#1419 Support for CURLOPT_SSLVERSION for polarssl backend

closed-accepted
5
2014-09-01
2014-09-01
A. Heinecke
No

Hi,
we want to force in our software that connecting to a host that does not offer TLSv1.2 fails.

I thought this could be done by using CURLOPT_SSLVERSION but alas this seems not to be supported with polarssl. As polarssl offers API to set the minimal SSL Versions I've written the small attached patch to set the minimum SSL version after the SSL Init.

In case the server does not offer the requested setting you will get:
ssl_handshake returned - PolarSSL: (-0x6E80) SSL - Handshake protocol not within min/max boundaries

Best Regards,
Andre

1 Attachments

Discussion

  • Daniel Stenberg

    Daniel Stenberg - 2014-09-01

    Awesome. Merged and pushed as commit e608324f9f9c. I modified the if-else series to a switch() statement instead. Thanks!

     
  • Daniel Stenberg

    Daniel Stenberg - 2014-09-01
    • labels: --> SSL/TLS, PolarSSL
    • status: open --> closed-accepted
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks