Hello,

I am currently working on a project developed on an old version of Qt (4.7) and which requires the use of secure protocols (SSL / TLS).

For this we use the OpenSSL library (also in an old version, 0.9.8g). This project was developed on an old Debian Linux distribution (Lenny) and it is an embedded application (not on PC).

In this project, there is a thread that is started in parallel with the main thread in only one specific case. The goal is to only use the secure TLSv1 protocol (the best that can be done with this version of OpenSSL library).

I am facing the following problem: the only time an SSLv2 Client Hello packet is sent (instead of a TLSv1 packet) is when this second thread is started. It is therefore the first packet sent by the client to the server for negotiation (handshake). After that, all the rest of the exchanges are done using the TLSv1 protocol.

Into OpenSSL configuration, I made the modifications to force the non-use of SSLv2 and SSLv3 protocols (and even to force the use of TLSv1 protocol).
Into the application code, I also force the use of the TLSv1 protocol.

A priori everything should work in such a way that no SSLv2 packets are transmitted. This is the case, except for the case of multithreading.

Unfortunately, I can't solve the problem of the first Client Hello packet sendind, I probably forgot to do something, but I don't see what.

Does anyone have the right method so that this first Client Hello packet is sent with the TLSv1 protocol and not the SSLv2 protocol ?


Thank you in advance !

Best Regards,