Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Stunnel truncated response debugging
2014-11-07T09:36:04.26018 2014.11.07 09:36:04 LOG7[28832]: Service [https] accepted (FD=25) from <ip1>:43013
2014-11-07T09:36:04.26023 2014.11.07 09:36:04 LOG7[29747]: Service [https] started
2014-11-07T09:36:04.26028 2014.11.07 09:36:04 LOG5[29747]: Service [https] accepted connection from <ip1>:43013
2014-11-07T09:36:04.26030 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): before/accept initialization
2014-11-07T09:36:04.26097 2014.11.07 09:36:04 LOG7[29747]: SNI: no virtual services defined
2014-11-07T09:36:04.26102 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 read client hello A
2014-11-07T09:36:04.26104 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write server hello A
2014-11-07T09:36:04.26108 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write certificate A
2014-11-07T09:36:04.26220 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write key exchange A
2014-11-07T09:36:04.26224 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write server done A
2014-11-07T09:36:04.26226 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 flush data
2014-11-07T09:36:04.26551 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 read client key exchange A
2014-11-07T09:36:04.26564 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 read finished A
2014-11-07T09:36:04.26571 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write session ticket A
2014-11-07T09:36:04.26575 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write change cipher spec A
2014-11-07T09:36:04.26580 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 write finished A
2014-11-07T09:36:04.26586 2014.11.07 09:36:04 LOG7[29747]: SSL state (accept): SSLv3 flush data
2014-11-07T09:36:04.26587 2014.11.07 09:36:04 LOG7[29747]: 3 items in the session cache
2014-11-07T09:36:04.26591 2014.11.07 09:36:04 LOG7[29747]: 0 client connects (SSL_connect())
2014-11-07T09:36:04.26593 2014.11.07 09:36:04 LOG7[29747]: 0 client connects that finished
2014-11-07T09:36:04.26594 2014.11.07 09:36:04 LOG7[29747]: 0 client renegotiations requested
2014-11-07T09:36:04.26597 2014.11.07 09:36:04 LOG7[29747]: 27 server connects (SSL_accept())
2014-11-07T09:36:04.26598 2014.11.07 09:36:04 LOG7[29747]: 27 server connects that finished
2014-11-07T09:36:04.26600 2014.11.07 09:36:04 LOG7[29747]: 0 server renegotiations requested
2014-11-07T09:36:04.26603 2014.11.07 09:36:04 LOG7[29747]: 4 session cache hits
2014-11-07T09:36:04.26605 2014.11.07 09:36:04 LOG7[29747]: 0 external session cache hits
2014-11-07T09:36:04.26607 2014.11.07 09:36:04 LOG7[29747]: 1 session cache misses
2014-11-07T09:36:04.26609 2014.11.07 09:36:04 LOG7[29747]: 0 session cache timeouts
2014-11-07T09:36:04.26610 2014.11.07 09:36:04 LOG6[29747]: No peer certificate received
2014-11-07T09:36:04.26614 2014.11.07 09:36:04 LOG6[29747]: SSL accepted: new session negotiated
2014-11-07T09:36:04.26618 2014.11.07 09:36:04 LOG6[29747]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES128-SHA (128-bit encryption)
2014-11-07T09:36:04.26619 2014.11.07 09:36:04 LOG6[29747]: Compression: null, expansion: null
2014-11-07T09:36:04.26621 2014.11.07 09:36:04 LOG6[29747]: s_connect: connecting 127.0.0.1:3443
2014-11-07T09:36:04.26627 2014.11.07 09:36:04 LOG7[29747]: s_connect: s_poll_wait 127.0.0.1:3443: waiting 10 seconds
2014-11-07T09:36:04.26630 2014.11.07 09:36:04 LOG5[29747]: s_connect: connected 127.0.0.1:3443
