<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 13/11/2015 03:56, pratyush parimal
wrote:<br>
</div>
<blockquote class=" cite"
id="mid_CALvRNOE3i1oqo6KX3mntXLOJsN5OXqocN_XGb4_XKx082fJqHA_mail_gmail_com"
cite="mid:CALvRNOE3i1oqo6KX3mntXLOJsN5OXqocN_XGb4-XKx082fJqHA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>Hi,<br>
<br>
</div>
I'm writing a client-server program that uses TLS for
communication.<br>
I'm wondering if there's any way to programmatically find out
which TLS protocol versions are supported by the OpenSSL
library installed on my system.<br>
<br>
I'm currently aware of three ways which "sort of" provide this
information:<br>
(1) After setting up the TLS communication, call:
SSL_get_version(ssl); which returns "TLSV1.2", etc.<br>
(2) Try to connect to a server using TLS by specifying all
possible TLS versions in the client program, and see which
connections pass/fail.<br>
(3) Call: SSL_get_ciphers(), print their names, and try to
correlate them with the protocol they're associated with.<br>
<br>
Unfortunately, none of the above answer my question
completely.<br>
<br>
So is it possible to ascertain which TLS protocol versions are
actually supported by my server-program, without trying the
above methods? My purpose is not to simply make a list for my
own reference, but rather finding it out on-the-fly in the
server-side program, since I may run it on different versions
of OpenSSL.<br>
<br>
</div>
</div>
</blockquote>
<br>
<tt>If there is no suitable direct API, the following might <br>
still be helpful:</tt><tt><br>
</tt><tt><br>
</tt><tt>(4) Get the OpenSSL library version directly and compare <br>
to the known version ranges supporting different SSL/TLS <br>
versions.</tt><tt><br>
</tt><tt>(5) Looking for ways to determine the configure options <br>
used when the SSL library was built (in particular if it <br>
was compiled without some SSL/TLS versions supported in <br>
the source code of that version).</tt><br>
<br>
<pre class="moz-signature" cols="72">Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. <a class="moz-txt-link-freetext" href="https://www.wisemo.com">https://www.wisemo.com</a>
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded </pre>
</body>
</html>