stunnel.pem
session         = 300 seconds
sslVersion      = SSLv3 for client, all for server
TIMEOUTbusy     = 300 seconds
TIMEOUTclose    = 60 seconds
TIMEOUTconnect  = 10 seconds
TIMEOUTidle     = 43200 seconds
verify          = none

2007.08.26 20:28:51 LOG7[207:2684407808]: RAND_status claims sufficient
entropy for the PRNG
2007.08.26 20:28:51 LOG7[207:2684407808]: PRNG seeded successfully
2007.08.26 20:28:51 LOG7[207:2684407808]: Certificate:
/opt/local/etc/stunnel/stunnel.pem
2007.08.26 20:28:51 LOG7[207:2684407808]: Certificate loaded
2007.08.26 20:28:51 LOG7[207:2684407808]: Key file:
/opt/local/etc/stunnel/stunnel.pem
2007.08.26 20:28:51 LOG7[207:2684407808]: Private key loaded
2007.08.26 20:28:51 LOG7[207:2684407808]: SSL context initialized for
service pop3s
2007.08.26 20:28:51 LOG7[207:2684407808]: Certificate:
/opt/local/etc/stunnel/stunnel.pem
2007.08.26 20:28:51 LOG7[207:2684407808]: Certificate loaded
2007.08.26 20:28:51 LOG7[207:2684407808]: Key file:
/opt/local/etc/stunnel/stunnel.pem
2007.08.26 20:28:51 LOG7[207:2684407808]: Private key loaded
2007.08.26 20:28:51 LOG7[207:2684407808]: SSL context initialized for
service smtps
2007.08.26 20:28:51 LOG5[207:2684407808]: stunnel 4.20 on
i686-apple-darwin8.10.1 with OpenSSL 0.9.7l 28 Sep 2006
2007.08.26 20:28:51 LOG5[207:2684407808]: Threading:PTHREAD SSL:ENGINE
Sockets:SELECT,IPv4 Auth:LIBWRAP
2007.08.26 20:28:51 LOG6[207:2684407808]: file ulimit = 256 (can be changed
with 'ulimit -n')
2007.08.26 20:28:51 LOG6[207:2684407808]: FD_SETSIZE = 1024 (some systems
allow to increase this value)
2007.08.26 20:28:51 LOG5[207:2684407808]: 125 clients allowed
2007.08.26 20:28:51 LOG7[207:2684407808]: FD 4 in non-blocking mode
2007.08.26 20:28:51 LOG7[207:2684407808]: FD 6 in non-blocking mode
2007.08.26 20:28:51 LOG7[207:2684407808]: FD 7 in non-blocking mode
2007.08.26 20:28:51 LOG7[207:2684407808]: SO_REUSEADDR option set on accept
socket
2007.08.26 20:28:51 LOG7[207:2684407808]: pop3s bound to 0.0.0.0:995
2007.08.26 20:28:51 LOG7[207:2684407808]: FD 8 in non-blocking mode
2007.08.26 20:28:51 LOG7[207:2684407808]: SO_REUSEADDR option set on accept
socket
2007.08.26 20:28:51 LOG7[207:2684407808]: smtps bound to 0.0.0.0:5526
2007.08.26 20:28:51 LOG7[207:2684407808]: Created pid file /tmp/stunnel.pid
2007.08.26 20:29:04 LOG7[207:2684407808]: pop3s accepted FD=9 from
127.0.0.1:49162
2007.08.26 20:29:04 LOG7[207:25185792]: pop3s started
2007.08.26 20:29:04 LOG7[207:25185792]: FD 9 in non-blocking mode
2007.08.26 20:29:04 LOG7[207:25185792]: FD 10 in non-blocking mode
2007.08.26 20:29:04 LOG7[207:25185792]: FD 11 in non-blocking mode
2007.08.26 20:29:04 LOG7[207:25185792]: Connection from 127.0.0.1:49162
permitted by libwrap
2007.08.26 20:29:04 LOG5[207:25185792]: pop3s accepted connection from
127.0.0.1:49162
2007.08.26 20:29:04 LOG7[207:25185792]: SSL state (accept): before/accept
initialization
2007.08.26 20:29:04 LOG7[207:2684407808]: Cleaning up the signal pipe
2007.08.26 20:29:04 LOG6[207:2684407808]: Child process 212 finished with
code 0

<<-- at this point I have done nothing but connect to the stunnel, so I
don;t know why it should finished with code 0 yet, and has not closed the
connect
on the other side.




More information about the stunnel-users mailing list