在 Tokyo 10.2.3 上使用 Indy 10.6.2.5366 进行一些测试我将客户端和服务器都设置为以下 SSLOptions,在我看来这将强制连接到 TLS 1.2
SSLOptions.Method := sslvTLSv1_2;
SSLOptions.SSLVersions := [sslvTLSv1_2];
但是,下面显示的 OnStatus(Info) 消息报告 SSLv3。挖掘代码会得到一个 API 调用 SSL_state_string_long,它显然会返回字符串,所以我无法进一步挖掘。这实际上是 TLSv1.2,因为密码消息似乎表明并且 SSLv3 文本有错误,还是由于某种原因它实际上回落到 SSLv3?
SSL status: "SSLv3 read server session ticket A"
SSL status: "SSLv3 read finished A"
SSL status: "SSL negotiation finished successfully"
SSL status: "SSL negotiation finished successfully"
Cipher: name = AES256-GCM-SHA384; description = AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
; bits = 256; version = TLSv1/SSLv3;
Connected to server