diff options
author | Daniel Stenberg <daniel@haxx.se> | 2018-06-28 23:05:05 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-06-29 09:15:34 +0200 |
commit | 08c845cfdb66b8a4e61f92ec512ae41d9700b9ec (patch) | |
tree | 0956a3e9eb46bc49e675d8a853da868d9acf9274 | |
parent | 24cb114c53bd60495920c1aa3455290ea4b624dd (diff) | |
download | gnurl-08c845cfdb66b8a4e61f92ec512ae41d9700b9ec.tar.gz gnurl-08c845cfdb66b8a4e61f92ec512ae41d9700b9ec.tar.bz2 gnurl-08c845cfdb66b8a4e61f92ec512ae41d9700b9ec.zip |
openssl: allow TLS 1.3 by default
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
-rw-r--r-- | docs/cmdline-opts/tlsv1.d | 4 | ||||
-rw-r--r-- | lib/vtls/openssl.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/docs/cmdline-opts/tlsv1.d b/docs/cmdline-opts/tlsv1.d index 9c9f6b3f5..4cb405697 100644 --- a/docs/cmdline-opts/tlsv1.d +++ b/docs/cmdline-opts/tlsv1.d @@ -8,5 +8,5 @@ Requires: TLS See-also: http1.1 http2 Help: Use TLSv1.0 or greater --- -Tells curl to use TLS version 1.x when negotiating with a remote TLS -server. That means TLS version 1.0, 1.1 or 1.2. +Tells curl to use at least TLS version 1.x when negotiating with a remote TLS +server. That means TLS version 1.0 or higher diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 4731107f2..225b4cbd1 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2130,12 +2130,12 @@ set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, #endif /* FALLTHROUGH */ case CURL_SSLVERSION_MAX_TLSv1_2: - case CURL_SSLVERSION_MAX_DEFAULT: #ifdef TLS1_3_VERSION *ctx_options |= SSL_OP_NO_TLSv1_3; #endif break; case CURL_SSLVERSION_MAX_TLSv1_3: + case CURL_SSLVERSION_MAX_DEFAULT: #ifdef TLS1_3_VERSION break; #else |