polarssl: implement CURLOPT_SSLVERSION

Forwards the setting as minimum ssl version (if set) to polarssl. If the server does not support the requested version the SSL Handshake will fail. Bug: http://curl.haxx.se/bug/view.cgi?id=1419

polarssl: implement CURLOPT_SSLVERSION
e608324f · Andre Heinecke · Daniel Stenberg · 0c14b31d · e608324f
Commit e608324f authored 10 years ago by Andre Heinecke Committed by Daniel Stenberg 10 years ago
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -270,6 +270,29 @@ polarssl_connect_step1(struct connectdata *conn,
    return CURLE_SSL_CONNECT_ERROR;
  }

+  switch(data->set.ssl.version) {
+  case CURL_SSLVERSION_SSLv3:
+    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
+                        SSL_MINOR_VERSION_0);
+    infof(data, "PolarSSL: Forced min. SSL Version to be SSLv3\n");
+    break;
+  case CURL_SSLVERSION_TLSv1_0:
+    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
+                        SSL_MINOR_VERSION_1);
+    infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.0\n");
+    break;
+  case CURL_SSLVERSION_TLSv1_1:
+    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
+                        SSL_MINOR_VERSION_2);
+    infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.1\n");
+    break;
+  case CURL_SSLVERSION_TLSv1_2:
+    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,
+                        SSL_MINOR_VERSION_3);
+    infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.2\n");
+    break;
+  }
+
  ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT);
  ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL);