So here's the deal, installed stunnel from source:
Code: Select all
me$ stunnel -version
stunnel 4.24 on i686-apple-darwin9.2.0 with OpenSSL 0.9.7l 28 Sep 2006
Threading:PTHREAD SSL:ENGINE Sockets:SELECT,IPv6 Auth:LIBWRAP
Global options
debug = 5
pid = /usr/local/var/run/stunnel/stunnel.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options
cert = /usr/local/etc/stunnel/stunnel.pem
ciphers = ALL:!ADH:+RC4:@STRENGTH
key = /usr/local/etc/stunnel/stunnel.pem
session = 300 seconds
stack = 65536 bytes
sslVersion = SSLv3 for client, all for server
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
the stunnel configuration file from twofo website is at :
Code: Select all
/usr/local/etc/stunnel/stunnel.conf
Code: Select all
sudo stunnel3
Code: Select all
2008.05.27 11:40:09 LOG7[11837:2684698528]: RAND_status claims sufficient entropy for the PRNG
2008.05.27 11:40:09 LOG7[11837:2684698528]: PRNG seeded successfully
2008.05.27 11:40:09 LOG7[11837:2684698528]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.05.27 11:40:09 LOG7[11837:2684698528]: Certificate loaded
2008.05.27 11:40:09 LOG7[11837:2684698528]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.05.27 11:40:09 LOG7[11837:2684698528]: Private key loaded
2008.05.27 11:40:09 LOG7[11837:2684698528]: SSL context initialized for service stunnel
inetd mode must define a remote host or an executable
Code: Select all
sudo stunnel
Code: Select all
27/05/2008 11:31:39 stunnel[11810] LOG5[11810:2684698528]: stunnel 4.24 on i686-apple-darwin9.2.0 with OpenSSL 0.9.7l 28 Sep 2006
27/05/2008 11:31:39 stunnel[11810] LOG5[11810:2684698528]: Threading:PTHREAD SSL:ENGINE Sockets:SELECT,IPv6 Auth:LIBWRAP
27/05/2008 11:31:39 stunnel[11810] LOG5[11810:2684698528]: 125 clients allowed
27/05/2008 11:31:39 stunnel[11810] LOG3[11810:2684698528]: Error binding wofo to 127.0.0.1:49812
27/05/2008 11:31:39 stunnel[11810] LOG3[11810:2684698528]: bind: Address already in use (48)
27/05/2008 11:31:39 stunnel[11815] warning: can't get client address: Bad file descriptor
27/05/2008 11:31:39 stunnel[11814] warning: can't get client address: Bad file descriptor
27/05/2008 11:31:39 stunnel[11813] warning: can't get client address: Bad file descriptor
27/05/2008 11:31:39 stunnel[11812] warning: can't get client address: Bad file descriptor
27/05/2008 11:31:39 stunnel[11811] warning: can't get client address: Bad file descriptor
if I remove the [twofo] - line after Service-level configuration and run stunnel3, I get messages as above, but it tells me that inetd-mode doesnt accept connections. If I then comment the "accept"-line, it actually makes a connection, but obviously I then am not able to connect to localhost:8000 with Shakespeer/anything.
Any ideas ?