[stunnel-users] blackhole problem - please help to tune stunnel

Michael S. Chusovitin tchuss at gmail.com
Thu May 28 09:52:37 CEST 2020

Thanks Michal...

Thus the _only_ way to deliver the data reliably through stunnel is some
application-level integrity protocol?
I believed that many people use stunnel for wide variety of applications
and so they should succeed in workarounding this trouble. Maybe I am
missing something about the well-known good practice of stunnel usage?..


On Thu, May 28, 2020, 10:14 Michał Trojnara <Michal.Trojnara at stunnel.org>

> Hi Michael,
> No, there is no portable way of implementing this feature.  In fact, the
> OS kernel only notifies server applications (including stunnel) about a new
> incoming connection *after* the three-way TCP handshake has completed.
> Some more details:
> https://groups.google.com/forum/#!topic/comp.protocols.tcp-ip/vk7uY5dkdpY
> Best regards,
>     Mike
> On 5/28/2020 2:04 AM, Michael S. Chusovitin wrote:
> Dear stunnel users,
> please advise how to solve the following:
> - an Application connects to stunnel-client (installed at the same
> machine);
> - stunnel-client tries to connect to stunnel-server (remote), fails and
> sends RST to the App;
> - but the App has already sent some datagrams to stunnel-client during
> TIMEOUTconnect period and they aren't transferred to stunnel-server.
> Is there any way to make stunnel-client delay its ACK to the App until the
> connection to stunnel-server is established?
> Thanks!
> _______________________________________________
> stunnel-users mailing liststunnel-users at stunnel.orghttps://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200528/3bdc3734/attachment.htm>

More information about the stunnel-users mailing list