generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

applied patch to disable SSLv2 by default; discussion:

Browse Source 
http://sourceforge.net/tracker/index.php?func=detail&aid=1767276&group_id=976&atid=350976
Submitted by Kaspar Brand.
This commit is contained in:
Gunter Knauf
2008-02-19 23:10:07 +00:00
parent 0cae201044
commit f9a6062081
4 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/libcurl/curl_easy_setopt.3
View File

@@ -1379,10 +1379,9 @@ Pass a long as parameter to control what version of SSL/TLS to attempt to use.
The available options are:
.RS
.IP CURL_SSLVERSION_DEFAULT
The default action. When libcurl built with OpenSSL or NSS, this will attempt
to figure out the remote SSL protocol version. Unfortunately there are a lot of
ancient and broken servers in use which cannot handle this technique and will
fail to connect. When libcurl is built with GnuTLS, this will mean SSLv3.
The default action. This will attempt to figure out the remote SSL protocol
version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
by default with 7.18.1).
.IP CURL_SSLVERSION_TLSv1
Force TLSv1
.IP CURL_SSLVERSION_SSLv2