review.tizen.org Git - platform/upstream/curl.git/commit

author	Daniel Stenberg <daniel@haxx.se>
	Mon, 6 Feb 2012 21:12:06 +0000 (22:12 +0100)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 9 Feb 2012 21:22:54 +0000 (22:22 +0100)
commit	2a699bc6e94b8223d900e8880ad628aebf17ab6d
tree	702f4ba21f3f0ff2ca28c321e28d993eb432f9fd	tree \| snapshot
parent	2a266c1c7c075f9faced0248ed3f870dac1fc749	commit \| diff

CURLOPT_SSL_OPTIONS: added

Allow an appliction to set libcurl specific SSL options. The first and
only options supported right now is CURLSSLOPT_ALLOW_BEAST.

It will make libcurl to disable any work-arounds the underlying SSL
library may have to address a known security flaw in the SSL3 and TLS1.0
protocol versions.

This is a reaction to us unconditionally removing that behavior after
this security advisory:

http://curl.haxx.se/docs/adv_20120124B.html

... it did however cause a lot of programs to fail because of old
servers not liking this work-around. Now programs can opt to decrease
the security in order to interoperate with old servers better.

docs/libcurl/curl_easy_setopt.3		diff \| blob \| history
docs/libcurl/symbols-in-versions		diff \| blob \| history
include/curl/curl.h		diff \| blob \| history
lib/ssluse.c		diff \| blob \| history
lib/url.c		diff \| blob \| history
lib/urldata.h		diff \| blob \| history