2014-11-07T09:36:04.26633 2014.11.07 09:36:04 LOG5[29747]: Service [https] connected remote server from 127.0.0.1:57465
2014-11-07T09:36:04.26634 2014.11.07 09:36:04 LOG7[29747]: Remote socket (FD=26) initialized
2014-11-07T09:36:04.26640 2014.11.07 09:36:04 LOG7[29747]: -> PROXY TCP4 <ip1> <ip2> 43013 443
2014-11-07T09:36:05.09124 2014.11.07 09:36:05 LOG6[29747]: Read socket closed (readsocket)
2014-11-07T09:36:05.09216 2014.11.07 09:36:05 LOG7[29747]: Sending close_notify alert
2014-11-07T09:36:05.09279 2014.11.07 09:36:05 LOG7[29747]: SSL alert (write): warning: close notify
2014-11-07T09:36:05.09287 2014.11.07 09:36:05 LOG6[29747]: SSL_shutdown successfully sent close_notify alert
2014-11-07T09:36:07.09417 2014.11.07 09:36:07 LOG3[29747]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing
2014-11-07T09:36:07.09434 2014.11.07 09:36:07 LOG5[29747]: Connection closed: 113051 byte(s) sent to SSL, 184 byte(s) sent to socket
2014-11-07T09:36:07.09459 2014.11.07 09:36:07 LOG7[29747]: Remote socket (FD=26) closed
2014-11-07T09:36:07.09474 2014.11.07 09:36:07 LOG7[29747]: Local socket (FD=25) closed
2014-11-07T09:36:07.09482 2014.11.07 09:36:07 LOG7[29747]: Service [https] finished (8 left)
2014-11-07T09:16:23.39237 2014.11.07 09:16:23 LOG7[24574]: Service [https] accepted (FD=16) from <ip1>:33000
2014-11-07T09:16:23.39253 2014.11.07 09:16:23 LOG7[3266]: Service [https] started
2014-11-07T09:16:23.39268 2014.11.07 09:16:23 LOG5[3266]: Service [https] accepted connection from <ip1>:33000
2014-11-07T09:16:23.39310 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): before/accept initialization
2014-11-07T09:16:23.39329 2014.11.07 09:16:23 LOG7[3266]: SNI: no virtual services defined
2014-11-07T09:16:23.39344 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 read client hello A
2014-11-07T09:16:23.39354 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write server hello A
2014-11-07T09:16:23.39368 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write certificate A
2014-11-07T09:16:23.39881 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write key exchange A
2014-11-07T09:16:23.39894 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write server done A
2014-11-07T09:16:23.39907 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 flush data
2014-11-07T09:16:23.40333 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 read client key exchange A
2014-11-07T09:16:23.40390 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 read finished A
2014-11-07T09:16:23.40409 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write session ticket A
2014-11-07T09:16:23.40421 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write change cipher spec A
2014-11-07T09:16:23.40448 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 write finished A
2014-11-07T09:16:23.40466 2014.11.07 09:16:23 LOG7[3266]: SSL state (accept): SSLv3 flush data
2014-11-07T09:16:23.40478 2014.11.07 09:16:23 LOG7[3266]: 25 items in the session cache
2014-11-07T09:16:23.40498 2014.11.07 09:16:23 LOG7[3266]: 0 client connects (SSL_connect())
2014-11-07T09:16:23.40510 2014.11.07 09:16:23 LOG7[3266]: 0 client connects that finished
2014-11-07T09:16:23.40518 2014.11.07 09:16:23 LOG7[3266]: 0 client renegotiations requested
2014-11-07T09:16:23.40527 2014.11.07 09:16:23 LOG7[3266]: 112 server connects (SSL_accept())
2014-11-07T09:16:23.40536 2014.11.07 09:16:23 LOG7[3266]: 109 server connects that finished
2014-11-07T09:16:23.40547 2014.11.07 09:16:23 LOG7[3266]: 0 server renegotiations requested
