stunnel-msspi : не-ГОСТ сервер [РЕШЕНО]

Добро пожаловать, Гость! Чтобы использовать все возможности Вход или Регистрация.

Уведомление

Error

stunnel-msspi : не-ГОСТ сервер [РЕШЕНО] - Не работает "msspi=no + client=no"

Опции

Предыдущая тема Следующая тема

filimonic		#1 Оставлено : 8 апреля 2022 г. 23:08:12(UTC)
Статус: Новичок Группы: Участники Зарегистрирован: 08.04.2022(UTC) Сообщений: 3 Сказал(а) «Спасибо»: 1 раз		Задача: на stunnel построить гейт до гост-овского сайта. Входящее подключение - TLS с внутренним сертификатом, исходящее - к "госту". Клиент ===https==> GATESERVER:44301 ===http==> GATESERVER:8101 ==GOST==> gost.cryptopro.ru ОС WS2019, сертификат GATESERVER:44301 - "классический" PEM (два файла в base64 выписанные внутренним CA) Цитата: Конфиг таков: Код: ; https://www.stunnel.org/static/stunnel.html fips = no taskbar = no ; Debugging stuff (may be useful for troubleshooting) debug = debug output = ./log/stunnel-msspi.log [44301-in] ; Server accepts connections and forwards to -out accept = 0.0.0.0:44301 connect = 127.0.0.1:8101 client = no msspi = no cert = C:\Program Files\STunnel-MSSPI\certs\h2h-tunnel.pem key = C:\Program Files\STunnel-MSSPI\certs\h2h-tunnel.key [44301-out] accept = 0.0.0.0:8101 connect = gost.cryptopro.ru:443 msspi = yes client = yes verifyChain = no verifyPeer = no Проверка (Powershell): Код:* `$resp = iwr https://myservername:44301 iwr : The underlying connection was closed: An unexpected error occurred on a send.` Цитата: В логах - Код: 2022.04.08 22:46:16 LOG6[main]: Initializing inetd mode configuration 2022.04.08 22:46:16 LOG7[main]: Running on Windows 6.2 2022.04.08 22:46:16 LOG7[main]: No limit detected for the number of clients 2022.04.08 22:46:16 LOG5[main]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:16 LOG5[main]: Compiled without OPENSSL 2022.04.08 22:46:16 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:16 LOG7[main]: errno: (_errno()) 2022.04.08 22:46:16 LOG6[main]: Initializing inetd mode configuration 2022.04.08 22:46:16 LOG7[main]: Running on Windows 6.2 2022.04.08 22:46:16 LOG5[main]: Reading configuration from file C:\Program Files\STunnel-MSSPI\stunnel.conf 2022.04.08 22:46:16 LOG5[main]: UTF-8 byte order mark not detected 2022.04.08 22:46:16 LOG7[main]: "./conf.d\." is not a file 2022.04.08 22:46:16 LOG7[main]: "./conf.d\.." is not a file 2022.04.08 22:46:16 LOG5[main]: Reading configuration from file ./conf.d\44301.xx.conf 2022.04.08 22:46:16 LOG5[main]: UTF-8 byte order mark detected 2022.04.08 22:46:16 LOG6[main]: Initializing service [44301-in] 2022.04.08 22:46:16 LOG6[main]: Initializing service [44301-out] 2022.04.08 22:46:16 LOG5[main]: Configuration successful 2022.04.08 22:46:16 LOG7[main]: Deallocating deployed section defaults 2022.04.08 22:46:16 LOG7[main]: Binding service [44301-in] 2022.04.08 22:46:16 LOG7[main]: Listening file descriptor created (FD=824) 2022.04.08 22:46:16 LOG7[main]: Setting accept socket options (FD=824) 2022.04.08 22:46:16 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket 2022.04.08 22:46:16 LOG6[main]: Service [44301-in] (FD=824) bound to 0.0.0.0:44301 2022.04.08 22:46:16 LOG7[main]: Binding service [44301-out] 2022.04.08 22:46:16 LOG7[main]: Listening file descriptor created (FD=828) 2022.04.08 22:46:16 LOG7[main]: Setting accept socket options (FD=828) 2022.04.08 22:46:16 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket 2022.04.08 22:46:16 LOG6[main]: Service [44301-out] (FD=828) bound to 0.0.0.0:8101 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: Service [44301-in] accepted (FD=840) from 127.0.0.1:65121 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[0]: Service [44301-in] started 2022.04.08 22:46:23 LOG7[0]: Setting local socket options (FD=840) 2022.04.08 22:46:23 LOG7[0]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[0]: