I understand the security concerns... I was just trying different protocols because I was receiving weird error messages with some https proxies (using the mathias wald patch) about wrong version numbers, etc. Googling it seemed to indicate that enabling/disabling ssl2/ssl3/tls1 could do the trick. However, I can't even get 'openssl s_client...' to yield a successful connection with some of these proxies.
Can stunnel handle incoming http or socks proxy requests/connections? If not, will you ever support that? For instance I want stunnel listening on a local port 8080 and connect to a remote https proxy, and I set the HTTP proxy server in gaim to localhost:8080.
-Justin
On Tue, 21 Dec 2004 15:20:19 +0100, Michal Trojnara Michal.Trojnara@mobi-com.net wrote:
Justin Miller wrote:
So all looks well ang good... But then when it sends the client hello message, one would expect an ssl2 message, but we get the following
Stunnel is not supposed to act as SSLv2 client. It uses SSLv3_client_method() in src/ssl.c file. If you really need SSLv2 - change it to SSLv2_client_method() and recompile stunnel. It's not recommended for security, anyway.
See SSL_CTX_new(3) manual for details.
Best regards, Mike
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users