[stunnel-users] Max Cookie Size

Scott McKeown scott at loadbalancer.org
Mon Nov 19 13:26:17 CET 2012

Hi All,

I was wondering if anyone knows if its possible to pass a 'really' large
cookie through STunnel.

I've just built the latest version again (output below). However, we have a
client that is looking to pass 16Kb (yes I know please don't tell me this
is a bad idea a I know this!) via a cookie. Since we are looking to include
STunnel in our offerings I was wondering if we could increase or change the
maximum allowed size.

I have a script that will generate a test cookie of any size that I require
to test with but I can only get an 8K cookie to work.

Any help would be great.


[root at localhost ~]# stunnel -version
stunnel 4.54 on x86_64-unknown-linux-gnu platform
Compiled/running with OpenSSL 1.0.0-fips 29 Mar 2010
Threading:PTHREAD SSL:+ENGINE+OCSP+FIPS Auth:none Sockets:POLL+IPv6

Global options:
debug                  = daemon.notice
pid                    = /usr/local/var/run/stunnel/stunnel.pid
RNDbytes               = 64
RNDfile                = /dev/urandom
RNDoverwrite           = yes

Service-level options:
ciphers                = FIPS (with "fips = yes")
ciphers                = ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH
(with "fips = no")
sessionCacheSize       = 1000
sessionCacheTimeout    = 300 seconds
sslVersion             = TLSv1 (with "fips = yes")
sslVersion             = TLSv1 for client, all for server (with "fips = no")
stack                  = 65536 bytes
TIMEOUTbusy            = 300 seconds
TIMEOUTclose           = 60 seconds
TIMEOUTconnect         = 10 seconds
TIMEOUTidle            = 43200 seconds
verify                 = none
[root at localhost ~]#

With Kind Regards.

Scott McKeown
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20121119/15aad9ec/attachment.html>

More information about the stunnel-users mailing list