Hello, I read a message thread that started on the october 7th, 2003 about V2ClientHello being send no matter if V2 was disable in compatiblity mode. This problem was reported by Mr. Levitte.
http://groups.google.ca/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=bm42ce%242ph8%241%40FreeBSD.csie.NCTU.edu.tw&rnum=8&prev=/groups%3Fq%3Dssl%2Btls%2Bgroup:mailing.openssl.dev%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26group%3Dmailing.openssl.dev%26sa%3DG%26scoring%3Dd I would like to know if something has been done about this. I'm asking this because we must support SSLv3 and TLS v1 but we can't send V2 client hello since now, many provider won't support v2. If they receive a V2ClientHello, they just ignore it. Thus, we cannot use the compatibility mode (sslv23...) and we can only support SSL v3 or TTL V1, but never both at the same time. I took a look at the code and I think it would be possible to check which version is enabled prior to sending the client hello and send it using the oldest enabled version. I am ready to work of a fix if this can help. Guylain ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]