Hello,
I’m working on replacing an older Windows server that uses stunnel 5.71 to connect to an Oracle database running on a Linux box. I can communicate just fine with the older Windows machine and another Linux box; however, when I try to connect
with the stunnel 5.72 on the Windows 2022 server, I keep running into issues and the connection is forcibly closed.
Old Windows server: stunnel 5.71
New Windows 2022 server: stunnel 5.72 (I also tried 5.71 and 5.62 just to rule things out
Oracle db server: stunnel 5.72
Other Linux server: stunnel 5.72
My stunnel.conf file is very basic, but this is what is working from my other Windows server (running stunnel 5.71):
debug = 7
[oracle15211]
client = yes
accept = 127.0.0.1:15211
connect = 172.28.125.52:15211
Below is the log with debug level 7… the only issue that I’m seeing is the “transfer() loop executes not transferring any data” message that baffles me but I’m not sure if that’s the cause of my issues or not:
2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] started
2024.02.23 11:10:21 LOG7[0]: Setting local socket options (FD=768)
2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on local socket
2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] accepted connection from 127.0.0.1:49750
2024.02.23 11:10:21 LOG6[0]: s_connect: connecting 172.28.125.52:15211
2024.02.23 11:10:21 LOG7[0]: s_connect: s_poll_wait 172.28.125.52:15211: waiting 10 seconds
2024.02.23 11:10:21 LOG7[0]: FD=780 ifds=rwx ofds=---
2024.02.23 11:10:21 LOG5[0]: s_connect: connected 172.28.125.52:15211
2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] connected remote server from 172.28.112.245:49751
2024.02.23 11:10:21 LOG7[0]: Setting remote socket options (FD=780)
2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on remote socket
2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) initialized
2024.02.23 11:10:21 LOG6[0]: SNI: sending servername: 172.28.125.52
2024.02.23 11:10:21 LOG6[0]: Peer certificate not required
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): before SSL initialization
2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server hello
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read encrypted extensions
2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled
2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server certificate
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read server certificate verify
2024.02.23 11:10:21 LOG7[0]: OCSP stapling: Client callback called
2024.02.23 11:10:21 LOG6[0]: OCSP: Certificate chain verification disabled
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read finished
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write change cipher spec
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write finished
2024.02.23 11:10:21 LOG7[0]: 1 client connect(s) requested
2024.02.23 11:10:21 LOG7[0]: 1 client connect(s) succeeded
2024.02.23 11:10:21 LOG7[0]: 0 client renegotiation(s) requested
2024.02.23 11:10:21 LOG7[0]: 0 session reuse(s)
2024.02.23 11:10:21 LOG6[0]: TLS connected: new session negotiated
2024.02.23 11:10:21 LOG6[0]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
2024.02.23 11:10:21 LOG6[0]: Peer temporary key: X25519, 253 bits
2024.02.23 11:10:21 LOG7[0]: Compression: null, expansion: null
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully
2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated
2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address
2024.02.23 11:10:21 LOG7[0]: New session callback
2024.02.23 11:10:21 LOG7[0]: Peer certificate was cached (1375 bytes)
2024.02.23 11:10:21 LOG6[0]: Session id: B36502A30B16F61EFE3A13B7BAA73BBCD57C2C6DB838FFC7CDFDE9BF7D8607A0
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully
2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated
2024.02.23 11:10:21 LOG7[0]: New session callback
2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address
2024.02.23 11:10:21 LOG6[0]: Session id: 7FC6ABDCD70443FE70736F725F90792FAC2692FD9AD8F54A3F0443C2403C9A0C
2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket
2024.02.23 11:10:21 LOG3[0]: transfer() loop executes not transferring any data
2024.02.23 11:10:21 LOG3[0]: please report the problem to
Michal.Trojnara@stunnel.org
2024.02.23 11:10:21 LOG3[0]: stunnel 5.72 on x64-pc-mingw32-gnu platform
2024.02.23 11:10:21 LOG3[0]: Compiled/running with OpenSSL 3.2.1 30 Jan 2024
2024.02.23 11:10:21 LOG3[0]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
2024.02.23 11:10:21 LOG7[0]: errno: (*_errno())
2024.02.23 11:10:21 LOG3[0]: protocol=TLSv1.3, SSL_pending=0, SSL_has_pending=0
2024.02.23 11:10:21 LOG3[0]: sock_open_rd=Y, sock_open_wr=Y
2024.02.23 11:10:21 LOG3[0]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n
2024.02.23 11:10:21 LOG3[0]: sock_can_rd=n, sock_can_wr=n
2024.02.23 11:10:21 LOG3[0]: ssl_can_rd=n, ssl_can_wr=n
2024.02.23 11:10:21 LOG3[0]: read_wants_read=Y, read_wants_write=n
2024.02.23 11:10:21 LOG3[0]: write_wants_read=n, write_wants_write=n
2024.02.23 11:10:21 LOG3[0]: shutdown_wants_read=n, shutdown_wants_write=n
2024.02.23 11:10:21 LOG3[0]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s)
2024.02.23 11:10:21 LOG5[0]: Connection reset: 685 byte(s) sent to TLS, 381 byte(s) sent to socket
2024.02.23 11:10:21 LOG7[0]: remote_fd reset (FD=780)
2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) closed
2024.02.23 11:10:21 LOG7[0]: local_rfd/local_wfd reset (FD=768)
2024.02.23 11:10:21 LOG7[0]: Local descriptor (FD=768) closed
2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] finished (0 left)
Any help is greatly appreciated!
Thank you,
Mark