<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.10.3">
</HEAD>
<BODY>
Hello,<BR>
<BR>
linux: Linux asus-gonzo 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28 UTC 2006 i686 GNU/Linux<BR>
stunnel: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP with OpenSSL 0.9.8a 11 Oct 2005<BR>
apache: Apache/2.0.55<BR>
<BR>
I am using stunnel in Ubuntu to provide https serving to an http-only Apache installation. The stunnel config is:<BR>
<BR>
cert = /home/gonzo/src/bg/run/SSL/server.crt<BR>
key = /home/gonzo/src/bg/run/SSL/server.crt<BR>
chroot = /var/run/stunnel4/<BR>
setuid = stunnel4<BR>
setgid = stunnel4<BR>
pid = /stunnel4.pid<BR>
socket = l:TCP_NODELAY=1<BR>
socket = r:TCP_NODELAY=1<BR>
debug = 7<BR>
output = /var/log/stunnel4/stunnel.log<BR>
client = no<BR>
<BR>
[https]<BR>
accept = 443<BR>
connect = 80<BR>
TIMEOUTclose = 0<BR>
<BR>
<BR>
Everything works perfectly, except for one minor detail: on the server, my PHP scripts do not have access to the real IP address of the client, and they always see this value as 127.0.0.1. I am aware the manual says that, if you use -l or -L, there will be an additional REMOTE_HOST environment variable with the desired IP address, but I am not sure how to make this work from a setup like mine, where the http server process is already running.<BR>
<BR>
Any help or hints are greatly appreciated. Best regards,<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<PRE>
--
Gonzalo Diethelm
<A HREF="mailto:gonzalo.diethelm@aditiva.com">gonzalo.diethelm@aditiva.com</A>
</PRE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>