Loading lib/vtls/openssl.c +12 −2 Original line number Diff line number Diff line Loading @@ -1693,11 +1693,17 @@ get_ssl_version_txt(SSL *ssl) } static CURLcode set_ssl_version_min_max(long *ctx_options, struct connectdata *conn) set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, int sockindex) { #if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION) /* convoluted #if condition just to avoid compiler warnings on unused variable */ struct Curl_easy *data = conn->data; #endif long ssl_version = SSL_CONN_CONFIG(version); long ssl_version_max = SSL_CONN_CONFIG(version_max); if(ssl_version_max == CURL_SSLVERSION_MAX_NONE) { ssl_version_max = ssl_version << 16; } Loading @@ -1705,9 +1711,13 @@ set_ssl_version_min_max(long *ctx_options, struct connectdata *conn) switch(ssl_version) { case CURL_SSLVERSION_TLSv1_3: #ifdef TLS1_3_VERSION { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SSL_CTX_set_max_proto_version(connssl->ctx, TLS1_3_VERSION); *ctx_options |= SSL_OP_NO_TLSv1_2; } #else (void)sockindex; failf(data, OSSL_PACKAGE " was built without TLS 1.3 support"); return CURLE_NOT_BUILT_IN; #endif Loading Loading @@ -1956,7 +1966,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: case CURL_SSLVERSION_TLSv1_3: result = set_ssl_version_min_max(&ctx_options, conn); result = set_ssl_version_min_max(&ctx_options, conn, sockindex); if(result != CURLE_OK) return result; break; Loading Loading
lib/vtls/openssl.c +12 −2 Original line number Diff line number Diff line Loading @@ -1693,11 +1693,17 @@ get_ssl_version_txt(SSL *ssl) } static CURLcode set_ssl_version_min_max(long *ctx_options, struct connectdata *conn) set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, int sockindex) { #if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION) /* convoluted #if condition just to avoid compiler warnings on unused variable */ struct Curl_easy *data = conn->data; #endif long ssl_version = SSL_CONN_CONFIG(version); long ssl_version_max = SSL_CONN_CONFIG(version_max); if(ssl_version_max == CURL_SSLVERSION_MAX_NONE) { ssl_version_max = ssl_version << 16; } Loading @@ -1705,9 +1711,13 @@ set_ssl_version_min_max(long *ctx_options, struct connectdata *conn) switch(ssl_version) { case CURL_SSLVERSION_TLSv1_3: #ifdef TLS1_3_VERSION { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SSL_CTX_set_max_proto_version(connssl->ctx, TLS1_3_VERSION); *ctx_options |= SSL_OP_NO_TLSv1_2; } #else (void)sockindex; failf(data, OSSL_PACKAGE " was built without TLS 1.3 support"); return CURLE_NOT_BUILT_IN; #endif Loading Loading @@ -1956,7 +1966,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: case CURL_SSLVERSION_TLSv1_3: result = set_ssl_version_min_max(&ctx_options, conn); result = set_ssl_version_min_max(&ctx_options, conn, sockindex); if(result != CURLE_OK) return result; break; Loading
