MySQL client through stunnel on win32 - stunnel-users

26 Aug 2004


      Hello!
I have tried the following setup:
server: MySQL 4.0.20 with native OpenSSL 0.9.7d support on Linux
client: MySQL 4.0.20 without SSL support, through stunnel 4.0.5 on WinXP
As it can be suspected from the above, I was trying to use the
mysqld with ssl support directly as the server side of the
connection, without stunnel. I saw a pseudo-https client solution
in the stunnel docs where this approach seemed to work.
The client stunnel.conf:
cert = client-test.crt
key = client-test.key
client = yes
debug = debug
[mysqlclient]
accept = 3306
connect = server.host.fqdn:3306
The mysql client reported the following error, right after asking
for the password:
ERROR 2013: Lost connection to MySQL server during query
Here is the log from the client stunnel:
2004.08.26 17:19:43 LOG5[2396:1256]: stunnel 4.05 on x86-pc-mingw32-gnu WIN32 with OpenSSL 0.9.7d 17 Mar 2004
2004.08.26 17:19:43 LOG7[2396:1908]: RAND_status claims sufficient entropy for the PRNG
2004.08.26 17:19:43 LOG6[2396:1908]: PRNG seeded successfully
2004.08.26 17:19:43 LOG7[2396:1908]: Certificate: client-test.crt
2004.08.26 17:19:43 LOG7[2396:1908]: Key file: client-test.key
2004.08.26 17:19:43 LOG5[2396:1908]: WIN32 platform: 30000 clients allowed
2004.08.26 17:19:43 LOG7[2396:1908]: FD 1828 in non-blocking mode
2004.08.26 17:19:43 LOG7[2396:1908]: SO_REUSEADDR option set on accept socket
2004.08.26 17:19:43 LOG7[2396:1908]: mysqlclient bound to 0.0.0.0:3306
2004.08.26 17:19:52 LOG7[2396:1908]: mysqlclient accepted FD=1836 from 127.0.0.1:3269
2004.08.26 17:19:52 LOG7[2396:1908]: FD 1836 in non-blocking mode
2004.08.26 17:19:52 LOG7[2396:1908]: Creating a new thread
2004.08.26 17:19:52 LOG7[2396:1908]: New thread created
2004.08.26 17:19:52 LOG7[2396:1816]: mysqlclient started
2004.08.26 17:19:52 LOG5[2396:1816]: mysqlclient connected from 127.0.0.1:3269
2004.08.26 17:19:52 LOG7[2396:1816]: FD 1816 in non-blocking mode
2004.08.26 17:19:52 LOG7[2396:1816]: mysqlclient connecting xx.xx.xx.xx:3306
2004.08.26 17:19:52 LOG7[2396:1816]: remote connect #1: EWOULDBLOCK: retrying
2004.08.26 17:19:52 LOG7[2396:1816]: waitforsocket: FD=1816, DIR=write
2004.08.26 17:19:52 LOG7[2396:1816]: waitforsocket: ok
2004.08.26 17:19:52 LOG7[2396:1816]: remote connect #2: EINVAL: ok
2004.08.26 17:19:52 LOG7[2396:1816]: Remote FD=1816 initialized
2004.08.26 17:19:52 LOG7[2396:1816]: SSL state (connect): before/connect initialization
2004.08.26 17:19:52 LOG7[2396:1816]: SSL state (connect): SSLv3 write client hello A
2004.08.26 17:19:52 LOG7[2396:1816]: SSL alert (write): fatal: handshake failure
2004.08.26 17:19:52 LOG3[2396:1816]: SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2004.08.26 17:19:52 LOG7[2396:1816]: mysqlclient finished (0 left)
What is wrong here?
Thank you!
Regards,
Szabolcs Rumi