Postgres Pro
Downloads
Home   >   mailing lists

Re: stunnel with just postgresql client part - Mailing list pgsql-general

From zhong ming wu
Subject Re: stunnel with just postgresql client part
Date
Msg-id BANLkTimxp_fVjfdqe1aYW1N7X_YcFQJ6Lw@mail.gmail.com
Whole thread Raw
In response to Re: stunnel with just postgresql client part  (Merlin Moncure <mmoncure@gmail.com>)
Responses Re: stunnel with just postgresql client part  (Merlin Moncure <mmoncure@gmail.com>)
List pgsql-general
Tree view 
On Mon, May 9, 2011 at 2:01 PM, Merlin Moncure <mmoncure@gmail.com> wrote:
.
.
.
>>  It seems to be shame that I have to run stunnel on the pg box as well.
>>
>> My question is that client only stunnel to pg server requiring ssl
>> connection is not expected to work?  Or am I doing something wrong?
>
> what version stunnel? did you set the protocol in stunnel.conf?
>


stunnel-4.15-2.el5.1

I was not setting protocol.  But since I got your message, I tried
'protocol = pgsql' in stunnel.conf

Still no go..

In stunnel log, there is now new part about 'protocol pgsql not
supported in client mode'

----------------
2011.05.09 16:20:48 LOG7[8758:3086231248]: postgres accepted FD=7 from
127.0.0.1:50693
2011.05.09 16:20:48 LOG7[8758:3086228368]: postgres started
2011.05.09 16:20:48 LOG7[8758:3086228368]: FD 7 in non-blocking mode
2011.05.09 16:20:48 LOG7[8758:3086228368]: FD 8 in non-blocking mode
2011.05.09 16:20:48 LOG7[8758:3086228368]: FD 9 in non-blocking mode
2011.05.09 16:20:48 LOG7[8758:3086231248]: Cleaning up the signal pipe
2011.05.09 16:20:48 LOG6[8758:3086231248]: Child process 8761 finished
with code 0
2011.05.09 16:20:48 LOG7[8758:3086228368]: Connection from
127.0.0.1:50693 permitted by libwrap
2011.05.09 16:20:48 LOG5[8758:3086228368]: postgres connected from
127.0.0.1:50693
2011.05.09 16:20:48 LOG7[8758:3086228368]: FD 8 in non-blocking mode
2011.05.09 16:20:48 LOG7[8758:3086228368]: postgres connecting 10.10.10.10:5433
2011.05.09 16:20:48 LOG7[8758:3086228368]: connect_wait: waiting 10 seconds
2011.05.09 16:20:48 LOG7[8758:3086228368]: connect_wait: connected
2011.05.09 16:20:48 LOG7[8758:3086228368]: Remote FD=8 initialized
2011.05.09 16:20:48 LOG5[8758:3086228368]: Negotiations for pgsql
(client side) started
2011.05.09 16:20:48 LOG3[8758:3086228368]: Protocol pgsql not
supported in client mode
2011.05.09 16:20:48 LOG5[8758:3086228368]: Connection reset: 0 bytes
sent to SSL, 0 bytes sent to socket
2011.05.09 16:20:48 LOG7[8758:3086228368]: postgres finished (0 left)

---
postgres server log
  LOG:  could not receive data from client: Connection reset by peer
  LOG:  incomplete startup packet
-----

output from psql

psql: server closed the connection unexpectedly
        This probably means the server terminated abnormally
        before or while processing the request.
----

pgsql-general by date:

Previous
From: Merlin Moncure
Date:
Subject: Re: simple update query too long
Next
From: Merlin Moncure
Date:
Subject: Re: stunnel with just postgresql client part