[stunnel-users] Some troubles with PROXY protocol

Michal Trojnara Michal.Trojnara at mirt.net
Mon Mar 31 18:49:22 CEST 2014


On 2014-03-26 23:44, Alexey V. Drozdov wrote:
>     if(!c->opt->option.client && c->opt->protocol<0) // <-- condition is true in spite of setup protorol=proxy

Good point.  My patch (to be included in stunnel 5.01) is:

--- client.c.orig       2014-03-31 18:36:23.000000000 +0200
+++ client.c    2014-03-31 18:43:08.000000000 +0200
@@ -219,7 +219,11 @@

 NOEXPORT void client_try(CLI *c) {
     init_local(c);
-    if(!c->opt->option.client && c->opt->protocol<0) {
+    if(!c->opt->option.client && c->opt->protocol<0
+#ifndef OPENSSL_NO_TLSEXT
+            && !c->opt->servername_list_head
+#endif
+            ) {
         /* server mode and no protocol negotiation needed */
         init_ssl(c);
         init_remote(c);

Mike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140331/6145219f/attachment.sig>


More information about the stunnel-users mailing list