Service [44301-in] accepted connection from 127.0.0.1:65121 2022.04.08 22:46:23 LOG6[0]: Peer certificate not required 2022.04.08 22:46:23 LOG6[0]: s_connect: connecting 127.0.0.1:8101 2022.04.08 22:46:23 LOG7[0]: s_connect: s_poll_wait 127.0.0.1:8101: waiting 10 seconds 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[0]: FD=848 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG5[0]: s_connect: connected 127.0.0.1:8101 2022.04.08 22:46:23 LOG5[0]: Service [44301-in] connected remote server from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[main]: Service [44301-out] accepted (FD=892) from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[0]: Setting remote socket options (FD=848) 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[0]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[0]: Remote descriptor (FD=848) initialized 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[1]: Service [44301-out] started 2022.04.08 22:46:23 LOG7[1]: Setting local socket options (FD=892) 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[1]: Service [44301-out] accepted connection from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG6[1]: s_connect: connecting 193.37.157.95:443 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: s_connect: s_poll_wait 193.37.157.95:443: waiting 10 seconds 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: FD=908 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG3[0]: transfer() loop executes not transferring any data 2022.04.08 22:46:23 LOG3[0]: please report the problem to Michal.Trojnara@stunnel.org 2022.04.08 22:46:23 LOG3[0]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:23 LOG3[0]: Compiled without OPENSSL 2022.04.08 22:46:23 LOG3[0]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:23 LOG7[0]: errno: (_errno()) 2022.04.08 22:46:23 LOG3[0]: protocol=(null), SSL_pending=0, SSL_has_pending=0 2022.04.08 22:46:23 LOG3[0]: sock_open_rd=Y, sock_open_wr=Y 2022.04.08 22:46:23 LOG3[0]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n 2022.04.08 22:46:23 LOG3[0]: sock_can_rd=n, sock_can_wr=n 2022.04.08 22:46:23 LOG3[0]: ssl_can_rd=Y, ssl_can_wr=n 2022.04.08 22:46:23 LOG3[0]: read_wants_read=n, read_wants_write=n 2022.04.08 22:46:23 LOG3[0]: write_wants_read=n, write_wants_write=n 2022.04.08 22:46:23 LOG3[0]: shutdown_wants_read=n, shutdown_wants_write=n 2022.04.08 22:46:23 LOG3[0]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s) 2022.04.08 22:46:23 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[0]: Remote descriptor (FD=848) closed 2022.04.08 22:46:23 LOG7[0]: Local descriptor (FD=840) closed 2022.04.08 22:46:23 LOG7[0]: Service [44301-in] finished (1 left) 2022.04.08 22:46:23 LOG5[1]: s_connect: connected 193.37.157.95:443 2022.04.08 22:46:23 LOG5[1]: Service [44301-out] connected remote server from 10.64.190.84:65123 2022.04.08 22:46:23 LOG7[1]: Setting remote socket options (FD=908) 2022.04.08 22:46:23 LOG7[1]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[1]: Remote descriptor (FD=908) initialized 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: Service [44301-in] accepted (FD=652) from 127.0.0.1:65124 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG6[1]: Peer certificate not required 2022.04.08 22:46:23 LOG7[2]: Service [44301-in] started 2022.04.08 22:46:23 LOG7[2]: Setting local socket options (FD=652) 2022.04.08 22:46:23 LOG7[2]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[2]: Service [44301-in] accepted connection from 127.0.0.1:65124 2022.04.08 22:46:23 LOG6[2]: Peer certificate not required 2022.04.08 22:46:23 LOG6[2]: s_connect: connecting 127.0.0.1:8101 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: Service [44301-out] accepted (FD=960) from 127.0.0.1:65125 