[stunnel-users] TLS1.0 fallback when only TLS1.2 allowed

Wojciech Machula wmachula at gmail.com
Wed Jul 29 13:49:00 CEST 2020

So I've configured my stunnel to only use TLS1.2  and usually works ok.
However when client gets some bad L7 response it send a TCP RST, after
which all subsequent stunnel TLS Client Hellos are some hybrid of
TLS1.0/TLS1.2, as can be seen in tshark output below. Once I restart the
whole stunnel process subsequent TLS handshakes work fine using TLS1.2,
until the next client RST is received.

$ stunnel -version
stunnel 4.56 on x86_64-redhat-linux-gnu platform

$ cat /etc/centos-release
CentOS Linux release 7.8.2003 (Core)

$cat /etc/stunnel/dsr2rtcg-stunnel.conf
output = /var/log/stunnel
pid = /etc/stunnel/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

cert = /etc/pki/tls/certs/stunnel/aaa.crt
key = /etc/pki/tls/private/stunnel/aaa.key
CAfile = /etc/pki/tls/certs/stunnel/bbb.crt
client = yes
sslVersion = TLSv1.2
options = NO_TLSv1
accept =
connect =
ciphers = TLSv1.2+HIGH:!aNULL

$ tshark -nn -V -d tcp.port==45154,ssl -r 20200729_09:42:44-port45154.pcap
-2R "ssl.handshake" -c 1 | grep -i tls -B3
Secure Sockets Layer
    SSL Record Layer: Handshake Protocol: Client Hello
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 1610
            Version: TLS 1.2 (0x0303)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200729/eee36c5b/attachment.htm>

More information about the stunnel-users mailing list