Discussion:
[stunnel-users] stunnel 5.50 released
Michal Trojnara
2018-12-02 23:10:28 UTC
Permalink
Dear Users,

I have released version 5.50 of stunnel.

Version 5.50, 2018.12.02, urgency: MEDIUM
* New features
  - 32-bit Windows builds replaced with 64-bit builds.
  - OpenSSL DLLs updated to version 1.1.1.
  - Check whether "output" is not a relative file name.
  - Major code cleanup in the configuration file parser.
  - Added sslVersion, sslVersionMin and sslVersionMax
    for OpenSSL 1.1.0 and later.
* Bugfixes
  - Fixed PSK session resumption with TLS 1.3.
  - Fixed a memory leak in WIN32 logging subsystem.
  - Allow for zero value (ignored) TLS options.
  - Partially refactored configuration file parsing
    and logging subsystems for clearer code and minor
    bugfixes.
* Caveats
  - We removed FIPS support from our standard builds.
    FIPS will still be available with bespoke builds.

Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html

SHA-256 hashes:
951d92502908b852a297bd9308568f7c36598670b84286d3e05d4a3a550c0149 
stunnel-5.50.tar.gz
e855d58a05dca0943a5da8d030b5904630ee9cff47c3d747d326e151724f3bc8 
stunnel-5.50-win64-installer.exe
ad6c952cd26951c5a986efe8034b71af07c951e11d06e0b0ce73ef82594b1041 
stunnel-5.50-android.zip

Best regards,
    Mike
Jakob Hirsch
2018-12-03 09:43:54 UTC
Permalink
Hi!
Post by Michal Trojnara
  - 32-bit Windows builds replaced with 64-bit builds.
  - OpenSSL DLLs updated to version 1.1.1.
Nice, thanks! But...
Post by Michal Trojnara
  - Fixed PSK session resumption with TLS 1.3.
Is this related to the Zizhong's posting? Because I am using PSK and now
Post by Michal Trojnara
2018.12.03 10:39:36 LOG7[ui]: Found 1 ready file descriptor(s)
2018.12.03 10:39:36 LOG7[ui]: FD=4 events=0x2001 revents=0x0
2018.12.03 10:39:36 LOG7[ui]: FD=8 events=0x2001 revents=0x1
2018.12.03 10:39:36 LOG7[ui]: Service [xxxxxx] accepted (FD=3) from ::ffff:xxxxxxxxxxxxxx:52864
2018.12.03 10:39:36 LOG7[1]: Service [xxxxxx] started
2018.12.03 10:39:36 LOG7[1]: Setting local socket options (FD=3)
2018.12.03 10:39:36 LOG7[1]: Option TCP_NODELAY set on local socket
2018.12.03 10:39:36 LOG5[1]: Service [xxxxxx] accepted connection from ::ffff:xxxxxxxxxxxxxx:52864
2018.12.03 10:39:36 LOG6[1]: Peer certificate not required
2018.12.03 10:39:36 LOG7[1]: TLS state (accept): before SSL initialization
2018.12.03 10:39:36 LOG7[1]: TLS state (accept): before SSL initialization
2018.12.03 10:39:36 LOG5[1]: Key configured for PSK identity "xxxxxxx"
2018.12.03 10:39:36 LOG7[1]: TLS alert (write): fatal: internal error
2018.12.03 10:39:36 LOG7[1]: Deallocating application specific data for session connect address
2018.12.03 10:39:36 LOG3[1]: SSL_accept: 141F9044: error:141F9044:SSL routines:tls_parse_ctos_psk:internal error
2018.12.03 10:39:36 LOG5[1]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
2018.12.03 10:39:36 LOG7[1]: Local descriptor (FD=3) closed
2018.12.03 10:39:36 LOG7[1]: Service [xxxxxx] finished (0 left)
Server has OpenSSL 1.1.1 on Linux (F29), client has the included OpenSSL
1.1.1a on Windows.
The clients merely logs "SSL_connect: Peer suddenly disconnected",


Regards,
Jakob
Zizhong Zhang
2018-12-04 08:13:03 UTC
Permalink
Hello,
Post by Jakob Hirsch
Post by Michal Trojnara
- Fixed PSK session resumption with TLS 1.3.
Is this related to the Zizhong's posting? Because I am using PSK and now
Server has OpenSSL 1.1.1 on Linux (F29), client has the included OpenSSL
1.1.1a on Windows.
The clients merely logs "SSL_connect: Peer suddenly disconnected",
I believe it is related to my previous posting. In my tests, I can confirm that stunnel has fixed the PSK session resumption issue with TLS v1.3 now. Thank you Michal!

