Hi
I'am unexperienced rsync user. I have scenario where i have on one side
Netware 6.0 server with rsync 2.5.7 working as a deamon with --ssl option (
default ) :
rsync -v --progress --ssl --port=873 --daemon
my rsyncd.conf :
uid = nobody
gid = nobody
max connections = 0
syslog facility = local5
pid file = SYS:/rsync/rsyncd.pid
log file = SYS:/rsync/rsyncd.log
motd file = SYS:/rsync/rsyncd.motd
[PECET]
path=SYS:/rsync/PECET
comment read only=no
use chroot=no
strict modes = no
transfer logging=yes
timeout=3600
use lfs=no
hosts allow=192.168.0.98
hosts deny=*
On the other side i have win98 with rsync 2.6.0.
I try to connect them over SSL using STUNNEL 4.0.5 and OpenSSL 0.9.7c .
my stunnel.conf :
CAfile=C:\NARZ?DZIA ADM\SHAREWARE\Stunnel\RootCert.pem
client=yes
debug=7
output=C:\NARZ?DZIA ADM\SHAREWARE\Stunnel\STUNNEL.LOG
verify=2
socket=r:TCP_NODELAY=1
socket=l:SO_LINGER=1:60
[RSYNC]
accept = 873
connect = 192.168.0.234:873
TIMEOUTclose = 0
And after rsync rsync://localhost/PECET /kosz i get :
There is a screen of stunnel :
2004.03.05 16:28:02 LOG5[16391531:16429267]: stunnel 4.05 on x86-pc-mingw32-gnu
WIN32 with OpenSSL 0.9.7c 30 Sep 2003
2004.03.05 16:28:02 LOG7[16391531:16448547]: RAND_status claims sufficient
entropy for the PRNG
2004.03.05 16:28:02 LOG6[16391531:16448547]: PRNG seeded successfully
2004.03.05 16:28:02 LOG7[16391531:16448547]: Loaded verify certificates from
C:\NARZ?DZIA ADM\SHAREWARE\Stunnel\RootCert.pem
2004.03.05 16:28:02 LOG5[16391531:16448547]: WIN32 platform: 30000 clients
allowed
2004.03.05 16:28:02 LOG7[16391531:16448547]: FD 40 in non-blocking mode
2004.03.05 16:28:02 LOG7[16391531:16448547]: SO_REUSEADDR option set on accept
socket
2004.03.05 16:28:02 LOG7[16391531:16448547]: RSYNC bound to 0.0.0.0:873
2004.03.05 16:30:26 LOG7[16391531:16448547]: RSYNC accepted FD=44 from
127.0.0.1:2122
2004.03.05 16:30:26 LOG7[16391531:16448547]: FD 44 in non-blocking mode
2004.03.05 16:30:26 LOG7[16391531:16448547]: Creating a new thread
2004.03.05 16:30:26 LOG7[16391531:16448547]: New thread created
2004.03.05 16:30:26 LOG7[16391531:16321891]: RSYNC started
2004.03.05 16:30:26 LOG7[16391531:16321891]: SO_LINGER option set on local
socket
2004.03.05 16:30:26 LOG5[16391531:16321891]: RSYNC connected from 127.0.0.1:2122
2004.03.05 16:30:26 LOG7[16391531:16321891]: FD 52 in non-blocking mode
2004.03.05 16:30:26 LOG7[16391531:16321891]: RSYNC connecting 192.168.0.234:873
2004.03.05 16:30:26 LOG7[16391531:16321891]: remote connect #1: EWOULDBLOCK:
retrying
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: FD=52, DIR=write
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: ok
2004.03.05 16:30:26 LOG7[16391531:16321891]: Remote FD=52 initialized
2004.03.05 16:30:26 LOG7[16391531:16321891]: TCP_NODELAY option set on remote
socket
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): before/connect
initialization
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 write
client hello A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 read
server hello A
2004.03.05 16:30:26 LOG5[16391531:16321891]: VERIFY OK: depth=1,
/OU=Organizational CA/O=WIDAR_TREE
2004.03.05 16:30:26 LOG5[16391531:16321891]: VERIFY OK: depth=0,
/CN=192.168.0.234/O=WIDAR_TREE
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 read
server certificate A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 read
server done A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 write
client key exchange A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 write
change cipher spec A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 write
finished A
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 flush
data
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: FD=52, DIR=read
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: ok
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: FD=52, DIR=read
2004.03.05 16:30:26 LOG7[16391531:16321891]: waitforsocket: ok
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL state (connect): SSLv3 read
finished A
2004.03.05 16:30:26 LOG7[16391531:16321891]: 1 items in the session cache
2004.03.05 16:30:26 LOG7[16391531:16321891]: 1 client connects
(SSL_connect())
2004.03.05 16:30:26 LOG7[16391531:16321891]: 1 client connects that finished
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 client renegotiatations
requested
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 server connects (SSL_accept())
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 server connects that finished
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 server renegotiatiations
requested
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 session cache hits
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 session cache misses
2004.03.05 16:30:26 LOG7[16391531:16321891]: 0 session cache timeouts
2004.03.05 16:30:26 LOG6[16391531:16321891]: Negotiated ciphers: DES-CBC3-SHA
SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL alert (read): warning: close
notify
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL closed on SSL_read
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL write shutdown (output buffer
empty)
2004.03.05 16:30:26 LOG7[16391531:16321891]: Socket write shutdown (output
buffer empty)
2004.03.05 16:30:26 LOG7[16391531:16321891]: SSL alert (write): warning: close
notify
2004.03.05 16:30:26 LOG6[16391531:16321891]: SSL_shutdown successfully sent
close_notify
2004.03.05 16:30:26 LOG5[16391531:16321891]: Connection closed: 13 bytes sent to
SSL, 215 bytes sent to socket
2004.03.05 16:30:26 LOG7[16391531:16321891]: RSYNC finished (0 left)
And there is the screen of Netware rsync :
rsync: error connection unexpectedly closed ( 0 bytes reads so far )
rsync error: error in rsync protocol data stream (code 12) at io.c(197)
Without ssl rsync works fine.
Could anyone help me ?
please answer me on my private mail
wlodek@widar.lublin.pl
Thanks
WF
