[stunnel-users] Trying to redirect with stunnel - seems to hang

Len DiMaggio ldimaggi at redhat.com
Wed Oct 25 04:27:24 CEST 2006 

'Evening everyone,

  I'm wondering if anyone has already seen a problem like this.

  Background - I'm trying to use stunnel to act as an SSL server and 
redirect connections so that I can use the JMeter script recorder to 
build automated tests for an app's web GUI. (The recorder does not 
support SSL.)

  The software versions are: stunnel 4.15 on i686-redhat-linux-gnu with 
OpenSSL 0.9.8b 04 May 2006

  I'm able to set up the redirection, and everything in the stunnel log 
looks OK - and, this is just making the connection manually - without 
JMeter - but trying to access the target app just hangs in the browser 
with a "connecting to..." status message.

  Here's the stunnel config file that I'm using - the log is attached.

   client=yes
   output=/tmp/stunnel.log
   debug=debug
   [8084]
   accept=hostname:8079
   connect=hostname:8084

  Interestingly - when I kill the stunnel process, the browser displays 
(most of) the target app's top level page.


Thanks in advance,
Len DiMaggio
ldimaggi at redhat.com



The stunnel log sez:

2006.10.24 04:58:33 LOG5[5869:3086362304]: stunnel 4.15 on 
i686-redhat-linux-gnu with OpenSSL 0.9.8b 04 May 2006
2006.10.24 04:58:33 LOG5[5869:3086362304]: Threading:PTHREAD SSL:ENGINE 
Sockets:POLL,IPv6 Auth:LIBWRAP
2006.10.24 04:58:33 LOG6[5869:3086362304]: file ulimit = 1024 (can be 
changed with 'ulimit -n')
2006.10.24 04:58:33 LOG6[5869:3086362304]: poll() used - no FD_SETSIZE 
limit for file descriptors
2006.10.24 04:58:33 LOG5[5869:3086362304]: 500 clients allowed
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 4 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 5 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 6 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: SO_REUSEADDR option set on 
accept socket
2006.10.24 04:58:33 LOG7[5869:3086362304]: 8084 bound to 10.15.49.274:8079
2006.10.24 04:58:33 LOG7[5870:3086362304]: Created pid file 
/var/run/stunnel.pid
2006.10.24 04:58:52 LOG7[5870:3086362304]: 8084 accepted FD=7 from 
172.16.83.99:58417
2006.10.24 04:58:52 LOG7[5870:3086359440]: 8084 started
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 7 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 8 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 9 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086362304]: Cleaning up the signal pipe
2006.10.24 04:58:52 LOG6[5870:3086362304]: Child process 5874 finished 
with code 0
2006.10.24 04:58:52 LOG7[5870:3086359440]: Connection from 
172.16.83.99:58417 permitted by libwrap
2006.10.24 04:58:52 LOG5[5870:3086359440]: 8084 connected from 
172.16.83.99:58417
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 8 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: 8084 connecting 
10.15.49.274:8084
2006.10.24 04:58:52 LOG7[5870:3086359440]: connect_wait: waiting 10 seconds
2006.10.24 04:58:52 LOG7[5870:3086359440]: connect_wait: connected
2006.10.24 04:58:52 LOG7[5870:3086359440]: Remote FD=8 initialized
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): 
before/connect initialization
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
write client hello A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
read server hello A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
read server certificate A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
read server done A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
write client key exchange A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
write change cipher spec A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
write finished A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
flush data
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3 
read finished A
2006.10.24 04:58:52 LOG7[5870:3086359440]:    1 items in the session cache
2006.10.24 04:58:52 LOG7[5870:3086359440]:    1 client connects 
(SSL_connect())
2006.10.24 04:58:52 LOG7[5870:3086359440]:    1 client connects that 
finished
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 client renegotiations 
requested
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 server connects 
(SSL_accept())
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 server connects that 
finished
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 server renegotiations 
requested
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 session cache hits
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 session cache misses
2006.10.24 04:58:52 LOG7[5870:3086359440]:    0 session cache timeouts
2006.10.24 04:58:52 LOG6[5870:3086359440]: SSL connected: new session 
negotiated
2006.10.24 04:58:52 LOG6[5870:3086359440]: Negotiated ciphers: 
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1

-- 

Len DiMaggio (ldimaggi at redhat.com)
Red Hat USA
10 Technology Park Drive
Westford, MA 01886  
tel:  978.392.3179
cell: 617.872.3673
http://www.redhat.com

More information about the stunnel-users mailing list