stunnel | Simple SOCKS5/HTTP tunnel | Proxy library

 by   airtrack Rust Version: Current License: MIT

kandi X-RAY | stunnel Summary

kandi X-RAY | stunnel Summary

stunnel is a Rust library typically used in Networking, Proxy applications. stunnel has no bugs, it has a Permissive License and it has low support. However stunnel has 11 vulnerabilities. You can download it from GitHub.

Simple SOCKS5/HTTP tunnel
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              stunnel has a low active ecosystem.
              It has 144 star(s) with 32 fork(s). There are 7 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              There are 0 open issues and 6 have been closed. On average issues are closed in 38 days. There are no pull requests.
              It has a neutral sentiment in the developer community.
              The latest version of stunnel is current.

            kandi-Quality Quality

              stunnel has no bugs reported.

            kandi-Security Security

              stunnel has 11 vulnerability issues reported (0 critical, 5 high, 5 medium, 1 low).

            kandi-License License

              stunnel is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              stunnel releases are not available. You will need to build from source code and install.
              Installation instructions, examples and code snippets are available.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of stunnel
            Get all kandi verified functions for this library.

            stunnel Key Features

            No Key Features are available at this moment for stunnel.

            stunnel Examples and Code Snippets

            No Code Snippets are available at this moment for stunnel.

            Community Discussions

            QUESTION

            How to wrap OpenVPN and HTTPS traffic in one TLS connection?
            Asked 2021-Jun-14 at 06:54

            I am trying to create a single TLS connection from a client to a server. Inside this tunnel, I would like to have two different types of streams: HTTPS traffic that I want the server to forward to a specific API server, and OpenVPN traffic(which is a combination of TLS and a TCP data stream). I am looking into WebSocket to do so, but can't find information on how to forward the stream to the correct destination (OpenVPN vs HTTPS API server) once it reaches my server. Is WebSocket a good solution for this? Is stunnel a better option? Are there existing solutions that offer this functionality?

            ...

            ANSWER

            Answered 2021-Jun-14 at 06:54

            I've ended up solving this using SSLH and ghostunnel: on the client, I have started a ghostunnel listening on 127.0.0.1:8443 and forwarding the TLS-wrapped traffic towards a ghostunnel server I have in the cloud (listening on 443). I have directed my OpenVPN client to connect to 127.0.0.1:8443. I have also directed my HTTPS client to connect to 127.0.0.1:8443. On the server side, the traffic coming out of the ghostunnel server is funnelled into an SSLH server which in turn has two rules: forward TLS traffic to my webserver, and OpenVPN towards my OpenVPN server. The solution works great!

            Source https://stackoverflow.com/questions/66949825

            QUESTION

            Script does not run correctly when executed from cron
            Asked 2021-Mar-26 at 12:08

            i have a problem with a script, when is executed from cron the script does not work as expected but when i execute it from ssh it runs as is supposed.

            Setup: QNAP NAS

            The script that i'm trying to run:

            ...

            ANSWER

            Answered 2021-Mar-26 at 12:08

            The fix to my issue was to set the full path to docker. e.g:

            Source https://stackoverflow.com/questions/66806715

            QUESTION

            QuickFix C++ and SSL: Issue connecting to LMAX using sTunnel
            Asked 2021-Feb-11 at 14:19
            Goal:

            Using sTunnel with QuickFix C++: To login to the LMAX UAT over SSL-internet and send FIX 4.2 messages over a TCP connection. Another similar SO question can be found here, but doesn't appear to solve this particular issue.

            OS: Ubuntu 19.10 | sTunnel version: 5.55 | Engine: quickfix-1.15.1 | Venue: LMAX [UAT-LD4]

            Problem:

            Cannot login to the UAT. After starting sTunnel and then running the client application which first sends a LOGON message, no authentication is received. LMAX have said the client server public IP addr has been whitelisted.

            *Configs found further below. When trying to login:

            ...

            ANSWER

            Answered 2021-Feb-11 at 14:19

            SOLUTION:

            It appeared that indeed the IP address (as helpfully noted by @Christoph John) had not been correctly whitelisted by the server-side.

