Hello, I’m working on replacing an older Windows server that uses stunnel 5.71 to connect to an Oracle database running on a Linux box. I can communicate just fine with the older Windows machine and another Linux box; however, when I try to connect with the stunnel 5.72 on the Windows 2022 server, I keep running into issues and the connection is forcibly closed.
Old Windows server: stunnel 5.71 New Windows 2022 server: stunnel 5.72 (I also tried 5.71 and 5.62 just to rule things out Oracle db server: stunnel 5.72 Other Linux server: stunnel 5.72
My stunnel.conf file is very basic, but this is what is working from my other Windows server (running stunnel 5.71): debug = 7
[oracle15211] client = yes accept = 127.0.0.1:15211 connect = 172.28.125.52:15211
Below is the log with debug level 7… the only issue that I’m seeing is the “transfer() loop executes not transferring any data” message that baffles me but I’m not sure if that’s the cause of my issues or not: 2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] started 2024.02.23 11:10:21 LOG7[0]: Setting local socket options (FD=768) 2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on local socket 2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] accepted connection from 127.0.0.1:49750 2024.02.23 11:10:21 LOG6[0]: s_connect: connecting 172.28.125.52:15211 2024.02.23 11:10:21 LOG7[0]: s_connect: s_poll_wait 172.28.125.52:15211: waiting 10 seconds 2024.02.23 11:10:21 LOG7[0]: FD=780 ifds=rwx ofds=--- 2024.02.23 11:10:21 LOG5[0]: s_connect: connected 172.28.125.52:15211 2024.02.23 11:10:21 LOG5[0]: Service [oracle15211] connected remote server from 172.28.112.245:49751 2024.02.23 11:10:21 LOG7[0]: Setting remote socket options (FD=780) 2024.02.23 11:10:21 LOG7[0]: Option TCP_NODELAY set on remote socket 2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) initialized 2024.02.23 11:10:21 LOG6[0]: SNI: sending servername: 172.28.125.52 2024.02.23 11:10:21 LOG6[0]: Peer certificate not required 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): before SSL initialization 2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write client hello 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server hello 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read encrypted extensions 2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled 2024.02.23 11:10:21 LOG6[0]: CERT: Certificate verification disabled 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server certificate 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): TLSv1.3 read server certificate verify 2024.02.23 11:10:21 LOG7[0]: OCSP stapling: Client callback called 2024.02.23 11:10:21 LOG6[0]: OCSP: Certificate chain verification disabled 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read finished 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write change cipher spec 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS write finished 2024.02.23 11:10:21 LOG7[0]: 1 client connect(s) requested 2024.02.23 11:10:21 LOG7[0]: 1 client connect(s) succeeded 2024.02.23 11:10:21 LOG7[0]: 0 client renegotiation(s) requested 2024.02.23 11:10:21 LOG7[0]: 0 session reuse(s) 2024.02.23 11:10:21 LOG6[0]: TLS connected: new session negotiated 2024.02.23 11:10:21 LOG6[0]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) 2024.02.23 11:10:21 LOG6[0]: Peer temporary key: X25519, 253 bits 2024.02.23 11:10:21 LOG7[0]: Compression: null, expansion: null 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully 2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated 2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address 2024.02.23 11:10:21 LOG7[0]: New session callback 2024.02.23 11:10:21 LOG7[0]: Peer certificate was cached (1375 bytes) 2024.02.23 11:10:21 LOG6[0]: Session id: B36502A30B16F61EFE3A13B7BAA73BBCD57C2C6DB838FFC7CDFDE9BF7D8607A0 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSL negotiation finished successfully 2024.02.23 11:10:21 LOG7[0]: Initializing application specific data for session authenticated 2024.02.23 11:10:21 LOG7[0]: New session callback 2024.02.23 11:10:21 LOG7[0]: Deallocating application specific data for session connect address 2024.02.23 11:10:21 LOG6[0]: Session id: 7FC6ABDCD70443FE70736F725F90792FAC2692FD9AD8F54A3F0443C2403C9A0C 2024.02.23 11:10:21 LOG7[0]: TLS state (connect): SSLv3/TLS read server session ticket 2024.02.23 11:10:21 LOG3[0]: transfer() loop executes not transferring any data 2024.02.23 11:10:21 LOG3[0]: please report the problem to Michal.Trojnara@stunnel.orgmailto:Michal.Trojnara@stunnel.org 2024.02.23 11:10:21 LOG3[0]: stunnel 5.72 on x64-pc-mingw32-gnu platform 2024.02.23 11:10:21 LOG3[0]: Compiled/running with OpenSSL 3.2.1 30 Jan 2024 2024.02.23 11:10:21 LOG3[0]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI 2024.02.23 11:10:21 LOG7[0]: errno: (*_errno()) 2024.02.23 11:10:21 LOG3[0]: protocol=TLSv1.3, SSL_pending=0, SSL_has_pending=0 2024.02.23 11:10:21 LOG3[0]: sock_open_rd=Y, sock_open_wr=Y 2024.02.23 11:10:21 LOG3[0]: SSL_RECEIVED_SHUTDOWN=n, SSL_SENT_SHUTDOWN=n 2024.02.23 11:10:21 LOG3[0]: sock_can_rd=n, sock_can_wr=n 2024.02.23 11:10:21 LOG3[0]: ssl_can_rd=n, ssl_can_wr=n 2024.02.23 11:10:21 LOG3[0]: read_wants_read=Y, read_wants_write=n 2024.02.23 11:10:21 LOG3[0]: write_wants_read=n, write_wants_write=n 2024.02.23 11:10:21 LOG3[0]: shutdown_wants_read=n, shutdown_wants_write=n 2024.02.23 11:10:21 LOG3[0]: socket input buffer: 0 byte(s), TLS input buffer: 0 byte(s) 2024.02.23 11:10:21 LOG5[0]: Connection reset: 685 byte(s) sent to TLS, 381 byte(s) sent to socket 2024.02.23 11:10:21 LOG7[0]: remote_fd reset (FD=780) 2024.02.23 11:10:21 LOG7[0]: Remote descriptor (FD=780) closed 2024.02.23 11:10:21 LOG7[0]: local_rfd/local_wfd reset (FD=768) 2024.02.23 11:10:21 LOG7[0]: Local descriptor (FD=768) closed 2024.02.23 11:10:21 LOG7[0]: Service [oracle15211] finished (0 left)
Any help is greatly appreciated!
Thank you, Mark
-
Mark Weishaar