setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values

Broken since f121575 (precedes 7.56.1). Bug: https://github.com/curl/curl/issues/2225 Reported-by: cmfrolick@users.noreply.github.com Closes https://github.com/curl/curl/pull/2227
author: Jay Satiro <raysatiro@yahoo.com> 2018-01-10 03:14:15 -0500
committer: Jay Satiro <raysatiro@yahoo.com> 2018-01-13 02:57:30 -0500
commit: 6fa10c8fa2319e0271465a796f258a239b54c35a (patch)
tree: a7247aad8478c81273917c151b8581785c499f6d /lib/setopt.c
parent: 3b548ffde9f0ea85dd320ae6af23a2e3fdbb6d29 (diff)
1 files changed, 22 insertions, 20 deletions
diff --git a/lib/setopt.c b/lib/setopt.c
index 60f3ae5a6..66f30ea65 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -360,32 +360,34 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
      */
     data->set.timevalue = (time_t)va_arg(param, long);
     break;
+
   case CURLOPT_SSLVERSION:
-    /*
-     * Set explicit SSL version to try to connect with, as some SSL
-     * implementations are lame.
-     */
-#ifdef USE_SSL
-    arg = va_arg(param, long);
-    if((arg < CURL_SSLVERSION_DEFAULT) || (arg > CURL_SSLVERSION_TLSv1_3))
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    data->set.ssl.primary.version = C_SSLVERSION_VALUE(arg);
-    data->set.ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
-#else
-    result = CURLE_UNKNOWN_OPTION;
-#endif
-    break;
   case CURLOPT_PROXY_SSLVERSION:
     /*
-     * Set explicit SSL version to try to connect with for proxy, as some SSL
+     * Set explicit SSL version to try to connect with, as some SSL
      * implementations are lame.
      */
 #ifdef USE_SSL
-    arg = va_arg(param, long);
-    if((arg < CURL_SSLVERSION_DEFAULT) || (arg > CURL_SSLVERSION_TLSv1_3))
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    data->set.proxy_ssl.primary.version = C_SSLVERSION_VALUE(arg);
-    data->set.proxy_ssl.primary.version_max = C_SSLVERSION_MAX_VALUE(arg);
+    {
+      long version, version_max;
+      struct ssl_primary_config *primary = (option == CURLOPT_SSLVERSION ?
+                                            &data->set.ssl.primary :
+                                            &data->set.proxy_ssl.primary);
+
+      arg = va_arg(param, long);
+
+      version = C_SSLVERSION_VALUE(arg);
+      version_max = C_SSLVERSION_MAX_VALUE(arg);
+
+      if(version < CURL_SSLVERSION_DEFAULT ||
+         version >= CURL_SSLVERSION_LAST ||
+         version_max < CURL_SSLVERSION_MAX_NONE ||
+         version_max >= CURL_SSLVERSION_MAX_LAST)
+        return CURLE_BAD_FUNCTION_ARGUMENT;
+
+      primary->version = version;
+      primary->version_max = version_max;
+    }
 #else
     result = CURLE_UNKNOWN_OPTION;
 #endif
author	Jay Satiro <raysatiro@yahoo.com>	2018-01-10 03:14:15 -0500
committer	Jay Satiro <raysatiro@yahoo.com>	2018-01-13 02:57:30 -0500
commit	6fa10c8fa2319e0271465a796f258a239b54c35a (patch)
tree	a7247aad8478c81273917c151b8581785c499f6d /lib/setopt.c
parent	3b548ffde9f0ea85dd320ae6af23a2e3fdbb6d29 (diff)