On 03/17/2012 09:03 PM, Stephen Henson via RT wrote: >> [[email protected] - Sat Mar 17 16:08:24 2012]: >> >> >> I captured the handshake (attached), and it seems the client >> advertises TLS 1.2. Could it be that the fallback is on the lowest >> supported version rather than the next available? >> > > That's strange. I tried OpenSSL 1.0.0h server (which supports up to > TLS 1.0) against OpenSSL 1.0.1 client (which also supports TLS 1.1 > and 1.2) and it ends up negotiating TLS v1.0 which is what I'd > expect. I'll see what that handshake capture reveals.
Indeed interesting. I downloaded 1.0.0h from source I saw the behavior you describe. The issue is triggered on the version 1.0.0h as distributed by debian. regards, Nikos ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
