|
|
problem running stunnel with getmail: msg#00015network.stunnel.user
Hi! This is my 1st post to the list and I have a problem :-) I'd like to establish stunnel connection from my localhost dialup computer to web-hosted mail server. My stunnel.conf looks like: client = yes foreground = no accept = gaura.nitai.hr:8110 connect = 69.72.128.66:995 debug = 7 output = /home/gour/.getmail/stunnel.log exec =/usr/bin/getmail execargs = /home/gour/.getmail/atmaramarc where gaura.nitai.gr is alias is defined as: 127.0.0.2 gaura.nitai.hr in my /etc/hosts. I invoke stunnel from the getmail-ssl script: #!/bin/sh /usr/sbin/stunnel /etc/stunnel/stunnel.conf getmail -r /home/gour/.getmail/atmaramarc This is relevant part from getmail's rc - atmaramarc: [Gour] server = gaura.nitai.hr port = 8110 username = gour@xxxxxxxxxxxx password = "xxxxxxxxxx" After running getmail-ssl script, here is the output: bash-2.05b$ getmail-ssl getmail - POP3 mail retriever with reliable Maildir and command delivery. getmail version 3.2.1 Copyright (C) 2001 Charles Cazabon Licensed under the GNU General Public License version 2. See the file COPYING for details. Written by Charles Cazabon <getmail @ discworld.dyndns.org> getmail started for gour@xxxxxxxxxxxx@gaura.nitai.hr:8110 TCP timeout (gour@xxxxxxxxxxxx@gaura.nitai.hr:8110) Resetting connection and aborting (TCP timeout) getmail finished for gour@xxxxxxxxxxxx@gaura.nitai.hr:8110 Here is the stunnel.log file: 2003.12.03 22:15:53 LOG5[15885:16384]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD +LIBWRAP with OpenSSL 0.9.7c 30 Sep 2003 2003.12.03 22:15:53 LOG7[15885:16384]: RAND_status claims sufficient entropy for the PRNG 2003.12.03 22:15:53 LOG6[15885:16384]: PRNG seeded successfully 2003.12.03 22:15:53 LOG7[15885:16384]: stunnel started 2003.12.03 22:15:53 LOG6[15885:16384]: Local mode child started (PID=15886) 2003.12.03 22:15:53 LOG5[15885:16384]: stunnel connected from 127.0.0.1:34099 2003.12.03 22:15:53 LOG7[15885:16384]: FD 5 in non-blocking mode 2003.12.03 22:15:53 LOG7[15885:16384]: stunnel connecting 69.72.128.66:995 2003.12.03 22:15:53 LOG7[15885:16384]: remote connect #1: EINPROGRESS: retrying 2003.12.03 22:15:53 LOG7[15885:16384]: waitforsocket: FD=5, DIR=write 2003.12.03 22:15:53 LOG7[15885:16384]: waitforsocket: ok 2003.12.03 22:15:53 LOG7[15885:16384]: Remote FD=5 initialized 2003.12.03 22:15:53 LOG7[15885:16384]: SSL state (connect): before/connect initi alization 2003.12.03 22:15:53 LOG7[15885:16384]: SSL state (connect): SSLv3 write client h ello A 2003.12.03 22:15:53 LOG7[15885:16384]: waitforsocket: FD=5, DIR=read 2003.12.03 22:15:54 LOG7[15885:16384]: waitforsocket: ok 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 read server he llo A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 read server ce rtificate A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 read server do ne A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 write client k ey exchange A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 write change c ipher spec A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 write finished A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 flush data 2003.12.03 22:15:54 LOG7[15885:16384]: waitforsocket: FD=5, DIR=read 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 write finished A 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 flush data 2003.12.03 22:15:54 LOG7[15885:16384]: waitforsocket: FD=5, DIR=read 2003.12.03 22:15:54 LOG7[15885:16384]: waitforsocket: ok 2003.12.03 22:15:54 LOG7[15885:16384]: SSL state (connect): SSLv3 read finished A 2003.12.03 22:15:54 LOG7[15885:16384]: 1 items in the session cache 2003.12.03 22:15:54 LOG7[15885:16384]: 1 client connects (SSL_connect()) 