Hi Mike,
yes your correct, but I have forced the installation with "stunnel-4.29-3.el6_4.x86_64" ( all other packages openssl, etc. updated) and SSLv3 is working again. So, for my understanding there must be a bug or they have disabled SSLv3 in version "stunnel-4.29-3.el6_6.1.x86_64". Regards, Sebastian. ________________________________ Von: stunnel-users <[email protected]> im Auftrag von Michal Trojnara <[email protected]> Gesendet: Donnerstag, 29. Januar 2015 12:12 An: [email protected] Betreff: Re: [stunnel-users] Centos 6.6 Final stunnel-4.29-3.el6_6.1.x86_64 - options set problem SSLv3 Hi Sebastian, The ChangeLog does not say anything about disabling SSLv3: http://rpmfind.net/linux/RPM/centos/updates/6.6/x86_64/Packages/stunnel-4.29-3.el6_6.1.x86_64.html I guess it may be disabled in the OpenSSL rather than in stunnel. Anyway, if you connect stunnel with some software that's so old that it doesn't support TLS, the software is almost certainly no longer supported, and most likely vulnerable to attacks. This is a serious risk! Mike On 29.01.2015 11:58, Sebastian Ochsenkühn wrote: Hi Mike, thanks for your fast response, but I think there is a big issue. The latest version that is available in the CENTOS 6 Base Repo is "stunnel-4.29-3.el6_6.1.x86_64" - In this version the SSLv3 is disabled by default, but there is not option to enable it. I hope you understand my situation :-) ________________________________ Von: stunnel-users <[email protected]><mailto:[email protected]> im Auftrag von Michal Trojnara <[email protected]><mailto:[email protected]> Gesendet: Donnerstag, 29. Januar 2015 11:44 An: [email protected]<mailto:[email protected]> Betreff: Re: [stunnel-users] Centos 6.6 Final stunnel-4.29-3.el6_6.1.x86_64 - options set problem SSLv3 Hi Sebastian, My documentation describes the latest version of stunnel. For an old version please refer to the appropriate manual page distributed with the specific version you're using. Mike On 29.01.2015 11:40, Sebastian Ochsenkühn wrote: Hi, I have a big problem with the new stunnel version on CentOS 6.6 (stunnel-4.29-3.el6_6.1.x86_64) that is available in the CentOS base repository. You describe in your documentation that SSLv3 is disabled by default. -> OK for me, but I need SSLv3 and the option with -NO_SSLv3 is not working?! PS: this is also not working with -NO_SSLv2 option. options = -NO_SSLv3 = NOT Working option = NO_SSLv3 = Working. Currently i have installed an older version, where the SSLv3 protocoll is not disabled by default. Is there anything that I'm doing wrong? Thanks and Regards, Sebastian. _______________________________________________ stunnel-users mailing list [email protected]<mailto:[email protected]> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
