[stunnel-users] Config Sanity Check

Caplan, Michael Michael.Caplan at henryschein.com
Sat Jul 19 04:14:51 CEST 2008


Hi There,

 

I am working through an issue with a script that builds a socket
connection to stunnel.  Stunnel is being used to relay to an Apache web
server.  I'm building a localhost TCP connection on port 54322, and
writing my HTTP data.  When reading data back from the socket connection
in my script I'm sometimes getting nothing, and other times getting the
proper result.  I can confirm that the web server is always receiving
the request and returning a proper response.  Wireshark shows SSL data
being transmitted and received, so stunnel is doing its thing.  However,
the response does not seem to be relayed to my script on the other side
of stunnel *sometimes*. 

 

My hunch is that I am doing something wrong with my script, but I am
hoping that an stunnel guru can rule out any oddities with my stunnel
setup.  My config is below as well as the output of my log file.  

 

Any thoughts?

 

Thanks!

 

Mike

 

 

cert = connector.pem

debug = 7

output = c:\ssl.log

 

; Some performance tunings

socket = l:TCP_NODELAY=1

socket = r:TCP_NODELAY=1

 

[registerserver]

client = yes

accept =54321

connect =www.int.ddx.com:443

 

[connector2server]

client = yes

accept =54322

connect =asd.int.ddx.com:443

 

[server2connector]

accept = 54323

connect = 9000

 

 

 

2008.07.18 21:41:41 LOG7[13648:13748]: Snagged 64 random bytes from
C:/.rnd

2008.07.18 21:41:41 LOG7[13648:13748]: Wrote 1024 new random bytes to
C:/.rnd

2008.07.18 21:41:41 LOG7[13648:13748]: RAND_status claims sufficient
entropy for the PRNG

2008.07.18 21:41:41 LOG7[13648:13748]: PRNG seeded successfully

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate loaded

2008.07.18 21:41:41 LOG7[13648:13748]: Key file: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Private key loaded

2008.07.18 21:41:41 LOG7[13648:13748]: SSL context initialized for
service registerserver

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate loaded

2008.07.18 21:41:41 LOG7[13648:13748]: Key file: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Private key loaded

2008.07.18 21:41:41 LOG7[13648:13748]: SSL context initialized for
service connector2server

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate loaded

2008.07.18 21:41:41 LOG7[13648:13748]: Key file: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Private key loaded

2008.07.18 21:41:41 LOG7[13648:13748]: SSL context initialized for
service server2connector

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Certificate loaded

2008.07.18 21:41:41 LOG7[13648:13748]: Key file: connector.pem

2008.07.18 21:41:41 LOG7[13648:13748]: Private key loaded

2008.07.18 21:41:41 LOG7[13648:13748]: SSL context initialized for
service test

2008.07.18 21:41:41 LOG5[13648:13748]: stunnel 4.25 on
x86-pc-mingw32-gnu with OpenSSL 0.9.8h 28 May 2008

2008.07.18 21:41:41 LOG5[13648:13748]: Threading:WIN32 SSL:ENGINE
Sockets:SELECT,IPv6

2008.07.18 21:41:46 LOG7[13476:13096]: Snagged 64 random bytes from
C:/.rnd

2008.07.18 21:41:47 LOG7[13476:13096]: Wrote 1024 new random bytes to
C:/.rnd

2008.07.18 21:41:47 LOG7[13476:13096]: RAND_status claims sufficient
entropy for the PRNG

2008.07.18 21:41:47 LOG7[13476:13096]: PRNG seeded successfully

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate loaded

2008.07.18 21:41:47 LOG7[13476:13096]: Key file: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Private key loaded

2008.07.18 21:41:47 LOG7[13476:13096]: SSL context initialized for
service registerserver

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate loaded

2008.07.18 21:41:47 LOG7[13476:13096]: Key file: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Private key loaded

2008.07.18 21:41:47 LOG7[13476:13096]: SSL context initialized for
service connector2server

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate loaded

2008.07.18 21:41:47 LOG7[13476:13096]: Key file: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Private key loaded

2008.07.18 21:41:47 LOG7[13476:13096]: SSL context initialized for
service server2connector

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Certificate loaded

2008.07.18 21:41:47 LOG7[13476:13096]: Key file: connector.pem

2008.07.18 21:41:47 LOG7[13476:13096]: Private key loaded

2008.07.18 21:41:47 LOG7[13476:13096]: SSL context initialized for
service test

2008.07.18 21:41:47 LOG5[13476:13096]: stunnel 4.25 on
x86-pc-mingw32-gnu with OpenSSL 0.9.8h 28 May 2008

2008.07.18 21:41:47 LOG5[13476:13096]: Threading:WIN32 SSL:ENGINE
Sockets:SELECT,IPv6




Please consider the environment before printing this email.


E-mail messages may contain viruses, worms, or other malicious code. By reading the message and opening any attachments, the recipient accepts full responsibility for taking protective action against such code. Henry Schein is not liable for any loss or damage arising from this message.

The information in this email is confidential and may be legally privileged. It is intended solely for the addressee(s). Access to this e-mail by anyone else is unauthorized.




More information about the stunnel-users mailing list