On Mon, Jul 14, 2014 at 9:37 AM, Sanju Gurung <sanju.gur...@gmail.com> wrote:
> I am using OpenSSL 1.0.1e.
> I just wanted to know If SSL_CTX object uses SSLv23_method then client sends
> SSLv2 client-hello message. How can I send SSLv3 client-hello message by
> using the same connection method (SSLv23_method).
> I don't want to disable any protocol except SSLv2 & don't want to use
> SSLv3_method.
const SSL_METHOD* method = SSLv23_method();
if(method == NULL) handleFailure();
SSL_CTX* ctx = SSL_CTX_new(method);
if(ctx == NULL) handleFailure();
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(ctx, flags);
That will get you TLS 1.0 and above. Omit SSL_OP_NO_SSLv3, and you get
SSLv3 and above.
For a list of issues with SSLv3, see Loren Weith's "Differences
Between SSLv2, SSLv3, and TLS".
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
