On Mon, 12 Jan 2015, Tristan Seligmann wrote: > Do note that PROTOCOL_SSLv23, despite the confusing name, means "do > protocol version negotiation", not specifically anything to do with > SSLv2 or SSLv3; with the configuration of OpenSSL in Debian at the > moment, it actually means "TLSv1 or TLSv1.1 or TLSv1.2". Using > PROTOCOL_TLSv1 locks the protocol version to TLSv1 and does not allow
… to TLSv1.0 is probably what you wanted to write here (twice). > negotiation of a newer protocol, which is probably not what you > intended. I see. The upstream patch had PROTOCOL_SSLv3 in both - and +, which no longer exists, and since I’ve recently patched OpenSSL (which, when built without SSLv2 support, has no SSLv23 any more either) I assumed this was the correct code to now use. bye, //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/ Tel: +49 228 54881-393 • Fax: +49 228 54881-235 HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941 Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
