Skip to content
  1. Sep 20, 2018
    • Jay Satiro's avatar
      vtls: fix ssl version "or later" behavior change for many backends · 2e5651a5
      Jay Satiro authored
      - Treat CURL_SSLVERSION_MAX_NONE the same as
        CURL_SSLVERSION_MAX_DEFAULT. Prior to this change NONE would mean use
        the minimum version also as the maximum.
      
      This is a follow-up to 6015cefb which changed the behavior of setting
      the SSL version so that the requested version would only be the minimum
      and not the maximum. It appears it was (mostly) implemented in OpenSSL
      but not other backends. In other words CURL_SSLVERSION_TLSv1_0 used to
      mean use just TLS v1.0 and now it means use TLS v1.0 *or later*.
      
      - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL.
      
      Prior to this change CURL_SSLVERSION_MAX_DEFAULT with OpenSSL was
      erroneously treated as always TLS 1.3, and would cause an error if
      OpenSSL was built without TLS 1.3 support.
      
      Co-authored-by: Daniel Gustafsson
      
      Fixes https://github.com/curl/curl/issues/2969
      Closes https://github.com/curl/curl/pull/3012
      2e5651a5
    • Daniel Stenberg's avatar
      certs: generate tests certs with sha256 digest algorithm · ba782baa
      Daniel Stenberg authored
      As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs:
      
      "SSL certificate problem: CA signature digest algorithm too weak"
      
      Closes #3014
      ba782baa
  2. Sep 19, 2018
  3. Sep 18, 2018
  4. Sep 17, 2018
  5. Sep 16, 2018
  6. Sep 15, 2018
  7. Sep 14, 2018
  8. Sep 13, 2018
  9. Sep 12, 2018
  10. Sep 10, 2018