Hello,

I’m working on replacing an older Windows server that uses stunnel 5.71 to connect to an Oracle database running on a Linux box. I can communicate just fine with the older Windows machine and another Linux box; however, when I try to connect with the stunnel 5.72 on the Windows 2022 server, I keep running into issues and the connection is forcibly closed.

Old Windows server: stunnel 5.71
New Windows 2022 server: stunnel 5.72 (I also tried 5.71 and 5.62 just to rule things out
Oracle db server: stunnel 5.72

Other Linux server: stunnel 5.72

My stunnel.conf file is very basic, but this is what is working from my other Windows server (running stunnel 5.71):
debug = 7

[oracle15211]
client = yes
accept = 127.0.0.1:15211

connect = 172.28.125.52:15211

Below is the log with debug level 7… the only issue that I’m seeing is the “transfer() loop executes not transferring any data” message that baffles me but I’m not sure if that’s the cause of my issues or not:
2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] started

2024.02.23 11:10:21 LOG7[0]: Setting local socket options (FD=768)

2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on local socket

2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] accepted connection from 127.0.0.1:49750

2024.02.23 11:10:21 LOG6[0]: s_connect: connecting 172.28.125.52:15211

2024.02.23 11:10:21 LOG7[0]: s_connect: s_poll_wait 172.28.125.52:15211: waiting 10 seconds

2024.02.23 11:10:21 LOG7[0]: FD=780 ifds=rwx ofds=---

2024.02.23 11:10:21 LOG5[0]: s_connect: connected 172.28.125.52:15211

2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] connected remote server from 172.28.112.245:49751

2024.02.23 11:10:21 LOG7[0]: Setting remote socket options (FD=780)

2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on remote socket

2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) initialized

2024.02.23 11:10:21 LOG6[0]: SNI: sending servername: 172.28.125.52

2024.02.23 11:10:21 LOG6[0]: Peer certificate not required

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): before SSL initialization

2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server hello

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read encrypted extensions

2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled

2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server certificate

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read server certificate verify

2024.02.23 11:10:21 LOG7[0]: OCSP stapling: Client callback called

2024.02.23 11:10:21 LOG6[0]: OCSP: Certificate chain verification disabled

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read finished

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write change cipher spec

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write finished

2024.02.23 11:10:21 LOG7[0]:      1 client connect(s) requested

2024.02.23 11:10:21 LOG7[0]:      1 client connect(s) succeeded

2024.02.23 11:10:21 LOG7[0]:      0 client renegotiation(s) requested

2024.02.23 11:10:21 LOG7[0]:      0 session reuse(s)

2024.02.23 11:10:21 LOG6[0]: TLS connected: new session negotiated

2024.02.23 11:10:21 LOG6[0]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)

2024.02.23 11:10:21 LOG6[0]: Peer temporary key: X25519, 253 bits

2024.02.23 11:10:21 LOG7[0]: Compression: null, expansion: null

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully

2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated

2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address

2024.02.23 11:10:21 LOG7[0]: New session callback

2024.02.23 11:10:21 LOG7[0]: Peer certificate was cached (1375 bytes)

2024.02.23 11:10:21 LOG6[0]: Session id: B36502A30B16F61EFE3A13B7BAA73BBCD57C2C6DB838FFC7CDFDE9BF7D8607A0

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully

2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated

2024.02.23 11:10:21 LOG7[0]: New session callback

2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address

2024.02.23 11:10:21 LOG6[0]: Session id: 7FC6ABDCD70443FE70736F725F90792FAC2692FD9AD8F54A3F0443C2403C9A0C

2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket

2024.02.23 11:10:21 LOG3[0]: transfer() loop executes not transferring any data

2024.02.23 11:10:21 LOG3[0]: please report the problem to Michal.Trojnara@stunnel.org

2024.02.23 11:10:21 LOG3[0]: stunnel 5.72 on x64-pc-mingw32-gnu platform

2024.02.23 11:10:21 LOG3[0]: Compiled/running with OpenSSL 3.2.1 30 Jan 2024

2024.02.23 11:10:21 LOG3[0]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI

2024.02.23 11:10:21 LOG7[0]: errno: (*_errno())

2024.02.23 11:10:21 LOG3[0]: protocol=TLSv1.3, SSL_pending=0, SSL_has_pending=0

2024.02.23 11:10:21 LOG3[0]: sock_open_rd=Y, sock_open_wr=Y

2024.02.23 11:10:21 LOG3[0]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n

2024.02.23 11:10:21 LOG3[0]: sock_can_rd=n, sock_can_wr=n

2024.02.23 11:10:21 LOG3[0]: ssl_can_rd=n, ssl_can_wr=n

2024.02.23 11:10:21 LOG3[0]: read_wants_read=Y, read_wants_write=n

2024.02.23 11:10:21 LOG3[0]: write_wants_read=n, write_wants_write=n

2024.02.23 11:10:21 LOG3[0]: shutdown_wants_read=n, shutdown_wants_write=n

2024.02.23 11:10:21 LOG3[0]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s)

2024.02.23 11:10:21 LOG5[0]: Connection reset: 685 byte(s) sent to TLS, 381 byte(s) sent to socket

2024.02.23 11:10:21 LOG7[0]: remote_fd reset (FD=780)

2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) closed

2024.02.23 11:10:21 LOG7[0]: local_rfd/local_wfd reset (FD=768)

2024.02.23 11:10:21 LOG7[0]: Local descriptor (FD=768) closed

2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] finished (0 left)

Any help is greatly appreciated!

 

Thank you,

Mark