Fwd: [stunnel-users] stunnel 'options' section of config file

Justin Miller booyahka at gmail.com
Tue Dec 21 16:02:15 CET 2004


I understand the security concerns... I was just trying different
protocols because I was receiving weird error messages with some https
proxies (using the mathias wald patch) about wrong version numbers,
etc. Googling it seemed to indicate that enabling/disabling
ssl2/ssl3/tls1 could do the trick. However, I can't even get 'openssl
s_client...' to yield a successful connection with some of these
proxies.

Can stunnel handle incoming http or socks proxy requests/connections?
If not, will you ever support that? For instance I want stunnel
listening on a local port 8080 and connect to a remote https proxy,
and I set the HTTP proxy server in gaim to localhost:8080.

-Justin

On Tue, 21 Dec 2004 15:20:19 +0100, Michal Trojnara
<Michal.Trojnara at mobi-com.net> wrote:
> Justin Miller wrote:
> > So all looks well ang good... But then when it sends the client hello
> > message, one would expect an ssl2 message, but we get the following
>
> Stunnel is not supposed to act as SSLv2 client.  It uses
> SSLv3_client_method() in src/ssl.c file.  If you really need SSLv2 - change
> it to SSLv2_client_method() and recompile stunnel.  It's not recommended for
> security, anyway.
>
> See SSL_CTX_new(3) manual for details.
>
> Best regards,
>     Mike
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>



More information about the stunnel-users mailing list