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[2]: s_connect: s_poll_wait 127.0.0.1:8101: waiting 10 seconds 2022.04.08 22:46:23 LOG7[2]: FD=956 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG5[2]: s_connect: connected 127.0.0.1:8101 2022.04.08 22:46:23 LOG5[2]: Service [44301-in] connected remote server from 127.0.0.1:65125 2022.04.08 22:46:23 LOG7[2]: Setting remote socket options (FD=956) 2022.04.08 22:46:23 LOG7[2]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[2]: Remote descriptor (FD=956) initialized 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG3[2]: transfer() loop executes not transferring any data 2022.04.08 22:46:23 LOG3[2]: please report the problem to Michal.Trojnara@stunnel.org 2022.04.08 22:46:23 LOG3[2]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:23 LOG3[2]: Compiled without OPENSSL 2022.04.08 22:46:23 LOG3[2]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:23 LOG7[2]: errno: (_errno()) 2022.04.08 22:46:23 LOG3[2]: protocol=(null), SSL_pending=0, SSL_has_pending=0 2022.04.08 22:46:23 LOG3[2]: sock_open_rd=Y, sock_open_wr=Y 2022.04.08 22:46:23 LOG3[2]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n 2022.04.08 22:46:23 LOG3[2]: sock_can_rd=n, sock_can_wr=n 2022.04.08 22:46:23 LOG3[2]: ssl_can_rd=Y, ssl_can_wr=n 2022.04.08 22:46:23 LOG3[2]: read_wants_read=n, read_wants_write=n 2022.04.08 22:46:23 LOG3[2]: write_wants_read=n, write_wants_write=n 2022.04.08 22:46:23 LOG3[2]: shutdown_wants_read=n, shutdown_wants_write=n 2022.04.08 22:46:23 LOG3[2]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s) 2022.04.08 22:46:23 LOG5[2]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[2]: Remote descriptor (FD=956) closed 2022.04.08 22:46:23 LOG7[2]: Local descriptor (FD=652) closed 2022.04.08 22:46:23 LOG7[2]: Service [44301-in] finished (1 left) 2022.04.08 22:46:23 LOG7[3]: Service [44301-out] started 2022.04.08 22:46:23 LOG7[3]: Setting local socket options (FD=960) 2022.04.08 22:46:23 LOG7[3]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[3]: Service [44301-out] accepted connection from 127.0.0.1:65125 2022.04.08 22:46:23 LOG6[3]: s_connect: connecting 193.37.157.95:443 2022.04.08 22:46:23 LOG7[3]: s_connect: s_poll_wait 193.37.157.95:443: waiting 10 seconds 2022.04.08 22:46:23 LOG7[3]: FD=1068 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG5[3]: s_connect: connected 193.37.157.95:443 2022.04.08 22:46:23 LOG5[3]: Service [44301-out] connected remote server from 10.64.190.84:65126 2022.04.08 22:46:23 LOG7[3]: Setting remote socket options (FD=1068) 2022.04.08 22:46:23 LOG7[3]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[3]: Remote descriptor (FD=1068) initialized 2022.04.08 22:46:23 LOG6[3]: Peer certificate not required 2022.04.08 22:46:23 LOG6[1]: msspi: TLSv1.2 connected (FF85) 2022.04.08 22:46:23 LOG6[3]: msspi: TLSv1.2 connected (FF85) 2022.04.08 22:46:23 LOG3[1]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2022.04.08 22:46:23 LOG3[3]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2022.04.08 22:46:23 LOG5[1]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG5[3]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[1]: Remote descriptor (FD=908) closed 2022.04.08 22:46:23 LOG7[3]: Remote descriptor (FD=1068) closed 2022.04.08 22:46:23 LOG7[1]: Local descriptor (FD=892) closed 2022.04.08 22:46:23 LOG7[1]: Service [44301-out] finished (1 left) 2022.04.08 22:46:23 LOG7[3]: Local descriptor (FD=960) closed 2022.04.08 22:46:23 LOG7[3]: Service [44301-out] finished (0 left) Если взять "обычный" stunnel и убрать из конфига msspi=, то все прекрасно работает (правда, без ГОСТа) И что самое "забавное" - если я просто заменю cert=* и key= на "yakcypcop", то поведение не меняется. Что я делаю не так? Отредактировано пользователем 10 апреля 2022 г. 22:57:44(UTC) \| Причина: Не указана


