Hi!

pay attention to the execArgs option
What about the execArgs do you think is wrong?  If it’s the trailing dot
then it’s something to do with rsync (detailed here
<https://lists.samba.org/archive/rsync-cvs/2013-July/007296.html>).
As far as I can tell, Stunnel doesn’t even get as far as invoking the
executable because it never manages to finish connecting.


execArgs = $0 $1 $2 ...
arguments for exec including the program name ($0), it means $0 = rsync
In your config file:
execArgs = -vvvv --daemon --server --config=/Users/dave/Desktop/stunnel-test/stunnel-rsyncd.conf .


and connect the client to the server (not localhost).
The server *is* on localhost.  So is the client.  The logs show the
server is on port 874 and the client connected from port 51362 on this
occasion.

I don’t understand what you want to achieve. Do you have the stunnel client and the stunnel server on the same computer and try to establish an encrypted connection between them on the localhost? For what purpose?

I always type the IP address to the stunnel server.


Further information: I’ve also tried Stunnel 4.57 and this fails in
exactly the same way.

It also bothers me that the last log line mentions SSLv3 (server) and
SSLv2/v3 (client)… but the manual says "Obsolete SSLv2 and SSLv3 are
currently disabled by default”.  So why would they appear in the log?
 I’ve even explicitly disabled them with addition of "options =
NO_SSLv2" and  "options = NO_SSLv3” lines in the confs, but this makes
no difference.


SSL state (accept): SSLv3 messages are from OpenSSL. They are vestiges of the past.

With the latest OpenSSL 1.1.0.:

2016.09.19 04:56:54 LOG5[ui]: stunnel 5.36 on x86_64-unknown-linux-gnu platform 2016.09.19 04:56:54 LOG5[ui]: Compiled/running with OpenSSL 1.1.0 25 Aug 2016
…
2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS read client hello
2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write server hello
2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write certificate
2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write key exchange
…

---
Ta wiadomość została sprawdzona na obecność wirusów przez oprogramowanie 
antywirusowe Avast.
https://www.avast.com/antivirus

_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Reply via email to