Re: Getting stunnel 4.20 for OS/2 to work

Normally I wouldn't make a second response until I recieved something else
from my previous posting, but I will make an exception in this case. I
have managed to make a successful stunnel connection here.

It would appear I was making an unwarranted assumption that ZOC's SSH
device would be able to negotiate an SSL connection with the stunnel
server. That appears not to be the case. I configured and started a
stunnel client on the system originating the calls and then I used ZOC's
telnet device to connect to the local port for stunnel. This opened an
SSL connection to the stunnel server and connected to the VMODEM pool as
it was intended to! So my goal was accomplished, but required an
additional instance of stunnel.

Perhaps I am missing something and ZOC's SSH device can negotiate SSL with
the stunnel server if configured properly. I will contact ZOC's support
to inquire about this, as it would make things a bit simpler if a loopback
to a local stunnel could be eliminated from this setup.

Thanks for the pointer to the erroneous assumption.

-- Dave
-----------------------------------------------------------
dhdurgeeverizonnet
-----------------------------------------------------------

Hi Dave,

On Fri, 9 Nov 2007 21:51:30 UTC, me@privacy.net wrote:
> it was intended to! So my goal was accomplished, but required an
> additional instance of stunnel.
This is the intended way for stunnel to work - it needs to run on both
ends of the connection................

--
Cheers,

Paul.

In , on 11/12/2007
at 08:59 AM, "Paul Smedley" said:

>On Fri, 9 Nov 2007 21:51:30 UTC, me@privacy.net wrote:
>> it was intended to! So my goal was accomplished, but required an
>> additional instance of stunnel.

>This is the intended way for stunnel to work - it needs to run on both
>ends of the connection................

There is at least one case where it doesn't need to run on both ends, when
the server end supports https itself. I tried this by setting a client up
wrapping http and connecting to the https port of my router as a test.
This worked fine.

I tested this as assuming I can run this over a telnet proxy I intend to
contact my router support and see if I can use their router as a stunnel
server. As I showed above it works in the limited https case and thus
should be extensible to other cases.

I was checking this out in part because the server that I would want to
run stunnel for OS/2 on is a Warp Server Advanced installation and is
running the 4.02y stack. This is old enough that I am unsure if a stunnel
server will run on it. I could run stunnel on another system as I am now
for testing, but I was hoping to simplify things and keep only those
systems required online.

-- Dave
-----------------------------------------------------------
dhdurgeeverizonnet
-----------------------------------------------------------

Hi Dave,

On Mon, 12 Nov 2007 13:25:47 UTC, me@privacy.net wrote:

> In , on 11/12/2007
> at 08:59 AM, "Paul Smedley" said:
>
> >On Fri, 9 Nov 2007 21:51:30 UTC, me@privacy.net wrote:
> I was checking this out in part because the server that I would want to
> run stunnel for OS/2 on is a Warp Server Advanced installation and is
> running the 4.02y stack. This is old enough that I am unsure if a stunnel
> server will run on it. I could run stunnel on another system as I am now
> for testing, but I was hoping to simplify things and keep only those
> systems required online.

IIRC the current stunnel binary is built for TCPIP 4.1 or greater - it
would most likely not be too much trouble to do a build for the TCPIP
4.0 stack..... If this would be useful - let me know and I'll free up
some time to try a build.

--
Cheers,

Paul.

In , on 11/13/2007
at 09:24 AM, "Paul Smedley" said:

>On Mon, 12 Nov 2007 13:25:47 UTC, me@privacy.net wrote:

>> In , on 11/12/2007
>> at 08:59 AM, "Paul Smedley" said:
>>
>> >On Fri, 9 Nov 2007 21:51:30 UTC, me@privacy.net wrote:
>> I was checking this out in part because the server that I would want to
>> run stunnel for OS/2 on is a Warp Server Advanced installation and is
>> running the 4.02y stack. This is old enough that I am unsure if a stunnel
>> server will run on it. I could run stunnel on another system as I am now
>> for testing, but I was hoping to simplify things and keep only those
>> systems required online.

>IIRC the current stunnel binary is built for TCPIP 4.1 or greater - it
>would most likely not be too much trouble to do a build for the TCPIP
>4.0 stack..... If this would be useful - let me know and I'll free up
>some time to try a build.

Thank you for the offer. There is still a bit of testing to be done so I
will not ask you to schedule any time at this point. As noted in my
previous posting I intend to see if my router can be configured to handle
the stunnel server function for this. I have worked with them in the past
in resolving problems and found them helpful and I suspect they would see
this as a useful enhancement to their package if it is not currently
supported. I would only need a build for the 4.02y stack if the router
can't do the job.

-- Dave
-----------------------------------------------------------
dhdurgeeverizonnet
-----------------------------------------------------------

On Mon, 12 Nov 2007 13:25:47 UTC in comp.os.os2.apps, me@privacy.net wrote:

> I was checking this out in part because the server that I would want to
> run stunnel for OS/2 on is a Warp Server Advanced installation and is
> running the 4.02y stack.

I'm pretty sure that the 32 bit MPTS stack is certified for use on WSA, at least
on WSA-SMP. You can probably install WR08620 on it.

--
Trevor Hemsley, Brighton, UK
Trevor dot Hemsley at ntlworld dot com

Re: Getting stunnel 4.20 for OS/2 to work - OS2

Thread: Re: Getting stunnel 4.20 for OS/2 to work

LinkBack

Tools