Профиль пользователя Просмотр всех сообщений пользователя Просмотр «Спасибо»


	Wanna join the discussion?! Login to your Форум КриптоПро forum account, or Register a new forum account.

pd		#2 Оставлено : 10 апреля 2022 г. 2:05:32(UTC)
Статус: Сотрудник Группы: Администраторы Зарегистрирован: 16.09.2010(UTC) Сообщений: 1,496 Откуда: КРИПТО-ПРО Сказал(а) «Спасибо»: 35 раз Поблагодарили: 466 раз в 333 постах		Автор: filimonic Задача: на stunnel построить гейт до гост-овского сайта. Входящее подключение - TLS с внутренним сертификатом, исходящее - к "госту". Клиент ===https==> GATESERVER:44301 ===http==> GATESERVER:8101 ==GOST==> gost.cryptopro.ru ОС WS2019, сертификат GATESERVER:44301 - "классический" PEM (два файла в base64 выписанные внутренним CA) Цитата: Конфиг таков: Код: ; https://www.stunnel.org/static/stunnel.html fips = no taskbar = no ; Debugging stuff (may be useful for troubleshooting) debug = debug output = ./log/stunnel-msspi.log [44301-in] ; Server accepts connections and forwards to -out accept = 0.0.0.0:44301 connect = 127.0.0.1:8101 client = no msspi = no cert = C:\Program Files\STunnel-MSSPI\certs\h2h-tunnel.pem key = C:\Program Files\STunnel-MSSPI\certs\h2h-tunnel.key [44301-out] accept = 0.0.0.0:8101 connect = gost.cryptopro.ru:443 msspi = yes client = yes verifyChain = no verifyPeer = no Проверка (Powershell): Код:* `$resp = iwr https://myservername:44301 iwr : The underlying connection was closed: An unexpected error occurred on a send.` Цитата: В логах - Код: 2022.04.08 22:46:16 LOG6[main]: Initializing inetd mode configuration 2022.04.08 22:46:16 LOG7[main]: Running on Windows 6.2 2022.04.08 22:46:16 LOG7[main]: No limit detected for the number of clients 2022.04.08 22:46:16 LOG5[main]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:16 LOG5[main]: Compiled without OPENSSL 2022.04.08 22:46:16 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:16 LOG7[main]: errno: (_errno()) 2022.04.08 22:46:16 LOG6[main]: Initializing inetd mode configuration 2022.04.08 22:46:16 LOG7[main]: Running on Windows 6.2 2022.04.08 22:46:16 LOG5[main]: Reading configuration from file C:\Program Files\STunnel-MSSPI\stunnel.conf 2022.04.08 22:46:16 LOG5[main]: UTF-8 byte order mark not detected 2022.04.08 22:46:16 LOG7[main]: "./conf.d\." is not a file 2022.04.08 22:46:16 LOG7[main]: "./conf.d\.." is not a file 2022.04.08 22:46:16 LOG5[main]: Reading configuration from file ./conf.d\44301.xx.conf 2022.04.08 22:46:16 LOG5[main]: UTF-8 byte order mark detected 2022.04.08 22:46:16 LOG6[main]: Initializing service [44301-in] 2022.04.08 22:46:16 LOG6[main]: Initializing service [44301-out] 2022.04.08 22:46:16 LOG5[main]: Configuration successful 2022.04.08 22:46:16 LOG7[main]: Deallocating deployed section defaults 2022.04.08 22:46:16 LOG7[main]: Binding service [44301-in] 2022.04.08 22:46:16 LOG7[main]: Listening file descriptor created (FD=824) 2022.04.08 22:46:16 LOG7[main]: Setting accept socket options (FD=824) 2022.04.08 22:46:16 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket 2022.04.08 22:46:16 LOG6[main]: Service [44301-in] (FD=824) bound to 0.0.0.0:44301 2022.04.08 22:46:16 LOG7[main]: Binding service [44301-out] 2022.04.08 22:46:16 LOG7[main]: Listening file descriptor created (FD=828) 2022.04.08 22:46:16 LOG7[main]: Setting accept socket options (FD=828) 2022.04.08 22:46:16 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket 2022.04.08 22:46:16 LOG6[main]: Service [44301-out] (FD=828) bound to 0.0.0.0:8101 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: Service [44301-in] accepted (FD=840) from 127.0.0.1:65121 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[0]: Service [44301-in] started 2022.04.08 22:46:23 LOG7[0]: Setting local socket options (FD=840) 2022.04.08 22:46:23 LOG7[0]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[0]: Service [44301-in] accepted connection from 127.0.0.1:65121 2022.04.08 22:46:23 LOG6[0]: Peer certificate not required 2022.04.08 22:46:23 LOG6[0]: s_connect: connecting 