Michael Osipov wrote:

> I am retrieving a resource from a web server over HTTPS, the connection is
> negotiated with TLS 1.2 but I constantly see SSLv2, Unknown (xy) in the verbose
> output. See below:
>
> * Trying <ip>...
> * Connected to <hostname> (<ip>) port 443 (#0)
> * ALPN, offering http/1.1
> * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * successfully set certificate verify locations:
> * CAfile: /usr/local/share/certs/combined-ca.pem
> CApath: none
> * TLSv1.2, TLS Unknown, Unknown (22):
> } [5 bytes data]

I made the first version of this trace-callback back in 2004.
That was before TLS v1.2 was implemented correctly (or not at all?).
Since then, little has changed AFAICS with this trace-code. Hence
all the "Unknown (22)".

But it possible this one can be blamed on a OpenSSL breakage.
If so, it happened before OpenSSL 1.0.2.

-- 
--gv
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html