On Fri, Sep 15, 2000 at 09:22:24AM +0800, Michael Lee wrote:
> Bodo Moeller wrote:
>> Note that SSLv2_method will fail for some servers because they
>> no longer support SSL 2.0 (and stopping to support it is a good
>> thing because of its deficiencies). I suggest using
>> SSLv23_method without SSL_OP_NO_TLSv1 in a first connection attempt;
>> if this fails, try using the SSL_OP_NO_TLSv1 flag in a second
>> connection attempt (or try SSLv3_method; some servers may even
>> require TLSv1_method, but noone uses those :-).
> I have tried using SSv23_method in my client program without
> SSL_OP_NO_TLSv1, but in some cases SSL_connect returns no error and it is
> SSL_write that gives me a handshake failure error.
>
> Does that mean I have no way of knowing if the connection is really okay
> until I actually start sending/receiving data?
You can always use SSL_in_init(s) to check whether there is still
a handshake going on.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
