Mercurial > trustbridge
comparison patches/0001-Implement-CURLOPT_SSLVERSION-for-polarssl.patch @ 1008:2fb6071c6669
Merged
author | Emanuel Schuetze <emanuel@intevation.de> |
---|---|
date | Tue, 02 Sep 2014 11:55:15 +0200 |
parents | 0570b1e562c2 |
children |
comparison
equal
deleted
inserted
replaced
1007:b75bd6686f43 | 1008:2fb6071c6669 |
---|---|
1 From bebf7d617091042828fc5838170b35c42ab60396 Mon Sep 17 00:00:00 2001 | |
2 From: Andre Heinecke <aheinecke@intevation.de> | |
3 Date: Mon, 1 Sep 2014 16:06:03 +0200 | |
4 Subject: [PATCH 1/3] Implement CURLOPT_SSLVERSION for polarssl | |
5 | |
6 Forwards the setting as minimum ssl version to polarssl. | |
7 If the server does not support the requested version the | |
8 SSL Handshake will fail. | |
9 --- | |
10 lib/vtls/polarssl.c | 21 +++++++++++++++++++++ | |
11 1 file changed, 21 insertions(+) | |
12 | |
13 diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c | |
14 index f948486..e18cadf 100644 | |
15 --- a/lib/vtls/polarssl.c | |
16 +++ b/lib/vtls/polarssl.c | |
17 @@ -270,6 +270,27 @@ polarssl_connect_step1(struct connectdata *conn, | |
18 return CURLE_SSL_CONNECT_ERROR; | |
19 } | |
20 | |
21 + if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) { | |
22 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, | |
23 + SSL_MINOR_VERSION_0); | |
24 + infof(data, "PolarSSL: Forced min. SSL Version to be SSLv3\n"); | |
25 + } | |
26 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_0) { | |
27 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, | |
28 + SSL_MINOR_VERSION_1); | |
29 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.0\n"); | |
30 + } | |
31 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_1) { | |
32 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, | |
33 + SSL_MINOR_VERSION_2); | |
34 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.1\n"); | |
35 + } | |
36 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_2) { | |
37 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, | |
38 + SSL_MINOR_VERSION_3); | |
39 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.2\n"); | |
40 + } | |
41 + | |
42 ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT); | |
43 ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL); | |
44 | |
45 -- | |
46 1.9.1 | |
47 |