[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 126/163: openssl: allow TLS 1.3 by default
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 126/163: openssl: allow TLS 1.3 by default |
Date: |
Sun, 05 Aug 2018 12:37:32 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 08c845cfdb66b8a4e61f92ec512ae41d9700b9ec
Author: Daniel Stenberg <address@hidden>
AuthorDate: Thu Jun 28 23:05:05 2018 +0200
openssl: allow TLS 1.3 by default
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
---
docs/cmdline-opts/tlsv1.d | 4 ++--
lib/vtls/openssl.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/docs/cmdline-opts/tlsv1.d b/docs/cmdline-opts/tlsv1.d
index 9c9f6b3f5..4cb405697 100644
--- a/docs/cmdline-opts/tlsv1.d
+++ b/docs/cmdline-opts/tlsv1.d
@@ -8,5 +8,5 @@ Requires: TLS
See-also: http1.1 http2
Help: Use TLSv1.0 or greater
---
-Tells curl to use TLS version 1.x when negotiating with a remote TLS
-server. That means TLS version 1.0, 1.1 or 1.2.
+Tells curl to use at least TLS version 1.x when negotiating with a remote TLS
+server. That means TLS version 1.0 or higher
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 4731107f2..225b4cbd1 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2130,12 +2130,12 @@ set_ssl_version_min_max(long *ctx_options, struct
connectdata *conn,
#endif
/* FALLTHROUGH */
case CURL_SSLVERSION_MAX_TLSv1_2:
- case CURL_SSLVERSION_MAX_DEFAULT:
#ifdef TLS1_3_VERSION
*ctx_options |= SSL_OP_NO_TLSv1_3;
#endif
break;
case CURL_SSLVERSION_MAX_TLSv1_3:
+ case CURL_SSLVERSION_MAX_DEFAULT:
#ifdef TLS1_3_VERSION
break;
#else
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 80/163: openssl: assume engine support in 1.0.1 or later, (continued)
- [GNUnet-SVN] [gnurl] 80/163: openssl: assume engine support in 1.0.1 or later, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 136/163: DEPRECATE: include year when specifying date, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 95/163: configure: enhance ability to detect/build with static openssl, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 108/163: cmake: allow multiple SSL backends, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 86/163: runtests: support variables in <strippart>, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 107/163: url: fix dangling conn->data pointer, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 109/163: system.h: fix for gcc on 32 bit OpenServer, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 123/163: configure: remove CURL_CHECK_NI_WITHSCOPEID too, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 112/163: CURLOPT_SSL_VERIFYPEER.3: Add performance note, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 88/163: TODO: "Option to refuse usernames in URLs" done, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 126/163: openssl: allow TLS 1.3 by default,
gnunet <=
- [GNUnet-SVN] [gnurl] 61/163: KNOWN_BUGS: CURL_GLOBAL_SSL, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 57/163: option: disallow username in URL, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 102/163: runtests.pl: remove debug leftover from bb9a340c73f3, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 87/163: Curl_init_do: handle NULL connection pointer passed in, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 146/163: scripts: include _curl as part of CLEANFILES, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 105/163: travis: run more tests for coverage check, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 99/163: RELEASE-PROCEDURE: gpg sign the tags, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 128/163: openssl: make the requested TLS version the *minimum* wanted, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 65/163: CURLOPT_RESOLVE: always purge old entry first, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 76/163: mk-ca-bundle.pl: leave certificate name untouched in decode(), gnunet, 2018/08/05