Dear Users,
I'd like the next version of stunnel to support server-side Server Name Indication: https://secure.wikimedia.org/wikipedia/en/wiki/Server_Name_Indication
The new service-level stunnel.conf option would be: sni = <master service>:<sni host>
For example:
[virtual] accept = 443 ; settings for clients that didn't send an SNI extension cert = default.pem connect = default.internal.mydomain.com:80
[sni1] ; notice that "sni" option is used instead of "accept" sni = virtual:server1.mydomain.com cert = server1.pem connect = server1.internal.mydomain.com:80
[sni2] sni = virtual:server2.mydomain.com cert = server2.pem connect = server2.internal.mydomain.com:80 ; other service-level options may be specified here verify = 3 CAfile = server2-allowed-clients.pem
[sni3] sni = virtual:server3.mydomain.com cert = server3.pem connect = server3.internal.mydomain.com:80
I would appreciate your comments on the user interface I designed for this functionality.
Best regards, Michal Trojnara
Roughly around Fri, Jun 17, 2011 at 10:05 PM, Michal Trojnara Michal.Trojnara@mirt.net cajoled:
Woohoo!
The new service-level stunnel.conf option would be: sni = <master service>:<sni host>
Looks very straightforward, sane, and flexible - I like it.
Not sure the 'right' way to handle TCP wrappers in this case - should tcpd checks be delayed until it is determined that sni was or wasn't used and then check against the actual [name] e.g. virtual vs sni1? Or should there be two tcpd checks, e.g. check virtual on accept, and then sni2 iff it turns out that's the cert they're requesting.
I'd suggest the former method - it would allow you to have more open access for the sni services. In the latter method you'd need to have the virtual service's permissions a union (or greater) of the sni services.
Bri Hatch, Systems and Security Engineer. http://www.ifokr.org/bri/
"I guess the operational phrase is 'Trust no one.'" "No. Trust Ivanova, trust yourself, anybody else: shoot 'em."
Bri Hatch wrote:
It's an interesting problem indeed. Libwrap check is executed *before* TLS negotiation, whereas SNI is performed not only *during* the initial TLS handshake, but also *during* subsequent renegotiations. It would be equally confusing to delay libwrap check and to perform it during or after each SSL handshake.
Also some people may use libwrap to prevent DoS attacks against TLS handshake or to mitigate the impact of potential OpenSSL vulnerabilities. Libwrap needs to be executed before TLS handshake to prevent attackers from interacting with OpenSSL.
On the other hand two checks may cause severe performance impact. In fact libwrap authentication is slower than TLS handshake while being a lot less secure.
I think I will stick with libwrap check performed before any TLS code.
Best regards, Mike
A few hours ago I commented on ideas proposed by Bri Hatch:
I gave it a second thought and I decided to implement the feature as proposed by Bri.
Feel free to try a beta version: ftp://ftp.stunnel.org/stunnel/stunnel-4.38b1.tar.gz It still needs an update of the manual page...
Mike
-
Bri Hatch -
Michal Trojnara