[stunnel-users] older browsers, stunnel and privoxy

• Previous message (by thread): [stunnel-users] older browsers, stunnel and privoxy
• Next message (by thread): [stunnel-users] older browsers, stunnel and privoxy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

You are getting around and around and you don't get it.

Yes, stunnel, after all, is a proxy, as acts as an intermediate (end
of proxy definition), but is not a proxy as you understand it.

While all proxy servers act as a funnel (wide side accepts inbound
connections and tight for outbound connections for EACH request),
this is, accept any connection and reroute them based on the header
requests, Stunnel is just a tube (one inbound and one outbound
connection), a tunnel, better said to match its own name, this is,
that only connects peer to peer with just one connection and ONLY, I
repeat, ONLY, if that connection have already set up as a service,
because stunnel doesn't read the headers to decide where to connect.

I repeat: the service, telling where (ip:port) should accept
connections and where (ip/host:port) should connect to, MUST be set
up first in stunnel.conf (or whatever you named it).

Even thought the connect variable for a service can have multiple
destinations, it only connects to one of them in a randomly way.

If, let's imagine, the above phrase could be the solution, THAT
ISN'T, you would need to set up the whole domain names used in the
world as connect options and, even though, as the connections are
random, and can't choose one based on headers, as, as said above, it
doesn't read them, you won't be able to connect to the desired
destination.

That is the reason Stunnel, isn't and can't be used as a regular
proxy. In short, stunnel is to give TLS/SSL capabilities to
non-secure aware (or old) programs; or to control the TLS/SSL aside
the background program.

You'll need to use a real proxy server.

I hope this is crystal clear enough and helps anyone that comes to
the list asking this (they are a few), why can't be used to their
purposes.

Regards :)


P.S.: as a bonus, kind of off-topic, and even though doesn't explain
all, but maybe could help some to understand how connections work with
this OOOOLD video, even though it talks briefly about the proxy
server:
http://warriorsofthe.net/
http://warriorsofthe.net/movie.html (video language selection)

• Previous message (by thread): [stunnel-users] older browsers, stunnel and privoxy
• Next message (by thread): [stunnel-users] older browsers, stunnel and privoxy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]