[stunnel-users] Problem with zlib compression

Allan Guild lists at bitsnpieces.org.uk
Tue Jan 11 20:27:16 CET 2005 

I'm having problems with zlib compression - stunnel 4.07 on my client
machne crashes whenever I try and start a session.  With compression set
to rle or not defined, there is no problem.

I am securing a MySQL connection between a Windows client and Mandrake
Linux 10.1 server.

Client Configuration:

Stunnel 4.07 and openssl 0.9.7e-zlib binaries downloaded from Stunnel
website

stunnel.conf
------------
cert=./Allan_Guild_Work.pem
key=./Allan_Guild_Work_key.pem
client=yes
compression=zlib

[Primary Club]
accept=3306
connect=195.137.78.107:3307
TIMEOUTbusy=5
-------------

Server Configuration:

Stunnel 4.07 and openssl 0.9.7e (compiled with zlib support) rebuilt
from Mandrake Cooker SRPMS

stunnel.conf
------------
CApath=/etc/ssl/stunnel/certs/
cert=/etc/ssl/stunnel/CAcert.pem
key=/etc/ssl/stunnel/CAkey.pem
client=no
foreground=yes
pid=/var/run/stunnel.pid
verify=0
compression=zlib

[Primary Club]
accept=3307
connect=3306
------------

When I try and connect, I get the following output from the client
(which then crashes):

-------------
2005.01.11 19:04:14 LOG5[308:2172]: stunnel 4.07 on x86-pc-mingw32-gnu WIN32+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
2005.01.11 19:04:14 LOG5[308:1688]: No limit detected for the number of clients
2005.01.11 19:04:16 LOG5[308:804]: Primary Club connected from 127.0.0.1:4769
-------------

and the following from the server:

-------------
2005.01.11 19:21:30 LOG5[25439:1076523680]: stunnel 4.07 on i586-mandrake-linux-gnu PTHREAD+POLL+IPv4+LIBWRAP with OpenSSL 0.9.7e 25 Oct 2004
2005.01.11 19:21:30 LOG5[25439:1076523680]: 500 clients allowed
2005.01.11 19:21:53 LOG5[25439:1073900464]: Primary Club connected from 212.135.219.66:3974
2005.01.11 19:21:53 LOG5[25439:1073900464]: VERIFY IGNORE: depth=0, /C=UK/ST=Some-State/L=London/O=Primary Club/CN=Allan Guild/emailAddress=allan.guild at bitsnpieces.org.uk
2005.01.11 19:21:53 LOG5[25439:1073900464]: VERIFY IGNORE: depth=0, /C=UK/ST=Some-State/L=London/O=Primary Club/CN=Allan Guild/emailAddress=allan.guild at bitsnpieces.org.uk
2005.01.11 19:21:57 LOG3[25439:1073900464]: SSL_read (ERROR_SYSCALL): Connection reset by peer (104)
2005.01.11 19:21:57 LOG5[25439:1073900464]: Connection reset: 3843 bytes sent to SSL, 55 bytes sent to socket
-------------


Any advice would be greatly appreciated (Do I need a zlib dll?),

Allan

More information about the stunnel-users mailing list