View Single Post
Old 01-03-2019, 07:09 AM  
UltraFine
Junior Member
 
Join Date: Nov 2018
Posts: 23
Default

Quote:
Originally Posted by Prodigy View Post
@UltraFine
I think there is a confustion about NO_SSLv2 and others setting which should be belong into "OpenSSL_Options"

From the ioFTPD.ini


Added some logic check to accommodate unknown "Encryption_Protocol", instead of crashing, ioFTPD just put an error log mentioning "Unknown Encryption_Protocol Option" and running without any TLS or SSL until ioFTPD's "Encryption_Protocol" being fixed and ioFTPD also get restarted.
yes. 7.7.7.40005 works with this configuration. It generates a new certificate. The Debug file gets around 90kb in size:

ioftpd.ini
Code:
;Certificate_Name        = ioFTPD
Create_Certificate = True
Explicit_Encryption     = True
Encryption_Protocol     = TLS1.2
OpenSSL_Options = NO_SSLv2 | NO_SSLv3
OpenSSL_Ciphers = DEFAULT:!LOW:!EXPORT
Min_Cipher_Strength     = 128
Max_Cipher_Strength     = 256

Error.log

Code:
01-03-2019 12:55:38 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:55:38 Method : TLSv1_2_server_method()
01-03-2019 12:55:38 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:55:38 Method : TLSv1_2_server_method()
01-03-2019 12:56:43 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:56:43 Method : TLSv1_2_server_method()
01-03-2019 12:56:43 Unknown option (NO_SSLv2 ) in OpenSSL_Options for service 'FTP_Service'.
01-03-2019 12:56:43 Unknown option ( NO_SSLv3) in OpenSSL_Options for service 'FTP_Service'.
I have two questions:

1) What are the valid options for "OpenSSL_Options" besides "ALL"?
2) Why does it write "tszEncryptionProtocol : 'TLS1.2'." and "Method : TLSv1_2_server_method()" into the log? Is it an error? Because a write into the error.log indicates an "Error" to me. So if it is not an error, why does this show up in the error.log?
UltraFine is offline   Reply With Quote