On 13/11/2015 03:56, pratyush parimal wrote:
Hi,
I'm writing a client-server program that uses TLS for communication.
I'm wondering if there's any way to programmatically find out which
TLS protocol versions are supported by the OpenSSL library installed
on my system.
I'm currently aware of three ways which "sort of" provide this
information:
(1) After setting up the TLS communication, call:
SSL_get_version(ssl); which returns "TLSV1.2", etc.
(2) Try to connect to a server using TLS by specifying all possible
TLS versions in the client program, and see which connections pass/fail.
(3) Call: SSL_get_ciphers(), print their names, and try to correlate
them with the protocol they're associated with.
Unfortunately, none of the above answer my question completely.
So is it possible to ascertain which TLS protocol versions are
actually supported by my server-program, without trying the above
methods? My purpose is not to simply make a list for my own reference,
but rather finding it out on-the-fly in the server-side program, since
I may run it on different versions of OpenSSL.
If there is no suitable direct API, the following might
still be helpful:
(4) Get the OpenSSL library version directly and compare
to the known version ranges supporting different SSL/TLS
versions.
(5) Looking for ways to determine the configure options
used when the SSL library was built (in particular if it
was compiled without some SSL/TLS versions supported in
the source code of that version).
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
