Search Postgresql Archives

Re: stunnel with just postgresql client part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, May 9, 2011 at 9:35 AM, zhong ming wu <mr.z.m.wu@xxxxxxxxx> wrote:
> Hi
>
> My postgresql client (ejabberd postgresql lib) does not seem to be
> capable of ssl connection to postgresql server (with hostssl in
> pg_hba)
>
> So I tried to use run stunnel on the client box (ejabberd).  It
> appears not to work.
>
> Here is stunnel log on the client end
> ------------------
> 2011.05.09 09:04:06 LOG7[7608:3086100176]: postgres accepted FD=7 from
> 127.0.0.1:41046
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres started
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 7 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 8 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 9 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: Connection from
> 127.0.0.1:41046 permitted by libwrap
> 2011.05.09 09:04:06 LOG5[7608:3086097296]: postgres connected from
> 127.0.0.1:41046
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 8 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres connecting 10.10.10.10:5433
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: connect_wait: waiting 10 seconds
> 2011.05.09 09:04:06 LOG7[7608:3086100176]: Cleaning up the signal pipe
> 2011.05.09 09:04:06 LOG6[7608:3086100176]: Child process 7614 finished
> with code 0
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: connect_wait: connected
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: Remote FD=8 initialized
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: SSL state (connect):
> before/connect initialization
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: SSL state (connect): SSLv3
> write client hello A
> 2011.05.09 09:04:06 LOG3[7608:3086097296]: SSL_connect: Peer suddenly
> disconnected
> 2011.05.09 09:04:06 LOG5[7608:3086097296]: Connection reset: 0 bytes
> sent to SSL, 0 bytes sent to socket
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres finished (0 left)
> ----------------------
>
> If required I can post postgresql server log.
>
>  It seems to be shame that I have to run stunnel on the pg box as well.
>
> My question is that client only stunnel to pg server requiring ssl
> connection is not expected to work?  Or am I doing something wrong?

what version stunnel? did you set the protocol in stunnel.conf?

merlin

-- 
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux