Post by Vivek Gupta
Hi
I am using sTunnel for communication betweem my TCP client and a
remote SERVER but I am getting error as always-
Signal pipe is empty Service [LMAX-fix-tunnel-DEMO-MktData]
accepted (FD=348) from 127.0.0.1:55919 2014.10.06 :34:56
LOG7[4220]: Creating a new thread New thread created Service
[LMAX-fix-tunnel-DEMO-MktData] started Service
[LMAX-fix-tunnel-DEMO-MktData] accepted connection from
connected 91.215.165.69:443 Service [LMAX-fix-tunnel-DEMO-MktData]
connected remote server from 192.168.1.5:55920 Remote socket
fix-md-ate.lmaxtrader.com SSL state (connect): before/connect
initialization SSL state (connect): SSLv3 write client hello A SSL
SSLv3 read server certificate A SSL state (connect): SSLv3 read
server done A SSL state (connect): SSLv3 write client key exchange
A SSL state (connect): SSLv3 write change cipher spec A SSL state
(connect): SSLv3 write finished A SSL state (connect): SSLv3 flush
data SSL state (connect): SSLv3 read finished A 1 items in the
session cache 1 client connects (SSL_connect()) 1 client connects
that finished 0 client renegotiations requested 0 server connects
(SSL_accept()) 0 server connects that finished 0 server
renegotiations requested 0 session cache hits 0 external session
cache hits 0 session cache misses 0 session cache timeouts Peer
certificate was cached (3944 bytes) SSL connected: new session
negotiated Negotiated TLSv1/SSLv3 ciphersuite: AES128-SHA (128-bit
encryption) Compression: null, expansion: null SSL_read returned
WANT_READ: retrying SSL socket closed (SSL_read) Sent socket write
shutdown Connection closed: 150 byte(s) sent to SSL, 0 byte(s) sent
to socket Remote socket (FD=352) closed Local socket (FD=348)
closed Service [LMAX-fix-tunnel-DEMO-MktData] finished (0 left)
Please suggest. _______________________________________________
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Post by Michal Trojnara
Vivek,
"Problem is stunnel is receiving the data from Client but this data is
not being forwarded to server" No it is not. From the evidence provided by
you: (Connection closed: 150
byte(s) sent to SSL, 0 byte(s) sent to socket) the message has been passed
on to the server, but it has responded by shutting down the link without
returning any data. This is what was confirmed by Michal in his tests
using "openssl s_client...." and "curl ....". I've also just tried
acceessing that server from a browser and got "No data received".
Now it's possible/likely that neither Michal nor myself have sent the
server anything that would return valid data, so there is other
information you need to provide. What are you sending to the server and
what return to you expect? You need to post that (obviously something not
commercially sensitive) Do you have an application that IS receiving data
from that server not using stunnel? I see that trade.lmaxtrader.com
responds with a login screen. Is the fix-md-ate url only available after
some kind of login? Or do you need to provide it with a specific
certificate to get an authorized response?
(The next two are highly unlikely, if this is part of LMAX which appears
to be a sizeable organisation) Do you have any control over how that server
is implemented? If the server is securing its end of the conversation with
Stunnel, it's
possible that there is a bug there: Stunnel 5.xx prior to 5.05 had a race
condition bug whereby it may close the connection without returning data.
That has now been fixed in 5.05...but it may be worth checking.
The problem is most likely something wrong with what you (and we) are
sending, or you need to contact the owner of the server site. (I only
looked at your problem because it has the same symptoms I had with the
server-side bug, but it's not likely that this is your problem)
Graham
----- Original Message -----
Sent: Monday, October 06, 2014 1:33 PM
Subject: Re: [stunnel-users] STunnel Connection closed: 150 byte(s) sent
to SSL, 0 byte(s) sent to socket