[openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Mar 18 20:44:37 UTC 2016
> On Mar 18, 2016, at 4:40 PM, Richard Moore <richmoore44 at gmail.com> wrote:
>
> I think it is reasonable to preserve the backwards compatible "TLSv1"
> > for the string protocol version, but do we also need to preserve the
> > "TLSv1.0" in ciphers(1) output? If so, the code needs an exception
> > that can otherwise be avoided.
>
> I'd say that ciphers(1) is directed more at human users than on
> applications, I don't think changing it there would be a problem.
>
> Well, the same underlying API change would cause breakage in Qt. As it happens I've started a new backend that is openssl 1.1 specific that means it probably won't matter in this case, but I doubt Qt is the only thing using this string.
The git version has reverted to fully backwards-compatible behaviour.
The protocol version is "TLSv1" and the cipher protocol versions for
the handful of PSK ciphers added with TLS 1.0 are "TLSv1.0".
--
Viktor.
More information about the openssl-dev
mailing list