diff options
author | Daniel Stenberg <daniel@haxx.se> | 2012-02-06 22:12:06 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2012-02-09 22:22:54 +0100 |
commit | 2a699bc6e94b8223d900e8880ad628aebf17ab6d (patch) | |
tree | 702f4ba21f3f0ff2ca28c321e28d993eb432f9fd /docs/HISTORY | |
parent | 2a266c1c7c075f9faced0248ed3f870dac1fc749 (diff) |
CURLOPT_SSL_OPTIONS: added
Allow an appliction to set libcurl specific SSL options. The first and
only options supported right now is CURLSSLOPT_ALLOW_BEAST.
It will make libcurl to disable any work-arounds the underlying SSL
library may have to address a known security flaw in the SSL3 and TLS1.0
protocol versions.
This is a reaction to us unconditionally removing that behavior after
this security advisory:
http://curl.haxx.se/docs/adv_20120124B.html
... it did however cause a lot of programs to fail because of old
servers not liking this work-around. Now programs can opt to decrease
the security in order to interoperate with old servers better.
Diffstat (limited to 'docs/HISTORY')
0 files changed, 0 insertions, 0 deletions