[stunnel-users] Trying to redirect with stunnel - seems to hang
Len DiMaggio
ldimaggi at redhat.com
Wed Oct 25 04:27:24 CEST 2006
'Evening everyone,
I'm wondering if anyone has already seen a problem like this.
Background - I'm trying to use stunnel to act as an SSL server and
redirect connections so that I can use the JMeter script recorder to
build automated tests for an app's web GUI. (The recorder does not
support SSL.)
The software versions are: stunnel 4.15 on i686-redhat-linux-gnu with
OpenSSL 0.9.8b 04 May 2006
I'm able to set up the redirection, and everything in the stunnel log
looks OK - and, this is just making the connection manually - without
JMeter - but trying to access the target app just hangs in the browser
with a "connecting to..." status message.
Here's the stunnel config file that I'm using - the log is attached.
client=yes
output=/tmp/stunnel.log
debug=debug
[8084]
accept=hostname:8079
connect=hostname:8084
Interestingly - when I kill the stunnel process, the browser displays
(most of) the target app's top level page.
Thanks in advance,
Len DiMaggio
ldimaggi at redhat.com
The stunnel log sez:
2006.10.24 04:58:33 LOG5[5869:3086362304]: stunnel 4.15 on
i686-redhat-linux-gnu with OpenSSL 0.9.8b 04 May 2006
2006.10.24 04:58:33 LOG5[5869:3086362304]: Threading:PTHREAD SSL:ENGINE
Sockets:POLL,IPv6 Auth:LIBWRAP
2006.10.24 04:58:33 LOG6[5869:3086362304]: file ulimit = 1024 (can be
changed with 'ulimit -n')
2006.10.24 04:58:33 LOG6[5869:3086362304]: poll() used - no FD_SETSIZE
limit for file descriptors
2006.10.24 04:58:33 LOG5[5869:3086362304]: 500 clients allowed
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 4 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 5 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: FD 6 in non-blocking mode
2006.10.24 04:58:33 LOG7[5869:3086362304]: SO_REUSEADDR option set on
accept socket
2006.10.24 04:58:33 LOG7[5869:3086362304]: 8084 bound to 10.15.49.274:8079
2006.10.24 04:58:33 LOG7[5870:3086362304]: Created pid file
/var/run/stunnel.pid
2006.10.24 04:58:52 LOG7[5870:3086362304]: 8084 accepted FD=7 from
172.16.83.99:58417
2006.10.24 04:58:52 LOG7[5870:3086359440]: 8084 started
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 7 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 8 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 9 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086362304]: Cleaning up the signal pipe
2006.10.24 04:58:52 LOG6[5870:3086362304]: Child process 5874 finished
with code 0
2006.10.24 04:58:52 LOG7[5870:3086359440]: Connection from
172.16.83.99:58417 permitted by libwrap
2006.10.24 04:58:52 LOG5[5870:3086359440]: 8084 connected from
172.16.83.99:58417
2006.10.24 04:58:52 LOG7[5870:3086359440]: FD 8 in non-blocking mode
2006.10.24 04:58:52 LOG7[5870:3086359440]: 8084 connecting
10.15.49.274:8084
2006.10.24 04:58:52 LOG7[5870:3086359440]: connect_wait: waiting 10 seconds
2006.10.24 04:58:52 LOG7[5870:3086359440]: connect_wait: connected
2006.10.24 04:58:52 LOG7[5870:3086359440]: Remote FD=8 initialized
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect):
before/connect initialization
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
write client hello A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
read server hello A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
read server certificate A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
read server done A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
write client key exchange A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
write change cipher spec A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
write finished A
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
flush data
2006.10.24 04:58:52 LOG7[5870:3086359440]: SSL state (connect): SSLv3
read finished A
2006.10.24 04:58:52 LOG7[5870:3086359440]: 1 items in the session cache
2006.10.24 04:58:52 LOG7[5870:3086359440]: 1 client connects
(SSL_connect())
2006.10.24 04:58:52 LOG7[5870:3086359440]: 1 client connects that
finished
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 client renegotiations
requested
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 server connects
(SSL_accept())
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 server connects that
finished
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 server renegotiations
requested
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 session cache hits
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 session cache misses
2006.10.24 04:58:52 LOG7[5870:3086359440]: 0 session cache timeouts
2006.10.24 04:58:52 LOG6[5870:3086359440]: SSL connected: new session
negotiated
2006.10.24 04:58:52 LOG6[5870:3086359440]: Negotiated ciphers:
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
--
Len DiMaggio (ldimaggi at redhat.com)
Red Hat USA
10 Technology Park Drive
Westford, MA 01886
tel: 978.392.3179
cell: 617.872.3673
http://www.redhat.com
More information about the stunnel-users
mailing list