cURL / Mailing Lists / curl-library / Single Mail

curl-library

[PATCH] Fix forcing SSLv3 connections

From: Barry Abrahamson <barry_at_automattic.com>
Date: Tue, 31 Dec 2013 22:28:35 -0600

Since ad34a2d5c87c7f4b14e8dded3 (present
 in 7.34.0 release) forcing SSLv3 will always return the
 error "curl: (35) Unsupported SSL protocol version" Can be
 replicated with `curl -I -3 https://www.google.com/`.
 This patch simply allows for v3 to be forced.

---
 lib/vtls/openssl.c |    1 +
 1 file changed, 1 insertion(+)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 7a21c73..bc22bb8 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1551,6 +1551,7 @@ ossl_connect_step1(struct connectdata *conn,
   switch(data->set.ssl.version) {
   case CURL_SSLVERSION_DEFAULT:
+  case CURL_SSLVERSION_SSLv3:
     ctx_options |= SSL_OP_NO_SSLv2;
 #ifdef USE_TLS_SRP
     if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {

1.7.10.4
--
Barry Abrahamson | Systems Wrangler | Automattic
Blog: http://barry.wordpress.com
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-01