On Sat, 19 Oct 2019 12:15:32 +0100, p-0''0-h the cat (coder) wrote:
>
> Anyone know what version of TLS Agent v6 uses and/or what ciphers it
> supports?
>
> Cunning plans to work it out would also be well received.
You will get different versions of TLS in different versions of Windows.
Agent (3.2+) uses whatever the Windows SSL library "schannel.dll" supports
in whatever version of Windows you are running. (To see what your version
of Windows supports, go to "Control Panel >> Internet Options >> Advanced",
and scroll down to the check-boxes "Use SSL 3.0", "Use TLS 1.0", etc.)
Unless, that is, you have messed with the AGENT.INI setting "[Online]
AllowedSSLProtocols=". Messing with this setting cannot add options
which schannel.dll does not support, it can only take options away.
The bit values of this AGENT.INI setting match the 'client' bits in the
'grbitEnabledProtocols' field of the Windows SCHANNEL_CRED structure.
<
https://docs.microsoft.com/en-us/windows/win32/api/schannel/ns-schannel-schannel_cred>
The default AGENT.INI setting is AllowedSSLProtocols=0 which supports
whatever your version of Windows does.
> BaStarD hacker
If you are running Agent in BSD using Wine, then it will depend on
Wine's replacement for Windows' "schannel.dll".
Wine bug 14797 means your Agent might not get any TLS or SSL at all
under Wine. See comment #42 in Wine bug 14797:
<
https://bugs.winehq.org/show_bug.cgi?id=14797#c42>
--
Kind regards
Ralph