[stunnel-users] Missing bytes?

Michal Trojnara Michal.Trojnara at mirt.net
Mon Jan 2 00:23:11 CET 2012


Arthur Murray wrote:
>> I have put all of it here:
>>
>> http://pastebin.com/R7ZqSpdV
>
> Are you able to reproduce this problem or is it just me?

I have found the answer!

See this part of the log file:
2011.12.16 09:17:51 LOG7[18821:3086662544]: SSL closed on SSL_read
2011.12.16 09:17:51 LOG7[18821:3086662544]: Sending socket write  
shutdown

What it means is that connection close was initiated from SSL side of  
stunnel, and not from the plain socket of stunnel.  Your stunnel works  
in server mode, so SSL side is your s_client.

I found that closing connection on any line starting with an uppercase  
Q is a feature of s_client.  The manual says:
     CONNECTED COMMANDS
        If a connection is established with an SSL server then any  
data received from the server is displayed and any key
        presses will be sent to the server. When used interactively  
(which means neither -quiet nor -ign_eof have been given),
        the session will be renegotiated if the line begins with an R,  
and if the line begins with a Q or if end of file is
        reached, the connection will be closed down.

It's funny, isn't it?

Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120102/f51ea97b/attachment.sig>


More information about the stunnel-users mailing list