I try to analyse traffic with tcpdump and when i use stunnel, there is no packets with my linux box ip so i think stunnel doesn't work properly... Here is the stunnel.log :
2005.07.20 12:58:23 LOG5[14714:1]: stunnel 4.11 on i686-pc-linux-gnu UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.20 12:58:23 LOG7[14714:1]: Snagged 64 random bytes from /root/.rnd 2005.07.20 12:58:23 LOG7[14714:1]: Wrote 1024 new random bytes to /root/.rnd 2005.07.20 12:58:23 LOG7[14714:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.20 12:58:23 LOG6[14714:1]: PRNG seeded successfully 2005.07.20 12:58:23 LOG7[14714:1]: Certificate: /usr/etc/stunnel/stunnel.pem 2005.07.20 12:58:23 LOG7[14714:1]: Key file: /usr/etc/stunnel/stunnel.pem 2005.07.20 12:58:23 LOG6[14714:1]: file ulimit = 1024 (can be changed with 'ulimit -n') 2005.07.20 12:58:23 LOG6[14714:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.20 12:58:23 LOG5[14714:1]: 500 clients allowed 2005.07.20 12:58:23 LOG7[14714:1]: FD 4 in non-blocking mode 2005.07.20 12:58:23 LOG7[14714:1]: FD 5 in non-blocking mode 2005.07.20 12:58:23 LOG7[14714:1]: FD 6 in non-blocking mode 2005.07.20 12:58:23 LOG7[14714:1]: SO_REUSEADDR option set on accept socket 2005.07.20 12:58:23 LOG7[14714:1]: mysql bound to 0.0.0.0:3306 2005.07.20 12:58:23 LOG7[14715:1]: Created pid file /stunnel.pid 2005.07.20 14:07:13 LOG5[14715:0]: Received signal 15; terminating 2005.07.20 14:07:13 LOG7[14715:0]: removing pid file /stunnel.pid
When i look at stunnel.pid, there is 231 in the file and it is the stunnel pid...
In my stunnel.conf, i have put client=yes and
[mysql] accept = 3306 connect = 192.198.10.120:3307
and on my stunnel server :
[mysql] accept = 3307 connect = localhost:3306
It works with my mysql client on windows (v4.1.12a) but not with my mysql client on linux (v4.1.8a). Perhaps the difference of version is the problem but i think not...
Which options are applied when windows binaries of stunnel are compiled? Perhaps i have to change option when i compile on my linux box...
Thanks in advance!
lm.
-------- Original Message -------- Subject: [stunnel-users] Problem with mysql (20-juil.-2005 11:41) From: lmarcilly@aressi.fr To: lmarcilly@aressi.fr
Hi all,
i try to encrypt mysql connections...
I saw this : http://www.stunnel.org/examples/mysql.html
but i use stunnel4.x.
I configure it on my windows box and it work well! (mysql server is on a linux box, i have configure stunnel as a server on this box)
when i try mysql -u user --password=xyz it works
but i have to made it work on a linux box. I use the same config file for stunnel, but when i try
mysql -u user --password=xyz i have : Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld. sock'
This socket doesn't exist since there is no MySQL server on the box.
I try with --protocol=TCP but it won't work, i have :
Can't connect to MySQL server on 'localhost'
Do you have an idea? Do you want more details on my config file for stunnel?
Thanks in advance and sorry for my english!
lm
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
To: lmarcilly@aressi.fr stunnel-users@mirt.net
lmarcilly@aressi.fr wrote:
so i think stunnel doesn't work properly...
[cut]
2005.07.20 14:07:13 LOG5[14715:0]: Received signal 15; terminating 2005.07.20 14:07:13 LOG7[14715:0]: removing pid file /stunnel.pid
That's quite common to stop working (properly) for a process after receiving signal 15 (SIGTERM). 8-)
mysql -u user --password=xyz i have : Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld. sock'
This socket doesn't exist since there is no MySQL server on the box.
Did you configure your MySQL client to connect stunnel instead of default /var/run/mysqld/mysqld.sock UNIX socket?
The problem is your MySQL client configuration, *not* stunnel.
Best regards, Mike
-
lmarcillyï¼ aressi.fr -
Michal Trojnara