Re: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake?

Seems SSL v3.0 is not supported by Google. You can test this by trying to force google into a ssl3 connection using:

openssl s_client -ssl3 -connect www.google.com:443

--> connection fails

while

openssl s_client -connect www.google.com:443

and grepping for "Protocol" gives "TLSv1.2" (at least to me) and a working connection.

Using the same command with the "-state" switch und grepping for "SSL" gives the output of the one-liner in OP's post(though I don't get it using Perl)and TLSv1.2.

Maybe there's a need for debugging the debug messages ...

Comment on Re: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake? Select or Download Code

Replies are listed 'Best First'.
Re^2: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake? by bennetthaselton (Novice) on May 23, 2018 at 16:49 UTC
OK yes I get the same results as you do, so that's a repro without using Perl. I've heard that "TLS uses SSL certificates" (e.g. https://learntomato.com/what-is-a-vpn/ ). Although I'm not clear on the mechanics, is that what's going on -- TLS is a different protocol but it uses the public/private keys baked into SSLv3 certificates, and when the debug messages refer to "SSLv3", that's what they're referring to?	[reply]
Re^3: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake? by rizzo (Curate) on May 24, 2018 at 15:09 UTC
As far as I know, they're using the same cipher suites. Why the debug messages refer to SSlv3 although TLS is used for the connection, no clue, sorry.	[reply]