[stunnel-users] blackhole problem - please help to tune stunnel

Thu May 28 09:52:37 CEST 2020

Thanks Michal...

Thus the _only_ way to deliver the data reliably through stunnel is some
application-level integrity protocol?
I believed that many people use stunnel for wide variety of applications
and so they should succeed in workarounding this trouble. Maybe I am
missing something about the well-known good practice of stunnel usage?..

Michael

On Thu, May 28, 2020, 10:14 Michał Trojnara <Michal.Trojnara at stunnel.org>
wrote:

> Hi Michael,
>
> No, there is no portable way of implementing this feature.  In fact, the
> OS kernel only notifies server applications (including stunnel) about a new
> incoming connection *after* the three-way TCP handshake has completed.
>
> Some more details:
> https://groups.google.com/forum/#!topic/comp.protocols.tcp-ip/vk7uY5dkdpY
>
> Best regards,
>     Mike
> On 5/28/2020 2:04 AM, Michael S. Chusovitin wrote:
>
> Dear stunnel users,
>
> please advise how to solve the following:
>
> - an Application connects to stunnel-client (installed at the same
> machine);
> - stunnel-client tries to connect to stunnel-server (remote), fails and
> sends RST to the App;
> - but the App has already sent some datagrams to stunnel-client during
> TIMEOUTconnect period and they aren't transferred to stunnel-server.
>
> Is there any way to make stunnel-client delay its ACK to the App until the
> connection to stunnel-server is established?
>
> Thanks!
>
>
> _______________________________________________
> stunnel-users mailing liststunnel-users at stunnel.orghttps://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200528/3bdc3734/attachment.htm>