2014-11-07T09:16:23.40556 2014.11.07 09:16:23 LOG7[3266]: 23 session cache hits
2014-11-07T09:16:23.40563 2014.11.07 09:16:23 LOG7[3266]: 0 external session cache hits
2014-11-07T09:16:23.40573 2014.11.07 09:16:23 LOG7[3266]: 10 session cache misses
2014-11-07T09:16:23.40578 2014.11.07 09:16:23 LOG7[3266]: 0 session cache timeouts
2014-11-07T09:16:23.40587 2014.11.07 09:16:23 LOG6[3266]: No peer certificate received
2014-11-07T09:16:23.40598 2014.11.07 09:16:23 LOG6[3266]: SSL accepted: new session negotiated
2014-11-07T09:16:23.40609 2014.11.07 09:16:23 LOG6[3266]: Negotiated TLSv1.1 ciphersuite ECDHE-RSA-AES128-SHA (128-bit encryption)
2014-11-07T09:16:23.40617 2014.11.07 09:16:23 LOG6[3266]: Compression: null, expansion: null
2014-11-07T09:16:23.40636 2014.11.07 09:16:23 LOG6[3266]: s_connect: connecting 127.0.0.1:3443
2014-11-07T09:16:23.40669 2014.11.07 09:16:23 LOG7[3266]: s_connect: s_poll_wait 127.0.0.1:3443: waiting 10 seconds
2014-11-07T09:16:23.40682 2014.11.07 09:16:23 LOG5[3266]: s_connect: connected 127.0.0.1:3443
2014-11-07T09:16:23.40689 2014.11.07 09:16:23 LOG5[3266]: Service [https] connected remote server from 127.0.0.1:48858
2014-11-07T09:16:23.40694 2014.11.07 09:16:23 LOG7[3266]: Remote socket (FD=17) initialized
2014-11-07T09:16:23.40718 2014.11.07 09:16:23 LOG7[3266]: -> PROXY TCP4 <ip1> <ip2> 33000 443
2014-11-07T09:16:24.08964 2014.11.07 09:16:24 LOG6[3266]: Read socket closed (hangup)
2014-11-07T09:16:24.10820 2014.11.07 09:16:24 LOG7[3266]: Sending close_notify alert
2014-11-07T09:16:24.10824 2014.11.07 09:16:24 LOG7[3266]: SSL alert (write): warning: close notify
2014-11-07T09:16:24.10828 2014.11.07 09:16:24 LOG6[3266]: SSL_shutdown successfully sent close_notify alert
2014-11-07T09:16:26.10847 2014.11.07 09:16:26 LOG3[3266]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing
2014-11-07T09:16:26.10864 2014.11.07 09:16:26 LOG5[3266]: Connection closed: 100430 byte(s) sent to SSL, 184 byte(s) sent to socket
2014-11-07T09:16:26.10897 2014.11.07 09:16:26 LOG7[3266]: Remote socket (FD=17) closed
2014-11-07T09:16:26.10921 2014.11.07 09:16:26 LOG7[3266]: Local socket (FD=16) closed
2014-11-07T09:16:26.10938 2014.11.07 09:16:26 LOG7[3266]: Service [https] finished (6 left)
; **************************************************************************
; * Global options *
; **************************************************************************
setuid = stunnel
setgid = stunnel
ciphers = EECDH+AES128:EECDH+RC4:RSA+AES128:RSA+RC4:EECDH+AES256:RSA+AES256:EECDH+3DES:!EXP
; Run in foreground (for runit)
foreground = yes
pid = /var/run/stunnel/stunnel.pid
; Debugging stuff (may useful for troubleshooting)
debug = 7
syslog = no
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; **************************************************************************
; * Service defaults may also be specified in individual service sections *
; **************************************************************************
; Certificate/key is needed in server mode and optional in client mode
cert = <cert_file>
key = <key_file>
; Use server preferred cipher order
options = CIPHER_SERVER_PREFERENCE
; Disable client side renegotiation
renegotiation = no
; **************************************************************************
; * Service definitions (remove all services for inetd mode) *
; **************************************************************************
[https]
accept = 443
connect = 127.0.0.1:3443
protocol = proxy
TIMEOUTclose = 2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.