Commit 35291624 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

openssl: allow explicit sslv2 selection 

If OpenSSL is built to support SSLv2 this brings back the ability to
explicitly select that as a protocol level.

Reported-by: Steve Holme
Bug: http://curl.haxx.se/mail/lib-2014-01/0013.html
parent d237828e

lib/vtls/openssl.c

+11 −0
Original line number Diff line number Diff line
@@ -1599,6 +1599,17 @@ ossl_connect_step1(struct connectdata *conn, 
    break;

#endif



#ifndef OPENSSL_NO_SSL2

  case CURL_SSLVERSION_SSLv2:

    ctx_options |= SSL_OP_NO_SSLv3;

    ctx_options |= SSL_OP_NO_TLSv1;

#if OPENSSL_VERSION_NUMBER >= 0x1000100FL

    ctx_options |= SSL_OP_NO_TLSv1_1;

    ctx_options |= SSL_OP_NO_TLSv1_2;

#endif

    break;

#endif



  default:

    failf(data, "Unsupported SSL protocol version");

    return CURLE_SSL_CONNECT_ERROR;