TLS version?

[FourthWorld]

How can I determine which TLS version is used in a given LiveCode build?

For the moment it would be enough to know which TLS version is used in the most recent Stable build.

[stam]

How can I determine which TLS version is used in a given LiveCode build?

I’ve not come across this before, so I asked chatGPT. The response is below - I have not tested/confirmed any of this, interpret with care:

LiveCode doesn’t itself implement TLS, it relies on the OpenSSL (or platform TLS libraries on mobile) that the engine is built against.
So the supported TLS version in a given LiveCode build depends on which SSL/TLS library version is bundled (or linked) at build time.

Here’s how you can determine it:

⸻

1. From within LiveCode (Desktop/Server)

LiveCode exposes the SSL library version via the sslVersion:

Code: Select all

put the sslVersion

This will return something like:

Code: Select all

OpenSSL 1.1.1w  11 Sep 2023

From that you can look up what TLS versions that OpenSSL release supports.
• OpenSSL 1.0.2 → TLS 1.0, 1.1, 1.2
• OpenSSL 1.1.1 → TLS 1.0–1.3
• OpenSSL 3.x → TLS 1.0–1.3 (TLS 1.0 and 1.1 disabled by default)

⸻

At runtime (to see the actual negotiated TLS version)

If you need to check which TLS protocol version was actually used in a connection (say, with libURLDownloadToFile or revMail), LiveCode does not provide that directly. The common approaches are:
• Run LiveCode with socket debug logging (e.g. using set the sslVerification to false and catching errors). But this won’t explicitly tell you the TLS version.
• Use an external tool (like openssl s_client -connect host:443) to confirm what protocol the server and your LiveCode build negotiate.
• On macOS/Linux, you can run LiveCode under Wireshark or tcpdump to inspect the TLS handshake.

[FourthWorld]

Unfortunate that it required an LLM burning thru half a gallon of water to find the answer, but the detail on the SSLversion is very useful. Thank you.