Commit e819c3a4 authored by Jay Satiro's avatar Jay Satiro Committed by Daniel Stenberg
Browse files

SSL: PolarSSL default min SSL version TLS 1.0 

- Prior to this change no SSL minimum version was set by default at
runtime for PolarSSL. Therefore in most cases PolarSSL would probably
have defaulted to a minimum version of SSLv3 which is no longer secure.
parent fb249902

lib/vtls/polarssl.c

+5 −0
Original line number Diff line number Diff line
@@ -287,6 +287,11 @@ polarssl_connect_step1(struct connectdata *conn, 
  }



  switch(data->set.ssl.version) {

  default:

  case CURL_SSLVERSION_DEFAULT:

    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,

                        SSL_MINOR_VERSION_1);

    break;

  case CURL_SSLVERSION_SSLv3:

    ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3,

                        SSL_MINOR_VERSION_0);