Мобильная версияМое приложение QT начинает восхищение в начале выполнения и останавливает его, когда мое приложение QT выходит. Проверьте установить 0 (работает) и проверить установить 2 (сбои). < /p>
У меня есть личный сертификат в Android castore.stunnel.conf
foreground = yes
debug = 6
[mariadb]
CAstore = /data/misc/user/0/cacerts-added
CApath = /data/misc/user/0/cacerts-added
client = yes
accept = 127.0.0.1:3307
connect = remote_server:3307
verify = 0
Works:
I/stunnel : LOG6[ui]: Initializing inetd mode configuration
I/stunnel : LOG5[ui]: stunnel 5.75 on android-mobile-device platform
I/stunnel : LOG5[ui]: Compiled/running with OpenSSL 3.1.1 30 May 2023
I/stunnel : LOG5[ui]: Threading:PTHREAD Sockets:SELECT,IPv4 TLS:ENGINE,OCSP,PSK,SNI
I/stunnel : LOG6[ui]: Initializing inetd mode configuration
I/stunnel : LOG5[ui]: Reading configuration from buffer 0x7280e409b640
I/stunnel : LOG5[ui]: UTF-8 byte order mark not detected
I/stunnel : LOG6[ui]: Compression disabled
I/stunnel : LOG6[ui]: Initializing service [mariadb]
I/stunnel : LOG6[ui]: stunnel default security level set: 2
I/stunnel : LOG6[ui]: Session resumption enabled
I/stunnel : LOG6[ui]: Configured trusted server CA: C=AU, ST=Florida, L=York, O=Home, OU=Whiskey, CN=Michael, emailAddress=eric.admin@intheether.com
W/stunnel : LOG4[ui]: Service [mariadb] needs authentication to prevent MITM attacks
I/stunnel : LOG6[ui]: DH initialization skipped: client section
I/stunnel : LOG5[ui]: Configuration successful
I/stunnel : LOG6[ui]: Service [mariadb] (FD=117) bound to 127.0.0.1:3307
I/stunnel : LOG6[ui]: Accepting new connections
I/stunnel : LOG6[per-day]: Executing per-day jobs
I/stunnel : LOG6[per-day]: Per-day jobs completed in 0 seconds
I/stunnel : LOG5[0]: Service [mariadb] accepted connection from 127.0.0.1:36802
I/stunnel : LOG6[0]: s_connect: connecting 192.168.0.1:3307
I/stunnel : LOG5[0]: s_connect: connected 192.168.0.1:3307
I/stunnel : LOG5[0]: Service [mariadb] connected remote server from 10.0.2.16:58660
I/stunnel : LOG6[0]: SNI: sending servername: remote_server
I/stunnel : LOG6[0]: Peer certificate not required
I/stunnel : LOG6[0]: Received trusted client CA: C=AU, ST=Florida, L=York, O=Home, OU=Whiskey, CN=Michael, emailAddress=eric.admin@intheether.com
I/stunnel : LOG6[0]: CERT: Certificate verification disabled
I/stunnel : LOG6[0]: CERT: Certificate verification disabled
I/stunnel : LOG6[0]: OCSP: Certificate chain verification disabled
I/stunnel : LOG6[0]: TLS connected: new session negotiated
I/stunnel : LOG6[0]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
I/stunnel : LOG6[0]: Peer temporary key: X25519, 253 bits
I/stunnel : LOG6[0]: Session id: 90DD6325CCBC47C3F8F560C36F76755B4959E6A8421DD97B751E37FDD1DCCAC7
I/stunnel : LOG6[0]: Session id: 24345E21753FE3B254CA089FB7621C1481B523E72EB9571DDF7A366B5E89E834
stunnel.conf
foreground = yes
debug = 6
[mariadb]
CAstore = /data/misc/user/0/cacerts-added
CApath = /data/misc/user/0/cacerts-added
client = yes
accept = 127.0.0.1:3307
connect = remote_server:3307
verify = 2
Fails:
I/stunnel : LOG6[ui]: Initializing inetd mode configuration
I/stunnel : LOG5[ui]: stunnel 5.75 on android-mobile-device platform
I/stunnel : LOG5[ui]: Compiled/running with OpenSSL 3.1.1 30 May 2023
I/stunnel : LOG5[ui]: Threading:PTHREAD Sockets:SELECT,IPv4 TLS:ENGINE,OCSP,PSK,SNI
I/stunnel : LOG6[ui]: Initializing inetd mode configuration
I/stunnel : LOG5[ui]: Reading configuration from buffer 0x7280e409b0a0
I/stunnel : LOG5[ui]: UTF-8 byte order mark not detected
I/stunnel : LOG6[ui]: Compression disabled
I/stunnel : LOG6[ui]: Initializing service [mariadb]
I/stunnel : LOG6[ui]: stunnel default security level set: 2
I/stunnel : LOG6[ui]: Session resumption enabled
I/stunnel : LOG6[ui]: Configured trusted server CA: C=AU, ST=Florida, L=York, O=Home, OU=Whiskey, CN=Michael, emailAddress=eric.admin@intheether.com
W/stunnel : LOG4[ui]: Service [mariadb] uses "verifyChain" without subject checks
W/stunnel : LOG4[ui]: Use "checkHost" or "checkIP" to restrict trusted certificates
I/stunnel : LOG6[ui]: DH initialization skipped: client section
I/stunnel : LOG5[ui]: Configuration successful
I/stunnel : LOG6[ui]: Service [mariadb] (FD=114) bound to 127.0.0.1:3307
I/stunnel : LOG6[ui]: Accepting new connections
I/stunnel : LOG6[per-day]: Executing per-day jobs
I/stunnel : LOG6[per-day]: Per-day jobs completed in 0 seconds
I/stunnel : LOG5[0]: Service [mariadb] accepted connection from 127.0.0.1:39238
I/stunnel : LOG6[0]: s_connect: connecting 192.168.0.1:3307
I/stunnel : LOG5[0]: s_connect: connected 192.168.0.1:3307
I/stunnel : LOG5[0]: Service [mariadb] connected remote server from 10.0.2.16:59154
I/stunnel : LOG6[0]: SNI: sending servername: remote_server
I/stunnel : LOG6[0]: Peer certificate required
I/stunnel : LOG6[0]: Received trusted client CA: C=AU, ST=Florida, L=York, O=Home, OU=Whiskey, CN=Michael, emailAddress=eric.admin@intheether.com
W/stunnel : LOG4[0]: CERT: Pre-verification error: certificate not found in local repository: self-signed certificate
W/stunnel : LOG4[0]: Rejected by CERT at depth=0: C=PL, ST=Mazovia Province, L=Warsaw, O=Stunnel Developers, OU=Provisional CA, CN=localhost
E/stunnel : LOG3[0]: SSL_connect: tls_post_process_server_certificate@ssl/statem/statem_clnt.c
error:0A000086:SSL routines::certificate verify failedI/stunnel : LOG5[0]: Connection closed/reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
I/stunnel : LOG6[ui]: Child process 17669 finished with code 0
Подробнее здесь: https://stackoverflow.com/questions/797 ... nssl-3-3-1
