The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 problem with stunnel and mysql
Author: Paul 
Date:   05-05-05 19:54

hello,

I've been having trouble with stunnel 4.10 and freeBSD 5.3

im trying to connect to mysql (4.0.24) on a remote box and I wanted to implement ssl over the transfer.

I have one freeBSD box 5.3 with the main app on it (website) running stunnel client. here is the config:

chroot = /usr/local/stunnel/var/log
pid = /stunnel.pid
debug = 7
output = /usr/local/stunnel/var/log/stunnel.log
socket = r:SO_LINGER=1:60
setuid = nobody
setgid = nobody
client = yes
[mysqld]
accept = 3306
connect = remote_ip:3307

And a remote freeBSD 5.3 box which holds the mysql server with this config:

cert = /usr/local/stunnel/etc/stunnel/stunnel.pem
chroot = /usr/local/stunnel/var/log
pid = /stunnel.pid
debug = 7
output = /usr/local/stunnel/var/log/stunnel.log
socket = r:SO_LINGER=1:60
setuid = nobody
setgid = nobody
[mysqld]
accept = 3307
connect = 3306

both boxes are on super fast connections have 1gb of ram and they are running the same version of stunnel.

now, when i start stunnel on both ends everything seems good, i can see the website and i do (tail -f )on the log and can see the data going through it... here is the bad part, it closes both connections after 5-10 seconds... it just dies.

the log on both looks like this (the last lines) :

LOG7[4681:0]: Waiting 60 second(s) for 3 file descriptor(s)
LOG7[4681:0]: CONTEXT 1, FD=6, (IN)->()
LOG7[4681:0]: CONTEXT 1, FD=8, (IN)->()
LOG7[4681:0]: CONTEXT 3, FD=10, (INOUT)->(OUT)
LOG7[4681:3]: SSL alert (write): warning: close notify
LOG7[4681:3]: SSL_shutdown retrying
LOG7[4681:3]: SSL doesn't need to read or write
LOG7[4681:0]: Waiting 60 second(s) for 3 file descriptor(s)
LOG7[4681:0]: CONTEXT 1, FD=6, (IN)->()
LOG7[4681:0]: CONTEXT 1, FD=8, (IN)->()
LOG7[4681:0]: CONTEXT 3, FD=10, (IN)->(IN)
LOG7[4681:3]: SSL alert (read): warning: close notify
LOG7[4681:3]: SSL closed on SSL_read
LOG7[4681:3]: Socket write shutdown
LOG5[4681:3]: Connection closed: 4650 bytes sent to SSL, 2029 bytes sent to socket
LOG7[4681:3]: mysqld finished (0 left)
LOG7[4681:3]: removing pid file /stunnel.pid

- sockets displays this:

bash-2.05b# ./stunnel -sockets
Socket option defaults:
Option Accept Local Remote OS default
SO_DEBUG -- -- -- 0
SO_DONTROUTE -- -- -- 0
SO_KEEPALIVE -- -- -- 0
SO_LINGER -- -- -- 0:0
SO_OOBINLINE -- -- -- 0
SO_RCVBUF -- -- -- 65536
SO_SNDBUF -- -- -- 32768
SO_RCVLOWAT -- -- -- 1
SO_SNDLOWAT -- -- -- 2048
SO_RCVTIMEO -- -- -- 0:0
SO_SNDTIMEO -- -- -- 0:0
SO_REUSEADDR 1 -- -- 0
IP_TOS -- -- -- 0
IP_TTL -- -- -- 64
TCP_NODELAY -- -- -- 0

Can anybody Please help me, the docs are not clear about the arguments and options.

Thanks Many



Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org