Unfortunately, I was unable to replicate your error with Fedora 29 (OpenSSL 1.1.1) and the latest Windows binary.
Małgorzata Olszówka
2018-12-04 10:14:43 UTC
Permalink
Post by Jakob Hirsch
Because I am using PSK and now
error:141F9044:SSL routines:tls_parse_ctos_psk:internal error

Hello,
I was able to replicate this error with OpenSSL-1.1.1 without stunnel.
It looks like the problem is caused by a long key.
I recommend upgrading the openssl version or shortening the key.

sh-4.3$ LD_LIBRARY_PATH=/opt/openssl-1.1.1/lib
/opt/openssl-1.1.1/bin/openssl s_server -accept 4433 -psk
36666861354f6a4d6d47326a43367a3354457945306645416f314a436d6a4837763873475074346b52664d464a6c4b547877654f664248683970727075454a35764e4b3066350a
-nocert
Using default temp DH parameters
ACCEPT
ERROR
140097028679296:error:141F906E:SSL routines:tls_parse_ctos_psk:bad
extension:ssl/statem/extensions_srvr.c:1085:
shutting down SSL
CONNECTION CLOSED

sh-4.3$ LD_LIBRARY_PATH=/opt/openssl-1.1.1a/lib
/opt/openssl-1.1.1a/bin/openssl s_client -connect 127.0.0.1:4433 -psk
36666861354f6a4d6d47326a43367a3354457945306645416f314a436d6a4837763873475074346b52664d464a6c4b547877654f664248683970727075454a35764e4b3066350a
CONNECTED(00000003)
140341717808832:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert
internal error:ssl/record/rec_layer_s3.c:1528:SSL alert number 80


But it works with TLS 1.2:

sh-4.3$ LD_LIBRARY_PATH=/opt/openssl-1.1.1a/lib
/opt/openssl-1.1.1a/bin/openssl s_client -connect 127.0.0.1:4433 -psk
36666861354f6a4d6d47326a43367a3354457945306645416f314a436d6a4837763873475074346b52664d464a6c4b547877654f664248683970727075454a35764e4b3066350a
-tls1_2
CONNECTED(00000003)


Best regards,
Małgorzata Olszówka
Jakob Hirsch
2018-12-05 11:10:19 UTC
Permalink
Hi!

(sorry, I previously sent this off-list by mistake...)
Post by Zizhong Zhang
Post by Michal Trojnara
LOG3[1]: SSL_accept: 141F9044: error:141F9044:SSL routines:tls_parse_ctos_psk:internal error
Hello,
I was able to replicate this error with OpenSSL-1.1.1 without stunnel.
It looks like the problem is caused by a long key.
I recommend upgrading the openssl version or shortening the key.
Using openssl s_server/s_client, I found that the key length limit is
128 (i.e. 64 bytes or 512 bits).
I tested this on an arch linux system (which already has openssl
1.1.1a), where there was no issue with longer keys, so this is probably
a bug in 1.1.1.

AFAICS, stunnel just gives a plain copy of the key from the PSK file, so
if I use a psk key with 64 chars or less, it should work. I tried with a
key length of 20 chars (the minimum accepted by stunnel), but now I get
this error:

LOG3[13]: SSL_accept: 14094438: error:14094438:SSL
routines:ssl3_read_bytes:tlsv1 alert internal error

Unfortunately, there is no openssl 1.1.1a rpm for Fedora yet (and
building it myself is not something I would do light-heartedly), so I
will stick with TLS 1.2 for now.

Thanks and regards,
Jakob
Jakob Hirsch
2018-12-05 11:37:59 UTC
Permalink
Hi!

(quoting the off-list reply)
I would like to make sure that you are not using the cert option in combination with the PSKsecrets option in your server configuration.
Well, I _am_ using cert in my server configuration (the client also
checks the server cert), but disabling it didn't change anything.
Continue reading on narkive:
Search results for '[stunnel-users] stunnel 5.50 released' (Questions and Answers)
3
replies
what are ssl conections?
started 2006-01-21 20:37:26 UTC
security
Loading...