[stunnel-users] EXTERNAL: Re: stunnel server configuration requirement to handle CBC protection

Bucci, David G david.g.bucci at lmco.com
Tue Nov 5 20:10:23 CET 2013

Can I just ask - is there no way to simply exclude the vulnerable CBC-based ciphers during the stunnel startup, so that when the client connects, there will never be a successful negotiation to use one of them?  That's how I fix it on our load balancers, set them to require e.g. RC4-SHA (actually, I have a preferred order, with TLS1.2 ciphers preferred, but fallback to RC4-SHA for clients that don't support TLS1.2, which is most - see https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls for more info).

-----Original Message-----
From: stunnel-users [mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Janusz Dziemidowicz
Sent: Tuesday, November 05, 2013 8:03 AM
To: Simner, John
Cc: stunnel-users at stunnel.org
Subject: EXTERNAL: Re: [stunnel-users] stunnel server configuration requirement to handle CBC protection

2013/11/5 Simner, John <john.simner at unify.com>:
> Dear Janusz,
> Thank you for your email and the information.
> I forwarded it to the person raising the problem and I received the following response...
> - On the tomcat PC there is the latest java version running,
>   The link below mentioned and 29 as broken, and fixed with
> - The simple setup is...
> PC (running Web Browser)
> ->
> PC connects to tomcat server using TCP and starts jHPT (the Java based 
> client) on tomcat. In this simple setup I'm using TCP, not TLS, between PC and tomcat.
> ->
> jHPT (tomcat) connects to phone using TLS
> ->
> stunnel on phone (in server mode) accepts the TLS connection (tomcat 
> is the client for this TLS connection).
> If I set in the tomcat config the java parameter 
> -Djsse.enableCBCProtection=false, the connection between tomcat and phone (stunnel) is stable.
> If I set in the tomcat config the java parameter 
> -Djsse.enableCBCProtection=true, the phone (stunnel) resets the connection.
> I hope this clarifies what is happening between the client and stunnel on the phone.
> Within the phone, stunnel connects to the TCP server which then sets up a new connection back to stunnel/client.
> So, is there a problem in stunnel or do I need to investigate what is being received between stunnel and the TCP server/TCP connection on the phone.
> Once again, thank you for your assistance and I look forward to your response.

I am sorry, but I will not provide support for your company customers.
If you are just going to forward my replies to your customers and theirs to me this will not work and I am not going to provide any more help.

I have explained to you what this JSSE option does. stunnel uses OpenSSL for SSL implementation and there are no special options to support 0/n or 1/n-1 record splitting (the CBC protection), it will happily accept both.

I really have no idea where the problem is since your description is again vague. Please debug your own application yourself and establish if the problem is between Java client and stunnel or between stunnel and Tomcat server. I am unable to do this, you must do this yourself.
Capturing network traffic with packet sniffer is usually a very good tool for debugging such problems.

Janusz Dziemidowicz
stunnel-users mailing list
stunnel-users at stunnel.org

More information about the stunnel-users mailing list