[stunnel-users] Strange Stunnel crash (no errors, issues, anything)

Michal Trojnara Michal.Trojnara at mirt.net
Fri May 17 07:49:15 CEST 2013

Alfred Kernaghan wrote:
> apart from the fact with the default combination the ciphers and
> security are incorrect (BEAST/CRIME vulnerable)
Unfortunately I don't think anymore that RC4 is a better choice:
Also see some initial results of my own research of this topic:
The ultimate solution would be to use TLS/1.2, which is already
supported in stunnel.  All we can do is to wait for client support.
I think AlFBPPS attack is in most cases much easier to exploit than
BEAST and Lucky Thirteen attacks for most practical scenarios.
As for CRIME: stunnel has compression turned off by default since
version 4.51.

> Short of wiping the machine completely and re-installing, can anyone
> think of anything else I can try?
Please collect a stack backtrace:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130517/c42221a0/attachment.sig>

More information about the stunnel-users mailing list