mailing list archives
Re: some ssl version scanning not working [patch]
From: Matt Selsky <selsky () columbia edu>
Date: Sun, 23 Jan 2011 13:28:41 -0500
SSL is detected as TLS 1.0.
This doesn't match openssl's s_client. For that application, I need to explicitly disable TLSv1 via -no_tls1, or I
need to specify SSLv3 only via -ssl3. s_client cannot connect when it tries the default SSLv2/v3 behavior.
This patch doesn't fix the SSL version being incorrectly detected as TLSv1 instead of SSLv3, but it will retry a
connection without TLSv1, similar to the retry without SSLv2 option already in handle_connect_result().
Let me know what you think.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/