On 11/30/05, Usman Riaz <[EMAIL PROTECTED]> wrote:
> b. Secondly, I set the SSL version to 3 via "SSLv3_method" and wait for
> client to connect. When the client connects (client is a FireFox
browser,
> with SSLv2,3 & TLSv1 enabled), on the server side when i try to read
from
> the bio (after writing the initial handshake data to the BIO) the read
fails
> and BIO_should_retry also fails with the error being incorrect version
> number. Now if i change the SSL method on my server to "SSLv2_method"
then i
> dont have any problems and i can connect fine. But since i have enabled
all
> available version on my client (SSLv2,3 TLS v1), the BIO should not
return
> an error. Can someone tell what do i need to do to make the server
connect
> with SSL v3, or TLS ver 1????
Have you tried the SSLv23_method? it starts with a v2 Hello, then it
upgrades to v3 or tlsv1 ...
Regards,
Cesc
Thanks for the reply, Cesc. I havn't tried with v23, but actually I dont
want to use SSLv2 for my server. But if i disable all the other protocols in
Firefox except of the one used by my server, it works fine. Probably, there
might be some flag so that OpenSSL can fall back to some other protocol if
one is not supported by the client. I actually want to use either SSLv3 or
TLSv1 for my server.
Regards,
Usman.
P.S: Can someone comment about ssl bio_pairs being full duplex????
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
