From: Barry Abrahamson <barry@automattic.com>
Date: Wed, 1 Jan 2014 04:28:35 +0000 (+0100)
Subject: OpenSSL: Fix forcing SSLv3 connections
X-Git-Tag: curl-7_35_0~147
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=db11750cfa5b1;p=curl

OpenSSL: Fix forcing SSLv3 connections

Since ad34a2d5c87c7f4b14e8dded3 (present in 7.34.0 release) forcing
SSLv3 will always return the error "curl: (35) Unsupported SSL protocol
version" Can be replicated with `curl -I -3 https://www.google.com/`.
This fix simply allows for v3 to be forced.
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 7a21c737a..bc22bb888 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1551,6 +1551,7 @@ ossl_connect_step1(struct connectdata *conn,
 
   switch(data->set.ssl.version) {
   case CURL_SSLVERSION_DEFAULT:
+  case CURL_SSLVERSION_SSLv3:
     ctx_options |= SSL_OP_NO_SSLv2;
 #ifdef USE_TLS_SRP
     if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {