Skip to content
Commit 4bb74005 authored by Barry Abrahamson's avatar Barry Abrahamson Committed by Daniel Stenberg
Browse files

OpenSSL: Fix forcing SSLv3 connections

Some feedback provided by byte_bucket on IRC pointed out that commit
db11750c wasn’t really correct because it allows for “upgrading” to a
newer protocol when it should be only allowing for SSLv3.

This change fixes that.

When SSLv3 connection is forced, don't allow SSL negotiations for newer
versions.  Feedback provided by byte_bucket in #curl.  This behavior is
also consistent with the other force flags like --tlsv1.1 which doesn't
allow for TLSv1.2 negotiation, etc

Feedback-by: byte_bucket
Bug: http://curl.haxx.se/bug/view.cgi?id=1319
parent 303172d2
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment