[stunnel-users] Stunnel client not sending data
Carter Browne
cbrowne at cbcs-usa.com
Wed Oct 25 14:23:08 CEST 2006
On the server side, I think you should be receiving on 1.2.3.70 (since that is where you are sending the data).
Carter
Jeremiah Martell wrote:
> Hello,
>
> I have a program that opens up a connection to port 10000 of a server
> and sends it some data. It works normally. I'm trying to "stunnel"
> both ends.
>
> In my program I create a socket, connect to local port 7033, send my
> data, and close the socket. I verified that every function call
> returns success (socket, setsockopt (for TCP_NODELAY), gethostbyname,
> connect, and send).
>
>> From what the logs show below, it seems that server stunnel gets the
> connection from the client stunnel, they successfully negotiate the
> SSL stuff, then the client stunnel waits for any data to proxy to the
> server stunnel. The server stunnel is waiting too, and after 10
> seconds of no data, it closes the socket.
>
> For some reason the client stunnel is not getting my data and
> therefore doesn't forward anything over to the server stunnel. I'm not
> sure why this is happening, because my program works normally and I've
> verified that everything returned success.
>
> Any ideas?
>
> - Jeremiah
>
> -----------------------------
>
> ON CLIENT (1.2.3.60)
>
> Linux
> stunnel 4.16
> OpenSSL 0.9.7c
>
> stunnel.conf is...
> pid =
> client = yes
>
> [7033]
> accept = 127.0.0.1:7033
> connect = 1.2.3.70:7033
>
> -----------------------------
>
> ON SERVER (1.2.3.70)
>
> Windows
> stunnel 4.16 windows binary installer (Aug 31 2006)
>
> stunnel.conf is...
>
> cert = stunnel.pem
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> debug = 7
>
> [7033]
> accept = 1.2.3.60:7033
> connect = 127.0.0.1:10000
>
> -----------------------------
>
> On client I see this debug...
>
> Oct 24 14:38:22 stunnel: LOG5[2892:258]: 7033 connected from
> 127.0.0.1:10251
> Oct 24 14:38:32 stunnel: LOG3[2892:258]: SSL_read: Connection reset by
> peer (104)
> Oct 24 14:38:32 stunnel: LOG5[2892:258]: Connection reset: 56 bytes
> sent to SSL, 0 bytes send to socket
>
> -----------------------------
>
> On server I see this debug...
>
> 2006.10.24 14:43:08 LOG7[2596:4068]: 7033 accepted FD=196 from
> 1.2.3.60:10252
> 2006.10.24 14:43:08 LOG7[2596:4068]: Creating a new thread
> 2006.10.24 14:43:09 LOG7[2596:4068]: New thread created
> 2006.10.24 14:43:09 LOG7[2596:2372]: 7033 started
> 2006.10.24 14:43:09 LOG7[2596:2372]: FD 196 in non-blocking mode
> 2006.10.24 14:43:09 LOG7[2596:2372]: TCP_NODELAY option set on local socket
> 2006.10.24 14:43:09 LOG5[2596:2372]: 7033 connected from 1.2.3.60:10252
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): before/accept
> initialization
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> client hello A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> server hello A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> certificate A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> server done A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 flush data
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> client key exchange A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 read
> finished A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> change cipher spec A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 write
> finished A
> 2006.10.24 14:43:09 LOG7[2596:2372]: SSL state (accept): SSLv3 flush data
> 2006.10.24 14:43:09 LOG7[2596:2372]: 3 items in the session cache
> 2006.10.24 14:43:09 LOG7[2596:2372]: 0 client connects (SSL_connect())
> 2006.10.24 14:43:09 LOG7[2596:2372]: 0 client connects that finished
> 2006.10.24 14:43:09 LOG7[2596:2372]: 0 client renegotiations requested
> 2006.10.24 14:43:09 LOG7[2596:2372]: 5 server connects (SSL_accept())
> 2006.10.24 14:43:09 LOG7[2596:2372]: 5 server connects that finished
> 2006.10.24 14:43:09 LOG7[2596:2372]: 0 server renegotiations requested
> 2006.10.24 14:43:09 LOG7[2596:2372]: 1 session cache hits
> 2006.10.24 14:43:09 LOG7[2596:2372]: 1 session cache misses
> 2006.10.24 14:43:09 LOG7[2596:2372]: 1 session cache timeouts
> 2006.10.24 14:43:09 LOG6[2596:2372]: SSL accepted: new session negotiated
> 2006.10.24 14:43:09 LOG6[2596:2372]: Negotiated ciphers: AES256-SHA
> SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
> 2006.10.24 14:43:09 LOG7[2596:2372]: FD 180 in non-blocking mode
> 2006.10.24 14:43:09 LOG7[2596:2372]: 7033 connecting 127.0.0.1:10000
> 2006.10.24 14:43:09 LOG7[2596:2372]: connect_wait: waiting 10 seconds
> 2006.10.24 14:43:19 LOG6[2596:2372]: connect_wait: s_poll_wait timeout
> 2006.10.24 14:43:19 LOG5[2596:2372]: Connection reset: 0 bytes sent to
> SSL, 0 bytes sent to socket
> 2006.10.24 14:43:19 LOG7[2596:2372]: 7033 finished (0 left)
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cbrowne.vcf
Type: text/x-vcard
Size: 220 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20061025/5999213b/attachment.vcf>
More information about the stunnel-users
mailing list