Re: stunnel with just postgresql client part

Поиск
Список
Период
Сортировка
От Merlin Moncure
Тема Re: stunnel with just postgresql client part
Дата
Msg-id BANLkTimBBS=LP0zzrx7gUUuUUv7etQPB6w@mail.gmail.com
обсуждение исходный текст
Ответ на stunnel with just postgresql client part  (zhong ming wu <mr.z.m.wu@gmail.com>)
Ответы Re: stunnel with just postgresql client part
Список pgsql-general
Дерево обсуждения 
On Mon, May 9, 2011 at 9:35 AM, zhong ming wu <mr.z.m.wu@gmail.com> wrote:
> Hi
>
> My postgresql client (ejabberd postgresql lib) does not seem to be
> capable of ssl connection to postgresql server (with hostssl in
> pg_hba)
>
> So I tried to use run stunnel on the client box (ejabberd).  It
> appears not to work.
>
> Here is stunnel log on the client end
> ------------------
> 2011.05.09 09:04:06 LOG7[7608:3086100176]: postgres accepted FD=7 from
> 127.0.0.1:41046
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres started
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 7 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 8 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 9 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: Connection from
> 127.0.0.1:41046 permitted by libwrap
> 2011.05.09 09:04:06 LOG5[7608:3086097296]: postgres connected from
> 127.0.0.1:41046
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: FD 8 in non-blocking mode
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres connecting 10.10.10.10:5433
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: connect_wait: waiting 10 seconds
> 2011.05.09 09:04:06 LOG7[7608:3086100176]: Cleaning up the signal pipe
> 2011.05.09 09:04:06 LOG6[7608:3086100176]: Child process 7614 finished
> with code 0
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: connect_wait: connected
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: Remote FD=8 initialized
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: SSL state (connect):
> before/connect initialization
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: SSL state (connect): SSLv3
> write client hello A
> 2011.05.09 09:04:06 LOG3[7608:3086097296]: SSL_connect: Peer suddenly
> disconnected
> 2011.05.09 09:04:06 LOG5[7608:3086097296]: Connection reset: 0 bytes
> sent to SSL, 0 bytes sent to socket
> 2011.05.09 09:04:06 LOG7[7608:3086097296]: postgres finished (0 left)
> ----------------------
>
> If required I can post postgresql server log.
>
>  It seems to be shame that I have to run stunnel on the pg box as well.
>
> My question is that client only stunnel to pg server requiring ssl
> connection is not expected to work?  Or am I doing something wrong?

what version stunnel? did you set the protocol in stunnel.conf?

merlin

В списке pgsql-general по дате отправления:

Предыдущее
От: CG
Дата:
Сообщение: ALTER TABLE ... DISABLE TRIGGERS Isolation leve
Следующее
От: Tom Lane
Дата:
Сообщение: Re: ALTER TABLE ... DISABLE TRIGGERS Isolation leve