[stunnel-users] Stunnel client not sending data

Jeremiah Martell inlovewithgod at gmail.com
Wed Oct 25 14:34:37 CEST 2006


Carter,

   You're right. That was a typo error on my part. My config says 1.2.3.70.

    Anything other ideas?

   Thanks,
 - Jeremiah

On 10/25/06, Carter Browne <cbrowne at cbcs-usa.com> wrote:
> On the server side, I think you should be receiving on 1.2.3.70 (since that is where you are sending the data).
>
> Carter
>
> Jeremiah Martell wrote:
> > Hello,
> >
> > I have a program that opens up a connection to port 10000 of a server
> > and sends it some data. It works normally. I'm trying to "stunnel"
> > both ends.
> >
> > In my program I create a socket, connect to local port 7033, send my
> > data, and close the socket. I verified that every function call
> > returns success (socket, setsockopt (for TCP_NODELAY), gethostbyname,
> > connect, and send).
> >
> >> From what the logs show below, it seems that server stunnel gets the
> > connection from the client stunnel, they successfully negotiate the
> > SSL stuff, then the client stunnel waits for any data to proxy to the
> > server stunnel. The server stunnel is waiting too, and after 10
> > seconds of no data, it closes the socket.
> >
> > For some reason the client stunnel is not getting my data and
> > therefore doesn't forward anything over to the server stunnel. I'm not
> > sure why this is happening, because my program works normally and I've
> > verified that everything returned success.
> >
> > Any ideas?
> >
> > - Jeremiah
> >
> > -----------------------------
> >
> > ON CLIENT (1.2.3.60)
> >
> > Linux
> > stunnel 4.16
> > OpenSSL 0.9.7c
> >
> > stunnel.conf is...
> > pid =
> > client  = yes
> >
> > [7033]
> >   accept = 127.0.0.1:7033
> >   connect = 1.2.3.70:7033
> >
> > -----------------------------
> >
> > ON SERVER (1.2.3.70)
> >
> > Windows
> > stunnel 4.16 windows binary installer (Aug 31 2006)
> >
> > stunnel.conf is...
> >
> > cert = stunnel.pem
> > socket = l:TCP_NODELAY=1
> > socket = r:TCP_NODELAY=1
> > debug = 7
> >
> > [7033]
> >   accept = 1.2.3.60:7033
> >   connect = 127.0.0.1:10000
> >
> > -----------------------------
> >
> > On client I see this debug...
> >
> > Oct 24 14:38:22 stunnel: LOG5[2892:258]: 7033 connected from
> > 127.0.0.1:10251
> > Oct 24 14:38:32 stunnel: LOG3[2892:258]: SSL_read: Connection reset by
> > peer (104)
> > Oct 24 14:38:32 stunnel: LOG5[2892:258]: Connection reset: 56 bytes
> > sent to SSL, 0 bytes send to socket
> >
> > -----------------------------
> >
> > On server I see this debug...
> >
> > 2006.10.24 14:43:08 LOG7[2596:4068]: 7033 accepted FD=196 from
> > 1.2.3.60:10252
> > 2006.10.24 14:43:08 LOG7[2596:4068]: Creating a new thread
> > 2006.10.24 14:43:09 LOG7[2596:4068]: New thread created
> > 2006.10.24 14:43:09 LOG7[2596:2372]: 7033 started
> > 2006.10.24 14:43:09 LOG7[2596:2372]: FD 196 in non-blocking mode
> > 2006.10.24 14:43:09 LOG7[2596:2372]: TCP_NODELAY option set on local socket
> > 2006.10.24 14:43:09 LOG5[2596:2372]: 7033 connected from 1.2.3.60:10252
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): before/accept
> > initialization
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> > client hello A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> > server hello A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> > certificate A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> > server done A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 flush data
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> > client key exchange A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> > finished A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> > change cipher spec A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> > finished A
> > 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 flush data
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    3 items in the session cache
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    0 client connects (SSL_connect())
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    0 client connects that finished
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    0 client renegotiations requested
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    5 server connects (SSL_accept())
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    5 server connects that finished
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    0 server renegotiations requested
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    1 session cache hits
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    1 session cache misses
> > 2006.10.24 14:43:09 LOG7[2596:2372]:    1 session cache timeouts
> > 2006.10.24 14:43:09 LOG6[2596:2372]: SSL accepted: new session negotiated
> > 2006.10.24 14:43:09 LOG6[2596:2372]: Negotiated ciphers: AES256-SHA
> >          SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
> > 2006.10.24 14:43:09 LOG7[2596:2372]: FD 180 in non-blocking mode
> > 2006.10.24 14:43:09 LOG7[2596:2372]: 7033 connecting 127.0.0.1:10000
> > 2006.10.24 14:43:09 LOG7[2596:2372]: connect_wait: waiting 10 seconds
> > 2006.10.24 14:43:19 LOG6[2596:2372]: connect_wait: s_poll_wait timeout
> > 2006.10.24 14:43:19 LOG5[2596:2372]: Connection reset: 0 bytes sent to
> > SSL, 0 bytes sent to socket
> > 2006.10.24 14:43:19 LOG7[2596:2372]: 7033 finished (0 left)
> > _______________________________________________
> > stunnel-users mailing list
> > stunnel-users at mirt.net
> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> >
>
>
>



More information about the stunnel-users mailing list