curl is at curl.se / Bugs / #1419 Support for CURLOPT

#1419 Support for CURLOPT_SSLVERSION for polarssl backend

Status: closed-accepted

Owner: Daniel Stenberg

Labels: SSL/TLS (37) PolarSSL (1)

Priority: 5

Updated: 2014-09-01

Created: 2014-09-01

Creator: A. Heinecke

Private: No

Hi,
we want to force in our software that connecting to a host that does not offer TLSv1.2 fails.

I thought this could be done by using CURLOPT_SSLVERSION but alas this seems not to be supported with polarssl. As polarssl offers API to set the minimal SSL Versions I've written the small attached patch to set the minimum SSL version after the SSL Init.

In case the server does not offer the requested setting you will get:
ssl_handshake returned - PolarSSL: (-0x6E80) SSL - Handshake protocol not within min/max boundaries

Best Regards,
Andre

1 Attachments

0001-Implement-CURLOPT_SSLVERSION-for-polarssl.patch

Discussion

Daniel Stenberg - 2014-09-01

Awesome. Merged and pushed as commit e608324f9f9c. I modified the if-else series to a switch() statement instead. Thanks!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Daniel Stenberg - 2014-09-01

labels: --> SSL/TLS, PolarSSL

status: open --> closed-accepted
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Support for CURLOPT_SSLVERSION for polarssl backend

curl is at curl.haxx.se

Searches

Help

#1419 Support for CURLOPT_SSLVERSION for polarssl backend

Discussion