            However, the problem persisted. In the sTunnel configuration, I had to change sslVersion = TLSv1.1 to sslVersion = TLSv1.2.

            As well as this, it appears that the UAT would not accept FIX 4.2 messages. After changing the protocol version to FIX 4.4, I could finally LOGON to the UAT.

            Source https://stackoverflow.com/questions/65969627

            QUESTION

            Replace SSL certificate in Apache vhosts-file using sed
            Asked 2021-Jan-07 at 22:28

            I have a cron job that runs dehydrated to renew Let's Encrypt certificates on my QNAP webserver.

            I want it to fetch the current vhosts file that is generated by QNAP, get the section for the actual site, and then replace that information with correct certificate data.

            Here is a section of the vhosts-file:

            ...

            ANSWER

            Answered 2021-Jan-07 at 14:56

            QUESTION

            django channels works locally but fails on server
            Asked 2020-Nov-21 at 15:06
            Django channels fails to connect in production

            i'm working on a chat application using django Channels and reconnecting-web-socket the app works fine locally but when deployed to heroku the site works fine but the web socket closes before connection is established and sometimes it works fine.

            it tries to connect and says websocket open and established

            ...

            ANSWER

            Answered 2020-Nov-21 at 15:06

            the problem was in reconnecting-web-socket.min.js changing

            Source https://stackoverflow.com/questions/64942970

            QUESTION

            How to install "stunnel" on CloudLinux RHEL Feddora CentOS yum install not working
            Asked 2020-Oct-27 at 19:32

            !!JUST WRITING THIS POST SO THAT SOMEONE CAN SAVE HOURS IN THIS!!

            I tried a hell lot to install this "stunnel" but was unable to do so I was in my cpanel's terminal

            What I tried all with 'sudo'

            ...

            ANSWER

            Answered 2020-Oct-27 at 19:32

            I searched everywhere but I didn't find it so I tried it myself and it worked Hope this may help others who are stuck with this in their cpanel RHEL FEDDORA CENTOS

            What I did is this: Open Terminal from Cpanel and run this

            Source https://stackoverflow.com/questions/64561639

            QUESTION

            docker run behavior with commands in different order
            Asked 2020-Sep-16 at 19:51

            I'm trying to figure out the way docker handles commands presented to it.

            For example if I run this the JS app starts fine.

            ...

            ANSWER

            Answered 2020-Sep-16 at 19:51

            Either && or ; between command, shell will execute in order. So, the first command needs to finish first and then the subsequent command run.

            BUT you call nginx -g 'daemon off;' will make it run in the foreground. Therefore, it is never finished running. The commands follows won't run.

            However, I am still not sure why stunnel; nginx; cd /video_recordings/voddirectory; pm2 start app.js; pm2 startup; does not run as the normal behaviour of Nginx should go background.

            Source https://stackoverflow.com/questions/63926648

            QUESTION

            Redis 6 TLS Support and Redis Sentinel
            Asked 2020-May-26 at 17:31

            I would like to set up a basic 3-node Redis Sentinel setup using the new TLS features of Redis 6. Unfortunately, it doesn't seem like Redis 6 Sentinel is smart enough to speak TLS to clients.

            Does anyone know of a way to do this, or if it's not possible, if there are any mentions online about adding support for this in the future? It seems a shame to have these nice TLS features and not be able to use them with Redis' own tools.
            I am aware that in the past people have used Stunnel to do this. With TLS support added to Redis, I am only interested in doing this if it can be done without third party addtions.

            My setup:
            3 Redis servers (6.0-rc, last pulled last week), running TLS with the test certs as specified in the Redis docs - one master and 2 replicas
            3 Sentinels (6.0-rc, also last pulled last week), not running TLS on their ports (I would like to, but that's a secondary problem)

            What I've Tried:

            1. Pointing Sentinel to the Redis TLS port - this results in lots of TLS errors in Redis' logs about incorrect TLS version received, as Sentinel is not speaking TLS to Redis. Since it fails, Sentinel thinks the master is down.

            2. Adding "https://" in the Sentinel config in front of the master IP - this results in Sentinel refusing to run, saying it can't find the master hostname.

            3. Adding TLS options to Sentinel - this results in Sentinel trying to talk TLS on its ports, but not to clients, which doesn't help. I couldn't find any options specifically about making Sentinel speak TLS to clients.

            4. Pointing Sentinel to the Redis not-TLS port (not ideal, I would rather only have the TLS port open) - this results in Sentinel reporting the wrong (not-TLS) port for the master to the simple Python client I'm testing with (it literally just tries to get master info from Sentinel) - I want the client to talk to Redis over TLS for obvious reasons

            5. Adding the "replica-announce-port" directive to Redis with Sentinel still pointed to the not-TLS port - this fails in 2 ways: the master port is still reported incorrectly as the not-TLS port (seems to be because the master is not a replica and so the directive does not apply), and Sentinel now thinks the replicas are both down (because the TLS port is reported, replicas are auto discovered, and it can't speak to the replicas on the TLS port).

            I am aware of this StackOverflow question (Redis Sentinel and TLS) - it is old and asks about Redis 4, so it's not the same.

            ...

            ANSWER

            Answered 2020-May-25 at 13:01

            Try to add tls-port option to the sentinel.conf as it seems to enable TLS support in general and the same is stated in documentation. For me the below two statements added to sentinel.conf on a top of the rest of TLS configuration actually made the trick.

            tls-port 26379

            port 0

            Source https://stackoverflow.com/questions/61327471

            QUESTION

            Does TLS client ever require a certificate installation?
            Asked 2020-May-01 at 19:57

            In a TLS communication I always thought the server would send the public certificate to the client during the handshake process.

            However, I received a request from a provider asking us to manually install a certificate in order to initiate a TLS communication with one of their STunnel server.

            I'm a bit confuse by this request. Is there's a situation where TLS server would not be able to send the certificate to the client and therefore required a manuel certificate installation?

            ...

            ANSWER

            Answered 2020-May-01 at 19:57

            There are two cases where a certificate installation is needed on the client side:

            • The server is using a certificate not issued by a public CA, i.e. self-signed or issued by a private CA. In this case the client must import the certificate or CA up front and install it as trusted.
            • The server is requiring client authentication based on certificates, i.e. not only the server authenticates to the client with a certificate but also the client to the server (instead or additionally to typical passwords). In this case the client has to get a client certificate and matching key and import so that it can be used for authentication.

            It is unclear which of these cases is the one you are dealing with.

            Source https://stackoverflow.com/questions/61549035

            QUESTION

            SSLHandshakeException with jlink created runtime
            Asked 2020-Apr-02 at 08:37

            I've got a dropwizard app, which runs fine with the standard JRE.

            I've tried creating a runtime using jlink which is considerably smaller:

            ...

            ANSWER

            Answered 2019-Apr-04 at 14:26

            As rich mentions in a comment

            Hmmn. If I add jdk.crypto.ec it works - why would jdeps have left that one out, if that one, would there be any others it's left out?

            adding jdk.crypto.ec to the modules list solved the problem.

            Source https://stackoverflow.com/questions/55439599

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install stunnel

            You can download it from GitHub.
            Rust is installed and managed by the rustup tool. Rust has a 6-week rapid release process and supports a great number of platforms, so there are many builds of Rust available at any time. Please refer rust-lang.org for more information.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/airtrack/stunnel.git

          • CLI

            gh repo clone airtrack/stunnel

          • sshUrl

            git@github.com:airtrack/stunnel.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Proxy Libraries

            frp

            by fatedier

            shadowsocks-windows

            by shadowsocks

            v2ray-core

            by v2ray

            caddy

            by caddyserver

            XX-Net

            by XX-net

            Try Top Libraries by airtrack

            luna

            by airtrackC++

            airix

            by airtrackC

            bitwave

            by airtrackC++

            regex

            by airtrackC++

            snet

            by airtrackC++