Re: [stunnel-users] tls question

2018-06-27 Thread Rob Lockhart
Dan, use Wireshark, capture traffic using Stunnel, set a filter based on the destination IP (i.e., "ip.addr == 10.5.2.0/24" if class C network), look for traffic with the host, and look for "Protocol" column. For my captures, it shows "TLSv1.2" and for "Secure Sockets Layer" it shows the

Re: [stunnel-users] help with tls config in stunnel

2018-05-10 Thread Rob Lockhart
​I don't run Solaris, so I can only assume you have a stunnel.conf file in /etc/stunnel or in /etc location. Edit that location and change: sslVersion = TLSv1 options = NO_SSLv2 options = NO_SSLv3 to: sslVersion = TLSv1.2 options = NO_SSLv2 options = NO_SSLv3 On Thu, May 10, 2018 at 12:08

Re: [stunnel-users] Configure Error

2017-04-13 Thread Rob Lockhart
. Good luck! On Thu, Apr 13, 2017 at 5:32 PM, Kenway Ng <kenwa...@gmail.com> wrote: > Thanks Rob. Appreciate the information. > > On Thu, Apr 13, 2017, 4:28 PM Rob Lockhart <rlock...@gmail.com> wrote: > >> According to this: >> https://access.redhat.com/suppo

Re: [stunnel-users] Configure Error

2017-04-13 Thread Rob Lockhart
.8. Is > that right ? Is it possible to find a version that was already compiled > with a higher version of openssl ? > > On Wed, Apr 12, 2017 at 5:49 PM, Rob Lockhart <rlock...@gmail.com> wrote: > >> >> >> On Wed, Apr 12, 2017 at 5:22 PM, Kenway Ng <k

Re: [stunnel-users] Configure Error

2017-04-12 Thread Rob Lockhart
On Wed, Apr 12, 2017 at 5:22 PM, Kenway Ng wrote: > > I am trying to upgrade our version of stunnel. Our SME left and now I am > trying to upgrade stunnel to fix a vulnerability . I am being told to use > TLS1.1 or higher > > $ ./stunnel -version > > stunnel 4.15 on

Re: [stunnel-users] Compilation issues - AIX 6.1 XLC and GXLC

2015-11-16 Thread Rob Lockhart
Mike, I tried with IBM's XLC 13.1.2 and these options were ignored: -Wall -Wpedantic -Wformat=2 -Wconversion -Wno-long-long -Wno-depreciated-declarations I compiled it as follows: cd ~/SRC; rm -rf stunnel-5.27; gzip -dc stunnel-5.27b3.tar.gz | tar xvf -; cd stunnel-5.27 export

[stunnel-users] Compilation issues - AIX 6.1 XLC and GXLC

2015-11-12 Thread Rob Lockhart
On AIX 6.1 using IBM's XLC compiler, I do "configure" and that successfully completes. However, when I "make", it fails due to the parameters "-fstack-protector" and "-fPIE"... apparently it couldn't find the files "stack-protector" and "PIE" as "-f" specifies a file. However, gcc and perhaps many

Re: [stunnel-users] Windows 2012 R2 Error on startup

2015-09-12 Thread Rob Lockhart
According to your log files, something else is already listening on port 25. from stunnel.conf: ; GMail ssmtp settings [ssmtp] accept = 25 connect = smtp.gmail.com:465 and from error log: [!] Error binding service [ssmtp] to 0.0.0.0:25 [!] bind: No error (0) That means if you're running

[stunnel-users] Stunnel 5.17 builds, 5.18 does not - AIX 6.1 - pod2man does not accept -v

2015-06-16 Thread Rob Lockhart
Michal, I was able to build Stunnel 5.17 on AIX 6.1 using the build command, after completely removing the entire section for -fstack-protector in configure (my stunnel-5.17.patch file below). I used the following commands: mkdir $HOME/stunnel-bin-5.17 gzip -dc stunnel-5.17.tar.gz | tar xvf -

Re: [stunnel-users] startup issues

2015-04-24 Thread Rob Lockhart
On Fri, Apr 24, 2015 at 12:41 PM, Coviello, Paul pcovie...@ccsusa.com wrote: Perfect! Thank you very much! That's the part I was missing the most... I kept trying to telnet to the server... Now to figure out how to keep it running on VMS BTW: Rob gmail is blocked for me that's

Re: [stunnel-users] startup issues

2015-04-24 Thread Rob Lockhart
On Fri, Apr 24, 2015 at 10:41 AM, Coviello, Paul pcovie...@ccsusa.com wrote: Hi, Well I got it started on VMS and wanted to put it in debug mode, so I shut it down made my changes to the conf file and now well I can't start it with the command procedure. I even tried the old conf and

Re: [stunnel-users] openvms and stunnel

2015-04-08 Thread Rob Lockhart
On Wed, Apr 8, 2015 at 4:47 PM, Coviello, Paul pcovie...@ccsusa.com wrote: here is the hp webpage... http://h71000.www7.hp.com/opensource/opensource.html#stunnel Ok so it appears the HP webpage shows a different version of stunnel than the page you linked before

Re: [stunnel-users] openvms and stunnel

2015-04-08 Thread Rob Lockhart
On Wed, Apr 8, 2015 at 4:10 PM, Coviello, Paul pcovie...@ccsusa.com wrote: Ok thanks here is the 1st version of the file... All I want to do is create a telnet session from a windows terminal emulator to my VMS server. also someone thinks that this version may not play well with SSL 1.4

Re: [stunnel-users] openvms and stunnel

2015-04-08 Thread Rob Lockhart
*From:* stunnel-users [mailto:stunnel-users-boun...@stunnel.org stunnel-users-boun...@stunnel.org] *On Behalf Of *Rob Lockhart *Sent:* Wednesday, April 08, 2015 4:28 PM *To:* stunnel-users@stunnel.org *Subject:* Re: [stunnel-users] openvms and stunnel On Wed, Apr 8, 2015 at 4:10 PM

[stunnel-users] Stunnel urgency: HIGH versus LOW

2015-03-24 Thread Rob Lockhart
Hello, I just noticed a urgency discrepancy for Stunnel 5.12 on the website (both of these links are under the Downloads section): https://www.stunnel.org/versions.html - shows 5.12 urgency as HIGH https://www.stunnel.org/sdf_ChangeLog.html - shows 5.12 urgency as LOW I don't know if it makes a

[stunnel-users] Multiple versions of TLS in config?

2015-03-24 Thread Rob Lockhart
Unless I'm mistaken, stunnel version 5 currently supports the options shown below for sslVersion: all = TLS v1.0, TLS v1.1, TLS v1.2, SSLv2, SSLv3 TLSv1 = TLS v1.0 only (not TLS v1.1, TLSv1.2, SSLv2 or SSLv3) TLSv1.1 = TLS v1.1 only TLSv1.2 = TLS v1.2 only In order to support TLS v1.0, TLS v1.1