127.0.0.1:8101 2022.04.08 22:46:23 LOG7[0]: s_connect: s_poll_wait 127.0.0.1:8101: waiting 10 seconds 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[0]: FD=848 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG5[0]: s_connect: connected 127.0.0.1:8101 2022.04.08 22:46:23 LOG5[0]: Service [44301-in] connected remote server from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[main]: Service [44301-out] accepted (FD=892) from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[0]: Setting remote socket options (FD=848) 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[0]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[0]: Remote descriptor (FD=848) initialized 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[1]: Service [44301-out] started 2022.04.08 22:46:23 LOG7[1]: Setting local socket options (FD=892) 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[1]: Service [44301-out] accepted connection from 127.0.0.1:65122 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG6[1]: s_connect: connecting 193.37.157.95:443 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: s_connect: s_poll_wait 193.37.157.95:443: waiting 10 seconds 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[1]: FD=908 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[0]: SSL_read returned 0 2022.04.08 22:46:23 LOG3[0]: transfer() loop executes not transferring any data 2022.04.08 22:46:23 LOG3[0]: please report the problem to Michal.Trojnara@stunnel.org 2022.04.08 22:46:23 LOG3[0]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:23 LOG3[0]: Compiled without OPENSSL 2022.04.08 22:46:23 LOG3[0]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:23 LOG7[0]: errno: (_errno()) 2022.04.08 22:46:23 LOG3[0]: protocol=(null), SSL_pending=0, SSL_has_pending=0 2022.04.08 22:46:23 LOG3[0]: sock_open_rd=Y, sock_open_wr=Y 2022.04.08 22:46:23 LOG3[0]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n 2022.04.08 22:46:23 LOG3[0]: sock_can_rd=n, sock_can_wr=n 2022.04.08 22:46:23 LOG3[0]: ssl_can_rd=Y, ssl_can_wr=n 2022.04.08 22:46:23 LOG3[0]: read_wants_read=n, read_wants_write=n 2022.04.08 22:46:23 LOG3[0]: write_wants_read=n, write_wants_write=n 2022.04.08 22:46:23 LOG3[0]: shutdown_wants_read=n, shutdown_wants_write=n 2022.04.08 22:46:23 LOG3[0]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s) 2022.04.08 22:46:23 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[0]: Remote descriptor (FD=848) closed 2022.04.08 22:46:23 LOG7[0]: Local descriptor (FD=840) closed 2022.04.08 22:46:23 LOG7[0]: Service [44301-in] finished (1 left) 2022.04.08 22:46:23 LOG5[1]: s_connect: connected 193.37.157.95:443 2022.04.08 22:46:23 LOG5[1]: Service [44301-out] connected remote server from 10.64.190.84:65123 2022.04.08 22:46:23 LOG7[1]: Setting remote socket options (FD=908) 2022.04.08 22:46:23 LOG7[1]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[1]: Remote descriptor (FD=908) initialized 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: Service [44301-in] accepted (FD=652) from 127.0.0.1:65124 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG6[1]: Peer certificate not required 2022.04.08 22:46:23 LOG7[2]: Service [44301-in] started 2022.04.08 22:46:23 LOG7[2]: Setting local socket options (FD=652) 2022.04.08 22:46:23 LOG7[2]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[2]: Service [44301-in] accepted connection from 127.0.0.1:65124 2022.04.08 22:46:23 LOG6[2]: Peer certificate not required 2022.04.08 22:46:23 LOG6[2]: s_connect: connecting 127.0.0.1:8101 2022.04.08 22:46:23 LOG7[main]: Found 1 ready file descriptor(s) 2022.04.08 22:46:23 LOG7[main]: FD=728 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=824 ifds=r-x ofds=--- 2022.04.08 22:46:23 LOG7[main]: FD=828 ifds=r-x ofds=r-- 2022.04.08 22:46:23 LOG7[main]: Service [44301-out] accepted (FD=960) from 127.0.0.1:65125 2022.04.08 22:46:23 LOG7[main]: Creating a new thread 2022.04.08 22:46:23 LOG7[main]: New thread created 2022.04.08 22:46:23 LOG7[2]: s_connect: s_poll_wait 127.0.0.1:8101: waiting 10 seconds 2022.04.08 22:46:23 LOG7[2]: FD=956 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG5[2]: s_connect: connected 127.0.0.1:8101 2022.04.08 22:46:23 LOG5[2]: Service [44301-in] connected remote server from 127.0.0.1:65125 2022.04.08 22:46:23 LOG7[2]: Setting remote socket options (FD=956) 2022.04.08 22:46:23 LOG7[2]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[2]: Remote descriptor (FD=956) initialized 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG7[2]: SSL_read returned 0 2022.04.08 22:46:23 LOG3[2]: transfer() loop executes not transferring any data 2022.04.08 22:46:23 LOG3[2]: please report the problem to Michal.Trojnara@stunnel.org 2022.04.08 22:46:23 LOG3[2]: stunnel 5.61 on x64-pc-msvc-1900 platform 2022.04.08 22:46:23 LOG3[2]: Compiled without OPENSSL 2022.04.08 22:46:23 LOG3[2]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:OCSP,SNI 2022.04.08 22:46:23 LOG7[2]: errno: (_errno()) 2022.04.08 22:46:23 LOG3[2]: protocol=(null), SSL_pending=0, SSL_has_pending=0 2022.04.08 22:46:23 LOG3[2]: sock_open_rd=Y, sock_open_wr=Y 2022.04.08 22:46:23 LOG3[2]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n 2022.04.08 22:46:23 LOG3[2]: sock_can_rd=n, sock_can_wr=n 2022.04.08 22:46:23 LOG3[2]: ssl_can_rd=Y, ssl_can_wr=n 2022.04.08 22:46:23 LOG3[2]: read_wants_read=n, read_wants_write=n 2022.04.08 22:46:23 LOG3[2]: write_wants_read=n, write_wants_write=n 2022.04.08 22:46:23 LOG3[2]: shutdown_wants_read=n, shutdown_wants_write=n 2022.04.08 22:46:23 LOG3[2]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s) 2022.04.08 22:46:23 LOG5[2]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[2]: Remote descriptor (FD=956) closed 2022.04.08 22:46:23 LOG7[2]: Local descriptor (FD=652) closed 2022.04.08 22:46:23 LOG7[2]: Service [44301-in] finished (1 left) 2022.04.08 22:46:23 LOG7[3]: Service [44301-out] started 2022.04.08 22:46:23 LOG7[3]: Setting local socket options (FD=960) 2022.04.08 22:46:23 LOG7[3]: Option TCP_NODELAY set on local socket 2022.04.08 22:46:23 LOG5[3]: Service [44301-out] accepted connection from 127.0.0.1:65125 2022.04.08 22:46:23 LOG6[3]: s_connect: connecting 193.37.157.95:443 2022.04.08 22:46:23 LOG7[3]: s_connect: s_poll_wait 193.37.157.95:443: waiting 10 seconds 2022.04.08 22:46:23 LOG7[3]: FD=1068 ifds=rwx ofds=--- 2022.04.08 22:46:23 LOG5[3]: s_connect: connected 193.37.157.95:443 2022.04.08 22:46:23 LOG5[3]: Service [44301-out] connected remote server from 10.64.190.84:65126 2022.04.08 22:46:23 LOG7[3]: Setting remote socket options (FD=1068) 2022.04.08 22:46:23 LOG7[3]: Option TCP_NODELAY set on remote socket 2022.04.08 22:46:23 LOG7[3]: Remote descriptor (FD=1068) initialized 2022.04.08 22:46:23 LOG6[3]: Peer certificate not required 2022.04.08 22:46:23 LOG6[1]: msspi: TLSv1.2 connected (FF85) 2022.04.08 22:46:23 LOG6[3]: msspi: TLSv1.2 connected (FF85) 2022.04.08 22:46:23 LOG3[1]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2022.04.08 22:46:23 LOG3[3]: readsocket: Connection reset by peer (WSAECONNRESET) (10054) 2022.04.08 22:46:23 LOG5[1]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG5[3]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2022.04.08 22:46:23 LOG7[1]: Remote descriptor (FD=908) closed 2022.04.08 22:46:23 LOG7[3]: Remote descriptor (FD=1068) closed 2022.04.08 22:46:23 LOG7[1]: Local descriptor (FD=892) closed 2022.04.08 22:46:23 LOG7[1]: Service [44301-out] finished (1 left) 2022.04.08 22:46:23 LOG7[3]: Local descriptor (FD=960) closed 2022.04.08 22:46:23 LOG7[3]: Service [44301-out] finished (0 left) Если взять "обычный" stunnel и убрать из конфига msspi=, то все прекрасно работает (правда, без ГОСТа) И что самое "забавное" - если я просто заменю cert=* и key= на "yakcypcop", то поведение не меняется. Что я делаю не так? RSA как и ГОСТ работают только через КриптоПро CSP. Поэтому для RSA (по аналогии с ГОСТ) потребуется серверный сертификат и ключ со всеми вытекающими.
		Знания в базе знаний, поддержка в техподдержке
		WWW

Профиль пользователя Просмотр всех сообщений пользователя Просмотр «Спасибо»

filimonic		#3 Оставлено : 10 апреля 2022 г. 6:46:59(UTC)
Статус: Новичок Группы: Участники Зарегистрирован: 08.04.2022(UTC) Сообщений: 3 Сказал(а) «Спасибо»: 1 раз		А можно, пожалуйста, про "все вытекающие" поподробнее? Я могу установить обычный PFX выданный моим внутренним ЦС в CSP? Понадобится ли мне дополнительная лицензия на это "Крипто про TLS"? Я так понимаю, на 100тр дешевле входящие подкоючения сделать через ЛюбойДругойСервер, или все таки Не-гост бесплатно? Отредактировано пользователем 10 апреля 2022 г. 6:51:29(UTC) \| Причина: Не указана


Профиль пользователя Просмотр всех сообщений пользователя Просмотр «Спасибо»

pd		#4 Оставлено : 10 апреля 2022 г. 22:56:23(UTC)
Статус: Сотрудник Группы: Администраторы Зарегистрирован: 16.09.2010(UTC) Сообщений: 1,496 Откуда: КРИПТО-ПРО Сказал(а) «Спасибо»: 35 раз Поблагодарили: 466 раз в 333 постах		Автор: filimonic А можно, пожалуйста, про "все вытекающие" поподробнее? Я могу установить обычный PFX выданный моим внутренним ЦС в CSP? Понадобится ли мне дополнительная лицензия на это "Крипто про TLS"? Я так понимаю, на 100тр дешевле входящие подкоючения сделать через ЛюбойДругойСервер, или все таки Не-гост бесплатно? - Вы сами в вопросе раскрыли все вытекающие. - Да. - Про лицензии: https://support.cryptopro.ru/index.php?/Knowledgebase/Article/View/335/0/politik-licenzirovnija-kriptopro-csp-50-r2 - Не бесплатно.
		Знания в базе знаний, поддержка в техподдержке
		WWW
1 пользователь поблагодарил pd за этот пост.		filimonic оставлено 10.04.2022(UTC)
Профиль пользователя Просмотр всех сообщений пользователя Просмотр «Спасибо»

RSS Лента

Atom Лента

Пользователи, просматривающие эту тему
Guest

Быстрый переход

Вы не можете создавать новые темы в этом форуме.
Вы не можете отвечать в этом форуме.
Вы не можете удалять Ваши сообщения в этом форуме.
Вы не можете редактировать Ваши сообщения в этом форуме.
Вы не можете создавать опросы в этом форуме.
Вы не можете голосовать в этом форуме.

Important Information: The Форум КриптоПро uses cookies. By continuing to browse this site, you are agreeing to our use of cookies. More Details Close