Vivek,
"Problem is stunnel is receiving the data from Client but this data is not being forwarded to server" No it is not. From the evidence provided by you: (Connection closed: 150 byte(s) sent to SSL, 0 byte(s) sent to socket) the message has been passed on to the server, but it has responded by shutting down the link without returning any data. This is what was confirmed by Michal in his tests using "openssl s_client...." and "curl ....". I've also just tried acceessing that server from a browser and got "No data received".
Now it's possible/likely that neither Michal nor myself have sent the server anything that would return valid data, so there is other information you need to provide. What are you sending to the server and what return to you expect? You need to post that (obviously something not commercially sensitive) Do you have an application that IS receiving data from that server not using stunnel? I see that trade.lmaxtrader.com responds with a login screen. Is the fix-md-ate url only available after some kind of login? Or do you need to provide it with a specific certificate to get an authorized response?
(The next two are highly unlikely, if this is part of LMAX which appears to be a sizeable organisation) Do you have any control over how that server is implemented? If the server is securing its end of the conversation with Stunnel, it's possible that there is a bug there: Stunnel 5.xx prior to 5.05 had a race condition bug whereby it may close the connection without returning data. That has now been fixed in 5.05...but it may be worth checking.
The problem is most likely something wrong with what you (and we) are sending, or you need to contact the owner of the server site. (I only looked at your problem because it has the same symptoms I had with the server-side bug, but it's not likely that this is your problem)
Graham
----- Original Message ----- From: "Vivek Gupta" vivek@ltecindia.com To: "Michal Trojnara" Michal.Trojnara@mirt.net Cc: stunnel-users@stunnel.org Sent: Monday, October 06, 2014 1:33 PM Subject: Re: [stunnel-users] STunnel Connection closed: 150 byte(s) sent to SSL, 0 byte(s) sent to socket
Hi Michal
Problem is stunnel is receiving the data from Client but this data is not being forwarded to server and then connection is closed. I am stuck in that.
My config options is as follows:
fips = yes cert = stunnel.pem key = stunnel.pem socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = yes accept = 127.0.0.1:40003 connect = fix-md-ate.lmaxtrader.com:443
Thanks & Regards Vivek Gupta 9971514343
On Mon, October 6, 2014 5:17 pm, Michal Trojnara wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Vivek,
I tried connecting fix-md-ate.lmaxtrader.com:443 with s_client: $ openssl s_client -connect fix-md-ate.lmaxtrader.com:443 -tls1
The service behaves the same way as with stunnel: it negotiates TLS, and then disconnects the TCP session without sending any data. I cannot see any stunnel error here.
Another example: $ curl -1 https://fix-md-ate.lmaxtrader.com curl: (52) Empty reply from server
Mike
Vivek Gupta wrote:
Hi
I am using sTunnel for communication betweem my TCP client and a remote SERVER but I am getting error as always-
Signal pipe is empty Service [LMAX-fix-tunnel-DEMO-MktData] accepted (FD=348) from 127.0.0.1:55919 2014.10.06 :34:56 LOG7[4220]: Creating a new thread New thread created Service [LMAX-fix-tunnel-DEMO-MktData] started Service [LMAX-fix-tunnel-DEMO-MktData] accepted connection from 127.0.0.1:55919 s_connect: connecting 91.215.165.69:443 s_connect: s_poll_wait 91.215.165.69:443: waiting 10 seconds s_connect: connected 91.215.165.69:443 Service [LMAX-fix-tunnel-DEMO-MktData] connected remote server from 192.168.1.5:55920 Remote socket (FD=352) initialized SNI: sending servername: fix-md-ate.lmaxtrader.com SSL state (connect): before/connect initialization SSL state (connect): SSLv3 write client hello A SSL state (connect): SSLv3 read server hello A SSL state (connect): SSLv3 read server certificate A SSL state (connect): SSLv3 read server done A SSL state (connect): SSLv3 write client key exchange A SSL state (connect): SSLv3 write change cipher spec A SSL state (connect): SSLv3 write finished A SSL state (connect): SSLv3 flush data SSL state (connect): SSLv3 read finished A 1 items in the session cache 1 client connects (SSL_connect()) 1 client connects that finished 0 client renegotiations requested 0 server connects (SSL_accept()) 0 server connects that finished 0 server renegotiations requested 0 session cache hits 0 external session cache hits 0 session cache misses 0 session cache timeouts Peer certificate was cached (3944 bytes) SSL connected: new session negotiated Negotiated TLSv1/SSLv3 ciphersuite: AES128-SHA (128-bit encryption) Compression: null, expansion: null SSL_read returned WANT_READ: retrying SSL socket closed (SSL_read) Sent socket write shutdown Connection closed: 150 byte(s) sent to SSL, 0 byte(s) sent to socket Remote socket (FD=352) closed Local socket (FD=348) closed Service [LMAX-fix-tunnel-DEMO-MktData] finished (0 left)
Please suggest. _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iEYEARECAAYFAlQygVoACgkQ/NU+nXTHMtHRAQCeP6yfrYGrP4bBt1T2CnNR8lhK abQAoKeGCx2RqhefgIoVDdrInjK6TxUx =MHiJ -----END PGP SIGNATURE----- _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users