[stunnel-users] Exchange Online - SSLv3 and Sophos UTM 120 firewall update

• Previous message (by thread): [stunnel-users] Exchange Online - SSLv3 and Sophos UTM 120 firewall update
• Next message (by thread): [stunnel-users] Configuring Stunnel 4.1 to use TLS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephen Hogan wrote:
> That's very good news... so I presume the line:
> 
> 2014.10.28 14:35​​:55 LOG6[4156]: Negotiated TLSv1 ciphersuite 
> ECDHE-RSA-AES256-SHA (256-bit encryption)
> 
> ... is the confirmation that the TLS protocol is being used?

I changed this recently.  Starting with stunnel 5.06 it indeed means
"TLSv1 was negotiated".

In older versions of stunnel it used SSL_CIPHER_get_version()
https://www.openssl.org/docs/ssl/SSL_CIPHER_get_name.html
> SSL_CIPHER_get_version() returns string which indicates the SSL/TLS
> protocol version that first defined the cipher. This is currently
> SSLv2 or TLSv1/SSLv3. In some cases it should possibly return
> ``TLSv1.2'' but does not; use SSL_CIPHER_description() instead. If
> cipher is NULL, ``(NONE)'' is returned.

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlRTsoMACgkQ/NU+nXTHMtFT8ACfWd9eU2SuT1fHykF52R7O0eK3
H0AAoL7jR1qwaPpA28TpG9B4mQc6a4cK
=pIXz
-----END PGP SIGNATURE-----

• Previous message (by thread): [stunnel-users] Exchange Online - SSLv3 and Sophos UTM 120 firewall update
• Next message (by thread): [stunnel-users] Configuring Stunnel 4.1 to use TLS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]