[stunnel-users] Socket connection status

Jeffrey Buck Jeffrey.Buck at raytheon.com
Thu Aug 7 17:01:46 CEST 2008


   I'm running stunnel 4.04 on ia64-redhat-linux-gnu PTHREAD+LIBWRAP with 
OpenSSL 0.9.7a Feb 19 2003.

   I have basically taken a generic TCP interface and implemented a 
STUNNEL client/server setup to allow the connection to transfer data using 
SSL.  I have an issue with checking the status of the connection when a 
connection attempt is made.  We are using ObjectSpace libraries for all of 
our tcp related connections so I don't have the low level calls that are 
actually being made, but here is a brief description of what is 

   We create an os_tcp_socket object and call the connect_to() method. 
This establishes a connection to the stunnel client on my local 
machine....which in turn makes the connection the the stunnel server on 
the remote machine.  The problem I'm am having is when I can't get to the 
remote machine.  After the connect_to() call, we check the status of the 
socket and unless I sleep for 5-10 seconds, it always seems to think that 
the connection is ok...which kind-of makes sense because it is able to 
connect to the stunnel client port since it is local...but in fact, if 
there isn't access to the remote machine, eventually stunnel will close 
that initial connection to that socket (that where the 5-10 second delay 
seems to help).   The status I really want is weather or not the entire 
connection was successful through stunnel to the remote machine.  Is there 
a better way to do this other than putting a sleep() in.    Right now I 
have a 10 second sleep in between the connect_to() call and the status 
check on the local/client stunnel TCP port.  That seems to be enough time 
for stunnel to attept to complete the connection and kill the connection 
to it's local/client port so that when I check the status of it, it comes 
back bad.

   If this is the best way to do it...what is the amount of time needed 
for stunnel to attempt to complete it's connection to the remote machine?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080807/19254d35/attachment.html>

More information about the stunnel-users mailing list