[stunnel-users] Real address of client

Gonzalo Diethelm gonzalo.diethelm at diethelm.org
Sun Sep 3 20:30:47 CEST 2006


Hello,

linux: Linux asus-gonzo 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28
UTC 2006 i686 GNU/Linux
stunnel: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP
with OpenSSL 0.9.8a 11 Oct 2005
apache: Apache/2.0.55

I am using stunnel in Ubuntu to provide https serving to an http-only
Apache installation. The stunnel config is:

cert = /home/gonzo/src/bg/run/SSL/server.crt
key  = /home/gonzo/src/bg/run/SSL/server.crt
chroot = /var/run/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /var/log/stunnel4/stunnel.log
client = no

[https]
accept  = 443
connect = 80
TIMEOUTclose = 0


Everything works perfectly, except for one minor detail: on the server,
my PHP scripts do not have access to the real IP address of the client,
and they always see this value as 127.0.0.1. I am aware the manual says
that, if you use -l or -L, there will be an additional REMOTE_HOST
environment variable with the desired IP address, but I am not sure how
to make this work from a setup like mine, where the http server process
is already running.

Any help or hints are greatly appreciated. Best regards,

-- 
Gonzalo Diethelm
gonzalo.diethelm at aditiva.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20060903/6687c65b/attachment.html>


More information about the stunnel-users mailing list