5/1/2023 0 Comments Stunnel illegal socket optionError: write EPROTO 48081748826312:error:10000438:SSL routines:OPENSSL_internal:TLSV1_ALERT_INTERNAL_ERROR././third_party/boringssl/src/ssl/tls_:594:SSL alert number 80Īnd when I try curl ( curl -v -location -request POST ' -form 'username="username_here"' -form 'password="password_here"'), I see the following. Postman gives me the following error in its console when I submit requests through it. ssl/statem/statem_lib.c:109: error:141FC044:SSL routines:tls_setup_handshake:internal errorĢ021.12.19 18:51:22 LOG5: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket I get a tls_setup_handshake:internal error from stunnel4. When I try any route via postman or curl (at port 8443), I receive the following errors. HTTPS=1 pdm run python3 manage.py runserver 0.0.0.0:8001 You'll notice that I'm using pdm for package management. I have also modified the stunnel4 config file as below. Path('api/token/refresh/', jwt_view(), name='token_refresh'),] Path('api/token/', jwt_view(), name='token_obtain_pair'), from django.urls import include, pathįrom rest_framework_simplejwt import views as jwt_views Here's a minimalist urls.py that will generate a token provided a valid username and password. In openSUSE 10.3 I have no issues (I neither had to create /var/lib/stunnel/var/run directory, the PID is stored in /var/run, nor to modify the rc-script to include passwd and group files).In an effort to test an API via an HTTPS connection locally, I followed the approach described here by Evan Grim where I use stunnel4 as a middleman between my requests and my API server. SslVersion = SSLv3 for client, all for serverĮven running stunnel without the chroot spawns 6 stunnel processes (on the home/OSS11.0), all with root user. Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP Stunnel 4.16 on x86_64-suse-linux-gnu with OpenSSL 0.9.8e Odd is, that I have the same configuration and rc-script on two machines, the difference is in the stunnel version and openSUSE release: When trying to stop the process (rcstunnel stop), none of the processes is stopped (as you can see above). The PID-file is created in the chroot and has the PID of the process running under the user stunnel. Starting stunnel (SSL tunnel) doneĬhecking for stunnel (SSL tunnel): unused Warning: can't get client address: Bad file descriptorĪfter I have changed stunnel to 106 and nogroup to 65534 (UID and GID from passwd and group files), stunnel is running, but there are 6 instances of it, 1 running under user stunnel, 5 under the root user. Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP Stunnel 4.21 on i686-pc-linux-gnu with OpenSSL 0.9.8g Now these files get copied to the chroot (/var/lib/stunnel/), but I still get the error message: I have modified the rc-script to include /etc/passwd and /etc/group on the line 242:įor i in $STUNNEL_CONF /etc/ do
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |