Hello, > On 19 Sep 2016, at 02:27, Małgorzata Olszówka <[email protected]> wrote: > > Hi! >> What about the execArgs do you think is wrong? If it’s the trailing dot >> then it’s something to do with rsync (detailed here >> <https://lists.samba.org/archive/rsync-cvs/2013-July/007296.html>). >> As far as I can tell, Stunnel doesn’t even get as far as invoking the >> executable because it never manages to finish connecting. > execArgs = $0 $1 $2 ... > arguments for exec including the program name ($0), it means $0 = rsync > In your config file: > execArgs = -vvvv --daemon --server > --config=/Users/dave/Desktop/stunnel-test/stunnel-rsyncd.conf . Good point but no luck; it still fails the same way. I think Stunnel doesn’t even get as far as executing the executable because it fails to connect. E.g., it still hangs the same way even if I use something absurd such as exec = FOO/FOO/FOO I just don’t think it gets that far.
>> The server *is* on localhost. So is the client. The logs show the >> server is on port 874 and the client connected from port 51362 on this >> occasion. > I don’t understand what you want to achieve. Do you have the stunnel client > and the stunnel server on the same computer and try to establish an encrypted > connection between them on the localhost? For what purpose? Testing. >> Further information: I’ve also tried Stunnel 4.57 and this fails in >> exactly the same way. >> It also bothers me that the last log line mentions SSLv3 (server) and >> SSLv2/v3 (client)… but the manual says "Obsolete SSLv2 and SSLv3 are >> currently disabled by default”. So why would they appear in the log? >> I’ve even explicitly disabled them with addition of "options = >> NO_SSLv2" and "options = NO_SSLv3” lines in the confs, but this makes >> no difference. > > SSL state (accept): SSLv3 messages are from OpenSSL. They are vestiges of the > past. > > With the latest OpenSSL 1.1.0.: > > 2016.09.19 04:56:54 LOG5[ui]: stunnel 5.36 on x86_64-unknown-linux-gnu > platform > 2016.09.19 04:56:54 LOG5[ui]: Compiled/running with OpenSSL 1.1.0 25 Aug 2016 > … > 2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS read client hello > 2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write server hello > 2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write certificate > 2016.09.19 04:57:19 LOG7[0]: SSL state (accept): SSLv3/TLS write key exchange > … Do you mean that the ‘SSLv3’ bit is misleading and I can just ignore it? Thanks, Dave. _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
