> Could you hook up the check to SSL_CTX_set_min_proto_version() and return an error code when level and security policy don't match? It's a modern setter, so it can return 0 on error.
That is interesting proposal. However, need to be careful as to potentially not break configs, i.e. if they specify min_protocol_level first, then lower the security level. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1917625 Title: OpenSSL TLS 1.1 handshake fails internal error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1917625/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
