-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Florian,
I have also noticed the bug, but I could not reliably reproduce it to test a fix. Could you please try if stunnel 5.18b5 works for you? https://www.stunnel.org/downloads.html
protocol=pgsql does not seem to be a problem. Otherwise, stunnel would not be able to negotiate TLS.
Best regards, Michal Trojnara
On 10.06.2015 09:47, Florian Gossin wrote:
HI,
I'm trying to setup a connection from JDBC to pgbouncer through stunnel. Unfortunately, I get the above error message when I try to connect.
Here are the logs from stunnel: 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 read client certificate A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 read client key exchange A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 read certificate verify A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 read finished A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 write change cipher spec A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 write finished A 2015.06.09 16:56:13 LOG7[3]: SSL state (accept): SSLv3 flush data 2015.06.09 16:56:13 LOG7[3]: 4 server accept(s) requested 2015.06.09 16:56:13 LOG7[3]: 4 server accept(s) succeeded 2015.06.09 16:56:13 LOG7[3]: 0 server renegotiation(s) requested 2015.06.09 16:56:13 LOG7[3]: 0 session reuse(s) 2015.06.09 16:56:13 LOG7[3]: 3 internal session cache item(s) 2015.06.09 16:56:13 LOG7[3]: 0 internal session cache fill-up(s) 2015.06.09 16:56:13 LOG7[3]: 0 internal session cache miss(es) 2015.06.09 16:56:13 LOG7[3]: 0 external session cache hit(s) 2015.06.09 16:56:13 LOG7[3]: 0 expired session(s) retrieved 2015.06.09 16:56:13 LOG6[3]: SSL accepted: new session negotiated 2015.06.09 16:56:13 LOG6[3]: Negotiated TLSv1 ciphersuite ECDHE-RSA-AES256-SHA (256-bit encryption) 2015.06.09 16:56:13 LOG7[3]: Compression: null, expansion: null 2015.06.09 16:56:13 LOG6[3]: Failover strategy: round-robin 2015.06.09 16:56:13 LOG6[3]: s_connect: connecting 127.0.0.1:46432 http://127.0.0.1:46432 2015.06.09 16:56:13 LOG7[3]: s_connect: s_poll_wait 127.0.0.1:46432 http://127.0.0.1:46432: waiting 10 seconds 2015.06.09 16:56:13 LOG5[3]: s_connect: connected 127.0.0.1:46432 http://127.0.0.1:46432 2015.06.09 16:56:13 LOG5[3]: Service [pgbouncer-client] connected remote server from 127.0.0.1:54633 http://127.0.0.1:54633 2015.06.09 16:56:13 LOG7[3]: Remote socket (FD=9) initialized 2015.06.09 16:56:13 LOG6[3]: Read socket closed (read hangup) 2015.06.09 16:56:13 LOG7[3]: Sending close_notify alert 2015.06.09 16:56:13 LOG7[3]: SSL alert (write): warning: close notify 2015.06.09 16:56:13 LOG6[3]: SSL_shutdown successfully sent close_notify alert 2015.06.09 16:56:13 LOG3[3]: INTERNAL ERROR: s_poll_wait returned 1, but no descriptor is ready 2015.06.09 16:56:13 LOG5[3]: Connection reset: 58 byte(s) sent to SSL, 164 byte(s) sent to socket 2015.06.09 16:56:13 LOG7[3]: Remote socket (FD=9) closed 2015.06.09 16:56:13 LOG7[3]: Local socket (FD=8) closed 2015.06.09 16:56:13 LOG7[3]: Service [pgbouncer-client] finished (0 left)
In pgbouncer, I get the following error: Pooler Error: bad packet header: '70'
And in JDBC, the following exception: GRAVE: ERROR: bad packet header: '70' org.postgresql.util.PSQLException: ERROR: bad packet header: '70'
Where might be the problem ? Does the stunnel parameter protocol=pgsql work with JDBC ?
Thank you
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users