[stunnel-users] [patch] options-related-to-TLS-v1.1-v1.2

Henrik Riomar henrik.riomar at gmail.com
Fri Sep 21 00:31:14 CEST 2012


On 09/20/2012 06:32 PM, Michal Trojnara wrote:
>
> Thank you for the patch.  I will include it with the next stunnel.

great.
>
> From what I understand from the OpenSSL source, explicit handling of 
> OPENSSL_NO_TLS1_2_CLIENT in stunnel is probably not a good idea.
>
ah yes :-) my thinking was that if an end-user sets a TLSv1.2 option he 
expects TLSv1.2 if the option is accepted by the software. Maybe we can 
log a warning about it instead in stunnel (instead of explicit 
handling), if that define is set and TLSv1.2 is configured by the end-user?

/ Henrik



More information about the stunnel-users mailing list