-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stephen Hogan wrote: > That's very good news... so I presume the line: > > 2014.10.28 14:35:55 LOG6[4156]: Negotiated TLSv1 ciphersuite > ECDHE-RSA-AES256-SHA (256-bit encryption) > > ... is the confirmation that the TLS protocol is being used?
I changed this recently. Starting with stunnel 5.06 it indeed means "TLSv1 was negotiated". In older versions of stunnel it used SSL_CIPHER_get_version() https://www.openssl.org/docs/ssl/SSL_CIPHER_get_name.html > SSL_CIPHER_get_version() returns string which indicates the SSL/TLS > protocol version that first defined the cipher. This is currently > SSLv2 or TLSv1/SSLv3. In some cases it should possibly return > ``TLSv1.2'' but does not; use SSL_CIPHER_description() instead. If > cipher is NULL, ``(NONE)'' is returned. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRTsoMACgkQ/NU+nXTHMtFT8ACfWd9eU2SuT1fHykF52R7O0eK3 H0AAoL7jR1qwaPpA28TpG9B4mQc6a4cK =pIXz -----END PGP SIGNATURE----- _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
