[stunnel-users] Security suggestions on stunnel with SSL/TLS and SNI configuration
Michal.Trojnara at mirt.net
Thu Aug 27 16:45:59 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 27.08.2015 11:41, Secure-Mail User wrote:
> i am planning to support SSLv3 and TLSv1.2 on the same Port via
> SNI. This has backwards-compatibility reasons.
SNI is a TLS extension. It requires TLS version 1.0 or later.
TLS extensions are not supposed to allow for a version rollback:
If SNI allows for a version rollback on an SSL/TLS library, it should
be considered a vulnerability of this library.
As the result, all SSLv3 connections will *not* be redirected by SNI,
which should work fine for you.
> Using the "sslversion=SSLv3" or "options=NO_SSLv3" directives
> affect all services. The default and the SNI.
"options=NO_SSLv3" is currently the default.
You may change it with "options=-NO_SSLv3".
The "option" option may be specified in individual service sections,
and not only as a global default.
> I was not able to use e.g. sslversion=SSLv3 for the default host
> and change to sslversion=TLSv1.2 on the SNI host.
Good. SNI is not supposed to work with SSLv3.
> The first sslversion directive read per conf-file seems to be set
> and may not be changed with later invocations, right?
The RFC only says TLS extension should not allow for version rollback,
but it makes sense to disallow any changes of the protocol version.
> So I ended up with restricting the SSLv3 / TLSv1.2 via ciphers
> only. So the default service has SSLv3 ciphers and
> options=NO_SSLv2, the SNI service hast TLS1.2 ciphers only (thus
> only accepts TLSv1.2 connections)
> Are cipher restrictions sufficient to sort out old SSLvX protocols
> and sort of FORCE TLS1.2 only?
You should be able to restrict the SNI service to only allow a
specific TLS version with "options" specified within the SNI service
> Is it possible to use some SSLvX based negotiations prior to
> cipher-negotiation on the SNI-TLS1.2 service, because i did not
> explicitly use sslversion=TLS1.2 directive?
As TLS version 1.0 or higher is required for the SNI extension, you
won't get any SSL connections in your SNI sections.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the stunnel-users