Re: "SSL3_GET_RECORD:wrong version number" error

Wed, 04 Oct 2006 05:36:12 -0700 

On 04/10/2006, at 9:39 PM, Michal Trojnara wrote:


James Brown wrote:

[ssmtp]
client = yes
accept  = 465
connect = 192.168.1.31:25


Port numbers suggest you're going to setup SSL server
instead of SSL client.  Just remove "client = yes" line.

Best regards,
    Mike


Thanks Mike.


I think I want it acting as an SSL server. My mail client (Apple's  
Mail) can send using SSL. I want stunnel accept this encrypted  
message on port 465 and forward the decrypted email to port 25 of my  
mail server. In the above example I actually had stunnel running on  
the machine that was running the mail client, as I was just trying to  
test it. Sorry if I was a bit misleading there.


If I remove the line I get:

$ sudo stunnel /sw/etc/stunnel/stunnel.conf

2006.10.04 22:13:59 LOG5[6142:2684415368]: stunnel 4.04 on powerpc- 
apple-darwin8.7.0 PTHREAD+LIBWRAP with OpenSSL 0.9.7d 17 Mar 2004
2006.10.04 22:13:59 LOG7[6142:2684415368]: Snagged 64 random bytes  
from /Users/jlbrown/.rnd
2006.10.04 22:13:59 LOG7[6142:2684415368]: Wrote 1024 new random  
bytes to /Users/jlbrown/.rnd
2006.10.04 22:13:59 LOG7[6142:2684415368]: RAND_status claims  
sufficient entropy for the PRNG

2006.10.04 22:13:59 LOG6[6142:2684415368]: PRNG seeded successfully
2006.10.04 22:13:59 LOG7[6142:2684415368]: Certificate: /%1.pem
2006.10.04 22:13:59 LOG7[6142:2684415368]: Key file: /%1.pem

2006.10.04 22:13:59 LOG5[6142:2684415368]: FD_SETSIZE=1024, file  
ulimit=256 -> 125 clients allowed

2006.10.04 22:13:59 LOG7[6142:2684415368]: FD 6 in non-blocking mode

2006.10.04 22:13:59 LOG7[6142:2684415368]: SO_REUSEADDR option set on  
accept socket
2006.10.04 22:13:59 LOG7[6142:2684415368]: secure_mail bound to  
0.0.0.0:2525

2006.10.04 22:13:59 LOG7[6142:2684415368]: FD 7 in non-blocking mode
2006.10.04 22:13:59 LOG7[6142:2684415368]: FD 8 in non-blocking mode

mail1-bordo-com-au:/ jlbrown$ 2006.10.04 22:13:59 LOG7 
[6143:2684415368]: Created pid file /sw/var/run/stunnel.pid
2006.10.04 22:14:11 LOG7[6143:2684415368]: secure_mail accepted FD=9  
from 127.0.0.1:50407

2006.10.04 22:14:11 LOG7[6143:2684415368]: FD 9 in non-blocking mode
2006.10.04 22:14:11 LOG7[6143:25183744]: secure_mail started

2006.10.04 22:14:11 LOG7[6143:25183744]: TCP_NODELAY option set on  
local socket
2006.10.04 22:14:11 LOG5[6143:25183744]: secure_mail connected from  
127.0.0.1:50407
2006.10.04 22:14:11 LOG7[6143:25183744]: SSL state (accept): before/ 
accept initialization

2006.10.04 22:14:11 LOG7[6143:25183744]: waitforsocket: FD=9, DIR=read
2006.10.04 22:19:11 LOG7[6143:25183744]: waitforsocket: timeout
2006.10.04 22:19:11 LOG7[6143:25183744]: secure_mail finished (0 left)


With the line in I get the "wrong version number" error, but it seems  
to get further.


Thanks,

James.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]














    











					Reply via email to