[stunnel-users] default ciphers in stunnel 4.43 vs. stunnel 4.33
Brian Peterson
brian.j.peterson at gmail.com
Fri Oct 14 20:46:19 CEST 2011
Hello,
I recently upgraded stunnel from 4.33 to 4.43 and immediately noticed
problems with a particular client trying to connect to my servers. It
appears that the client only supports SSLv2 (about which I will be talking
to the client developers). In reviewing the stunnel release notes, I find
that "!SSLv2" was first added to the default ciphers value in 4.37 and was
retained in the default ciphers value in 4.40. What I am trying to find out
at this point is what the default cipher list would have been under 4.33.
I have grep'd the sources and found STUNNEL_CIPHER_LIST in options.c for
4.43, but there is no corresponding default ciphers config in 4.33. It
*appears* that 4.33 is inheriting its default ciphers from whatever the
installed OpenSSL uses by default. Is that correct?
If I set ciphers to "ALL" under 4.43 would the running stunnel be using the
same cipher list as the 4.33 build we were running previously?
Thanks,
Brian
P.S. - No need to discuss the wisdom of our cipher list at the moment... I
just want to get this client functioning and then worry about The Right
Thing To Do.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20111014/92872ea7/attachment.html>
More information about the stunnel-users
mailing list