20 Sep
2012
20 Sep
'12
10:31 p.m.
On 09/20/2012 06:32 PM, Michal Trojnara wrote:
Thank you for the patch. I will include it with the next stunnel.
great.
From what I understand from the OpenSSL source, explicit handling of OPENSSL_NO_TLS1_2_CLIENT in stunnel is probably not a good idea.
ah yes :-) my thinking was that if an end-user sets a TLSv1.2 option he expects TLSv1.2 if the option is accepted by the software. Maybe we can log a warning about it instead in stunnel (instead of explicit handling), if that define is set and TLSv1.2 is configured by the end-user?
/ Henrik