[stunnel-users] Newbie question

• Next message (by thread): [stunnel-users] 1 server and more desktops
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I would be really grateful if someone could help me out with this problem.
There appears to be a very high time between my client and server in transferring data.

The log shows the following:

2009.06.02 12:32:59 LOG5[5824:5516]: TS3_GPRS accepted connection from 193.35.132.231:45050
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): before/accept initialization
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 read client hello A
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write server hello A
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write certificate A
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write certificate request A
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data
2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed
2009.06.02 12:33:09 LOG5[5824:5516]: VERIFY OK: depth=1, /C=UK/ST=Fife/L=Dunfermline/O=TS3 Services Ltd/OU=Infrastructure/CN=TS3 Services Ltd/emailAddress=helpdesk at ts3services.co.uk
2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed
2009.06.02 12:33:09 LOG5[5824:5516]: VERIFY OK: depth=0, /C=UK/ST=Fife/O=TS3 Services Ltd/OU=Terminal/CN=TS3 Services Ltd/emailAddress=helpdesk at ts3services.co.uk
2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read client certificate A
2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read client key exchange A
2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read certificate verify A
2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 read finished A
2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 write change cipher spec A
2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 write finished A
2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data
2009.06.02 12:33:10 LOG7[5824:5516]:    2 items in the session cache
2009.06.02 12:33:10 LOG7[5824:5516]:    0 client connects (SSL_connect())
2009.06.02 12:33:10 LOG7[5824:5516]:    0 client connects that finished
2009.06.02 12:33:10 LOG7[5824:5516]:    0 client renegotiations requested
2009.06.02 12:33:10 LOG7[5824:5516]:    2 server connects (SSL_accept())
2009.06.02 12:33:10 LOG7[5824:5516]:    2 server connects that finished
2009.06.02 12:33:10 LOG7[5824:5516]:    0 server renegotiations requested
2009.06.02 12:33:10 LOG7[5824:5516]:    0 session cache hits
2009.06.02 12:33:10 LOG7[5824:5516]:    0 session cache misses
2009.06.02 12:33:10 LOG7[5824:5516]:    0 session cache timeouts
2009.06.02 12:33:10 LOG6[5824:5516]: SSL accepted: new session negotiated
2009.06.02 12:33:10 LOG6[5824:5516]: Negotiated ciphers: DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
2009.06.02 12:33:10 LOG7[5824:5516]: FD 292 in non-blocking mode
2009.06.02 12:33:10 LOG7[5824:5516]: TS3_GPRS connecting 127.0.0.1:8139
2009.06.02 12:33:10 LOG7[5824:5516]: connect_wait: waiting 10 seconds
2009.06.02 12:33:10 LOG7[5824:5516]: connect_wait: connected
2009.06.02 12:33:10 LOG5[5824:5516]: TS3_GPRS connected remote server from 127.0.0.1:2273
2009.06.02 12:33:10 LOG7[5824:5516]: Remote FD=292 initialized
2009.06.02 12:33:31 LOG7[5824:5516]: Socket closed on read
2009.06.02 12:33:31 LOG7[5824:5516]: SSL write shutdown
2009.06.02 12:33:31 LOG7[5824:5516]: SSL alert (write): warning: close notify
2009.06.02 12:33:31 LOG6[5824:5516]: SSL socket closed on SSL_shutdown
2009.06.02 12:33:31 LOG7[5824:5516]: Socket write shutdown
2009.06.02 12:33:31 LOG5[5824:5516]: Connection closed: 65 bytes sent to SSL, 185 bytes sent to socket
2009.06.02 12:33:31 LOG7[5824:5516]: TS3_GPRS finished (0 left)

The main issue for me is the time between the two lines:

2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data
2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed

The handshaking and certificate exchange appears to be pretty quick, but I need to understand why there is 10 second delay between these two lines.
It seems horrendous amount of time for transferring data.
It might be my lack of understanding on the SSL process, so any information on this would be greatly appreciated.

Thanks in advance,

Steven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090602/38643133/attachment.html>

• Next message (by thread): [stunnel-users] 1 server and more desktops
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]