2003.12.03 22:15:54 LOG7[15885:16384]: 1 client connects that finished 2003.12.03 22:15:54 LOG7[15885:16384]: 0 client renegotiatations requested 2003.12.03 22:15:54 LOG7[15885:16384]: 0 server connects (SSL_accept()) 2003.12.03 22:15:54 LOG7[15885:16384]: 0 server connects that finished 003.12.03 22:15:54 LOG7[15885:16384]: 0 server renegotiatiations requested 2003.12.03 22:15:54 LOG7[15885:16384]: 0 session cache hits 2003.12.03 22:15:54 LOG7[15885:16384]: 0 session cache misses 2003.12.03 22:15:54 LOG7[15885:16384]: 0 session cache timeouts 2003.12.03 22:15:54 LOG6[15885:16384]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 2003.12.03 22:16:09 LOG3[15885:16384]: readsocket: Connection reset by peer (104 ) 2003.12.03 22:16:09 LOG5[15885:16384]: Connection reset: 2715 bytes sent to SSL, 1867 bytes sent to socket 2003.12.03 22:16:09 LOG7[15885:16384]: stunnel finished (0 left) What else? bash-2.05b# /usr/sbin/stunnel -version stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7c 30 Sep 2003 Global options cert = /etc/stunnel/stunnel.pem ciphers = ALL:!ADH:+RC4:@STRENGTH debug = 5 key = /etc/stunnel/stunnel.pem pid = /var/lib/run/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes session = 300 seconds verify = none Service-level options TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTidle = 43200 seconds bash-2.05b# uname -a Linux gaura 2.4.20-win4lin-r1 #6 Čet Stu 20 17:27:36 CET 2003 i686 Celeron (Coppermine) GenuineIntel GNU/Linux bash-2.05b# openssl version OpenSSL 0.9.7c 30 Sep 2003 bash-2.05b# ./libc-2.3.2.so GNU C Library stable release version 2.3.2, by Roland McGrath et al. Copyright (C) 2003 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled by GNU CC version 3.2.3 20030422 (Gentoo Linux 1.4 3.2.3-r1, propolice). Compiled on a Linux 2.4.19 system on 2003-07-26. Available extensions: GNU libio by Per Bothner crypt add-on version 2.1 by Michael Glad and others linuxthreads-0.10 by Xavier Leroy BIND-8.2.3-T5B libthread_db work sponsored by Alpha Processor Inc NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk bash-2.05b# gcc -v Reading specs from /usr/lib/gcc-lib/i686-pc-linux-gnu/3.2.3/specs Configured with: /var/tmp/portage/gcc-3.2.3-r1/work/gcc-3.2.3/configure --prefix=/usr --bindir=/usr/i686-pc-linux-gnu/gcc-bin/3.2 --includedir=/usr/lib/gcc-lib/i686-pc-linux-gnu/3.2.3/include --datadir=/usr/share/gcc-data/i686-pc-linux-gnu/3.2 --mandir=/usr/share/gcc-data/i686-pc-linux-gnu/3.2/man --infodir=/usr/share/gcc-data/i686-pc-linux-gnu/3.2/info --enable-shared --host=i686-pc-linux-gnu --target=i686-pc-linux-gnu --with-system-zlib --enable-languages=c,c++,ada,f77,objc,java --enable-threads=posix --enable-long-long --disable-checking --enable-cstdio=stdio --enable-clocale=generic --enable-__cxa_atexit --enable-version-specific-runtime-libs --with-gxx-include-dir=/usr/lib/gcc-lib/i686-pc-linux-gnu/3.2.3/include/g++-v3 --with-local-prefix=/usr/local --enable-shared --enable-nls --without-included-gettext Thread model: posix gcc version 3.2.3 20030422 (Gentoo Linux 1.4 3.2.3-r1, propolice) Any idea what's wrong? I'm pretty new with stunnel, but do you have any advice how can debug stunnel isolated from getmail? Sincerely, Gour -- Gour gour@xxxxxxxxxxxx Registered Linux User #278493 |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Client keys (yeah I know it's a FAQ, but I have tried everything): 00015, Brian Hatch |
|---|---|
| Next by Date: | Re: Client keys (yeah I know it's a FAQ, but I have tried everything): 00015, Craig Boston |
| Previous by Thread: | how to fix this stunnel prob?i: 00015, Jamie Pratt |
| Next by Thread: | Re: problem running stunnel with getmail - 'solved': 00015, Gour |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |