[prev in list] [next in list] [prev in thread] [next in thread] 

List:       stunnel-users
Subject:    RE: tcl script with stunnel, again
From:       "Raul Elizondo - wizardteam" <rauleli () wizardteam ! com>
Date:       2001-09-08 0:16:10
[Download RAW message or body]

Mike,

Couldnt find any template for errors in the FAQ, all i got was to run
with -D 7.  I will explain with the actual work i m doing.

on the server side, i made this test script:

----------
#!/usr/bin/tclsh
fconfigure stdin -buffering line; fconfigure stdout -buffering line
while {[gets stdin b] >= 0} {
 if {$b == "quit"} {
  exit
 } elseif {$b == "iversion" } {
  puts "1.0"
  puts "-=-|-=-"
 } else {
  eval catch \{$b\} final
  puts $final
  puts "-=-|-=-"
 }
}
----------

and on the inetd.conf, i added this line:

12345     stream  tcp     nowait  root    /usr/sbin/tcpd   stunnel -l
/path/to/tclscript -p /usr/local/src/stunnel-3.20/stunnel.pem -D 3

so far, so good, from the client side, i can do this:

stunnel -c -r host:12345 -D 7

i can type "exec ps uax" and i get the info, then i type "quit" and
connection closes.

So, a script in the client side works like this:

----------
#!/usr/bin/tclsh

proc pu { sock } {
 set a 1 ; set c ""
 while {$a} {
  set b [gets $sock]
  if {$b == "-=-|-=-"} {set a 0; return $c} else {set c "$c {$b}"}
 }
}

set addr $argv

## common sock usage on tcl
# if {[catch {socket $addr 12345} sock]} { puts "closed" ; return 0}
 set sock [open "|stunnel -c -r $addr:12345 -D 7" r+]
## using pipeline that with telnet actually works exactly as socket
# set sock [open "|telnet $addr 12345" r+]
 fconfigure $sock -buffering line
 puts $sock "exec ps uax"
 set l [pu $sock]
 foreach element $l {puts $element}
 puts $sock "quit"
 catch {close $sock}
----------


if i load stunnel as a daemon on client or server to read the socket in
plain text, it works.

stunnel -c -D 23456 -r server:23456

and using the sock with [open "|telnet $addr 23456" r+]

The problem comes when using stunnel on a pipeline.  With -D 7, i can see
the progress on the syslog, but seems that is not getting any answer, it
hangs on "gets $socket" and log does not report anything.

I am using stunnel-3.20 in both sides.  And it is strange, cause if stunnel
can work fine on a inetd mode, it should work fine with pipes too.  But now
i got lost.

Greetings...

-=Raul=-

-----Original Message-----
From: Michal Trojnara [mailto:Michal.Trojnara@mirt.net]
Sent: Friday, September 07, 2001 8:25 AM
To: stunnel-users@mirt.net
Subject: Re: tcl script with stunnel, again


Raul,

Could you send us the error report as described in the FAQ?
Make sure you have the latest version of stunnel installed.

BTW1: Does "gets" work with telnet?
I'm not sure if I undestand these bidirectional pipes in tcl.

BTW2: "-o" option redirects error messages only!

Best regads,
    Mike

----- Original Message -----
From: "Raul Elizondo - wizardteam" <rauleli@wizardteam.com>
To: <stunnel-users@mirt.net>
Sent: Friday, September 07, 2001 12:22 PM
Subject: RE: tcl script with stunnel, again


> Lets say, if i can execute a command as reading a file, with pipes, in tcl
> works like this
>
> set sock [open "|telnet host port" r+]
> puts $sock "command"
> set results [gets $sock]
> puts $results
> catch "close $sock"
>
> that actually works, and it is the way that is working in tests.
>
> but if i change the first set to:
>
> set sock [open "|stunnel -c -r host:port" r+]
> ...
>
> when i do a "gets" i get nothing, i dont even know if it is sending.
>
> other thing i tried was "|stunnel -c -r host:port -o /dev/stdout" but not
> success
>
> how can i actually make stunnel works as telnet does?
>
> -=Raul=-
>
> -----Original Message-----
> From: Brian Hatch [mailto:bri@stunnel.org]
> Sent: Thursday, September 06, 2001 10:44 PM
> To: stunnel-users@mirt.net
> Subject: Re: tcl script with stunnel, again
>
>
>
> > Actually, if i do a "stunnel -h > somefile" that somefile is emtpy
>
> stunnel writes the help output to stderr.  Try
>
> stunnel -h 2>&1 > somefile
>
> --
> Brian Hatch                sed '/^[when][coders]/!d;
>    Systems and                  /^...[discover].$/d;
>    Security Engineer            /^..[real].[code]$/!d'
> http://www.ifokr.org/bri/  /usr/dict/words
>
> Every message PGP signed
>
>

[prev in list] [next in list] [prev in thread] [next in thread]