[stunnel-users] Is it possible for stunnel to reject client connections if the server end cannot connect?
Martin van den Nieuwelaar
martin at rawl.co.nz
Fri Aug 27 03:42:22 CEST 2010
Hi all. I took a look (manually) through the last year of archives, but
didn't find anything on this issue. The situation is as follows.
Say we have two machines set up, ClientPC and ServerPC. On ClientPC I
run stunnel accepting a connection on a local port and connecting to an
stunnel port on ServerPC. On ServerPC I run stunnel accepting a
connection on the local stunnel port and connecting to the 'encryption
unaware' server on another port on the same ServerPC machine. OK,
pretty simple stuff so far.
The problem is, when I connect to ClientPC with the 'encryption unaware'
client app. then I always get a successful connection, even if there is
no server running on ServerPC. Of course once the client has a
successful connection, it then performs a write(), and that fails with
'Connection reset by peer'. Really, since there is no server running on
ServerPC, I want the connect() to stunnel on ClientPC to fail. Is there
a way to do this?
The alternative (which is a kludge), is to make the client 'stunnel
aware' (yuk!), and to tell it whether it's connecting over stunnel on a
per connection basis (yuk!). Then it can know whether it needs to look
at the connect() or the write() to know whether the server is not
Or am I overlooking something simple? :-)
R A Ward Ltd. | We take the privacy of our customers seriously.
Christchurch | All sensitive E-Mail attachments MUST be encrypted.
More information about the stunnel-users