[openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value
Richard Moore
richmoore44 at gmail.com
Fri Mar 18 20:40:59 UTC 2016
On 18 March 2016 at 16:20, Hubert Kario <hkario at redhat.com> wrote:
> On Wednesday 16 March 2016 20:40:42 Viktor Dukhovni wrote:
> > > On Mar 16, 2016, at 6:44 PM, Viktor Dukhovni <openssl-
> users at dukhovni.org> wrote:
> > >> Was the SSL_get_version() behavior changed on purpose in the Beta 1
> > >> release? This function used to return "TLSv1" when TLS v1.0 was
> > >> used
> > >> while it is now in Beta 1 returning "TLSv1.0" for that case.
> > >
> > > I missed this change in the review. Sorry about that. It should
> > > perhaps be reverted for beta2. The reported version string for
> > > TLS 1.0 has been "TLSv1" since support for "TLS 1.0" was introduced.
> > > It should likely stay that way.
> >
> > I think it is reasonable to preserve the backwards compatible "TLSv1"
> > for the string protocol version, but do we also need to preserve the
> > "TLSv1.0" in ciphers(1) output? If so, the code needs an exception
> > that can otherwise be avoided.
>
> I'd say that ciphers(1) is directed more at human users than on
> applications, I don't think changing it there would be a problem.
>
Well, the same underlying API change would cause breakage in Qt. As it
happens I've started a new backend that is openssl 1.1 specific that means
it probably won't matter in this case, but I doubt Qt is the only thing
using this string.
Cheers
Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160318/156e02f7/attachment.html>
More information about the openssl-dev
mailing list