SSL_read (SSL_ERROR_SYSCALL): Operation would block (246) - stunnel-users

26 Apr 2006


      Hello all,
I am having a problem using stunnel to connect web application in java
to a UniData Database server.  The setup is working fine, traffic passes
over the tunnel from webserver to database without a problem except when
a large query is sent over the tunnel.  Normal queries get responses no
problem.  I am running HP-UX 11.00.  Stunnel is running in daemon mode
on both servers.  Any ideas why this might happen?  Is there a buffer
limit or something for stunnel?  Thanks in advance!
Here's the stunnel.conf files for them:
database side:
------------------------------------------------------
RNDfile=/opt/hpws/apache/stunnel/.stunnel.rnd
pid = /opt/hpws/apache/logs/stunnel.pid
debug = 7
output = /opt/hpws/apache/logs/stunnel.log
client = no
foreground = no
[unidata]
accept  = 5555
connect = 127.0.0.1:31438
------------------------------------------------------
webserver side:
------------------------------------------------------
RNDfile=/opt/hpws/apache/stunnel/.stunnel.rnd
pid = /opt/hpws/apache/logs/stunnel.pid
debug = 7
output = /opt/hpws/apache/logs/stunnel.log
client = yes
foreground = no
[unidata]
accept  = 127.0.0.1:5555
connect = dbserver:5555
------------------------------------------------------
Here is my stunnel -version output:
------------------------------------------------------
stunnel 4.04 on hppa2.0w-hp-hpux11.00 PTHREAD with OpenSSL 0.9.7g 11 Apr
2005
Global options
cert            = /opt/hpws/apache/stunnel/etc/stunnel/stunnel.pem
ciphers         = ALL:!ADH:+RC4:@STRENGTH
debug           = 5
key             = /opt/hpws/apache/stunnel/etc/stunnel/stunnel.pem
pid             = /opt/hpws/apache/stunnel/var/run/stunnel.pid
RNDbytes        = 64
RNDoverwrite    = yes
session         = 300 seconds
verify          = none
Service-level options
TIMEOUTbusy     = 300 seconds
TIMEOUTclose    = 60 seconds
TIMEOUTidle     = 43200 seconds
------------------------------------------------------
Here is the error from the client:
------------------------------------------------------
2006.04.26 10:47:11 LOG7[1862:1]: unidata accepted FD=0 from
127.0.0.1:49644
2006.04.26 10:47:11 LOG7[1862:1]: FD 0 in non-blocking mode
2006.04.26 10:47:11 LOG7[1862:8]: unidata started
2006.04.26 10:47:11 LOG5[1862:8]: unidata connected from 127.0.0.1:49644
2006.04.26 10:47:11 LOG7[1862:8]: FD 1 in non-blocking mode
2006.04.26 10:47:11 LOG7[1862:8]: unidata connecting 141.240.76.34:5555
2006.04.26 10:47:11 LOG7[1862:8]: remote connect #1: EINPROGRESS:
retrying
2006.04.26 10:47:11 LOG7[1862:8]: waitforsocket: FD=1, DIR=write
2006.04.26 10:47:11 LOG7[1862:8]: waitforsocket: ok
2006.04.26 10:47:11 LOG7[1862:8]: Remote FD=1 initialized
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): before/connect
initialization
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 write
client hello A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 read server
hello A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 read server
certificate A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 read server
done A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 write
client key exchange A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 write
change cipher spec A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 write
finished A
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 flush data
2006.04.26 10:47:11 LOG7[1862:8]: SSL state (connect): SSLv3 read
finished A
2006.04.26 10:47:11 LOG7[1862:8]:    3 items in the session cache
2006.04.26 10:47:11 LOG7[1862:8]:    7 client connects (SSL_connect())
2006.04.26 10:47:11 LOG7[1862:8]:    7 client connects that finished
2006.04.26 10:47:11 LOG7[1862:8]:    0 client renegotiatations requested
2006.04.26 10:47:11 LOG7[1862:8]:    0 server connects (SSL_accept())
2006.04.26 10:47:11 LOG7[1862:8]:    0 server connects that finished
2006.04.26 10:47:11 LOG7[1862:8]:    0 server renegotiatiations
requested
2006.04.26 10:47:11 LOG7[1862:8]:    4 session cache hits
2006.04.26 10:47:11 LOG7[1862:8]:    0 session cache misses
2006.04.26 10:47:11 LOG7[1862:8]:    0 session cache timeouts
2006.04.26 10:47:11 LOG6[1862:8]: Negotiated ciphers: AES256-SHA
SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
2006.04.26 10:47:12 LOG3[1862:8]: SSL_read (SSL_ERROR_SYSCALL):
Operation would block (246)
2006.04.26 10:47:12 LOG5[1862:8]: Connection reset: 744 bytes sent to
SSL, 539 bytes sent to socket
2006.04.26 10:47:12 LOG7[1862:8]: unidata finished (0 left)
---------------------------------------------------------
Here is the error from the server:
---------------------------------------------------------
2006.04.26 10:48:24 LOG7[18850:1]: unidata accepted FD=0 from
141.240.76.29:49645
2006.04.26 10:48:24 LOG7[18850:1]: FD 0 in non-blocking mode
2006.04.26 10:48:24 LOG7[18850:6]: unidata started
2006.04.26 10:48:24 LOG5[18850:6]: unidata connected from
141.240.76.29:49645
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): before/accept
initialization
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 read client
hello A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 write
server hello A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 write
certificate A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 write
server done A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 flush data
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 read client
key exchange A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 read
finished A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 write
change cipher spec A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 write
finished A
2006.04.26 10:48:24 LOG7[18850:6]: SSL state (accept): SSLv3 flush data
2006.04.26 10:48:24 LOG7[18850:6]:    1 items in the session cache
2006.04.26 10:48:24 LOG7[18850:6]:    0 client connects (SSL_connect())
2006.04.26 10:48:24 LOG7[18850:6]:    0 client connects that finished
2006.04.26 10:48:24 LOG7[18850:6]:    0 client renegotiatations
requested
2006.04.26 10:48:24 LOG7[18850:6]:    5 server connects (SSL_accept())
2006.04.26 10:48:24 LOG7[18850:6]:    5 server connects that finished
2006.04.26 10:48:24 LOG7[18850:6]:    0 server renegotiatiations
requested
2006.04.26 10:48:24 LOG7[18850:6]:    3 session cache hits
2006.04.26 10:48:24 LOG7[18850:6]:    1 session cache misses
2006.04.26 10:48:24 LOG7[18850:6]:    1 session cache timeouts
2006.04.26 10:48:24 LOG6[18850:6]: Negotiated ciphers: AES256-SHA
SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
2006.04.26 10:48:24 LOG7[18850:6]: FD 1 in non-blocking mode
2006.04.26 10:48:24 LOG7[18850:6]: unidata connecting 127.0.0.1:31438
2006.04.26 10:48:24 LOG7[18850:6]: Remote FD=1 initialized
2006.04.26 10:48:25 LOG3[18850:6]: SSL_read (SSL_ERROR_SYSCALL):
Connection reset by peer (232)
2006.04.26 10:48:25 LOG5[18850:6]: Connection reset: 9477 bytes sent to
SSL, 744 bytes sent to socket
2006.04.26 10:48:25 LOG7[18850:6]: unidata finished (0 left)
----------------------------------------------------------
Brian Smith
brian.c1.smith@lmco.com