Hello, > > It seems the OpenSSL TLS server, when forced to use TLSv1, > > shuts down the connection immediately after receiving a > > ClientHello with major version number not equal to 0x03. > > Nothing was sent to the client to notify the error. > > What could be sent to the client to notify it of the error? Since the server > was forced to speak TLSv1, and all evidence suggests the client does not > speak TLSv1, what format should the error notification take? Depends. If SSL3-only client connects to TLS1-only server then SSL3 alert message will be sent to client (by server). If SSL2 handshake is sent by client to server (with SSL3/TLS1 proposition or not) TCP socket will be closed by server.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
