--ssl-allow-beast added

This new option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols. It uses the new libcurl option CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.
author: Daniel Stenberg <daniel@haxx.se> 2012-02-06 22:25:04 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2012-02-09 22:28:58 +0100
commit: 62d15f159e163bf4e1a27ac1b0ffd9b84e02bf56 (patch)
tree: 814274226306bf3baeeeef30c5baa2aadd50f9a4 /src/tool_operate.c
parent: 2a699bc6e94b8223d900e8880ad628aebf17ab6d (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 1557e6256..f3fb8ef2a 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1234,6 +1234,10 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[])
           my_setopt_str(curl, CURLOPT_GSSAPI_DELEGATION,
                         config->gssapi_delegation);
 
+        /* new in 7.25.0 */
+        if(config->ssl_allow_beast)
+          my_setopt(curl, CURLOPT_SSL_OPTIONS, (long)CURLSSLOPT_ALLOW_BEAST);
+
         /* initialize retry vars for loop below */
         retry_sleep_default = (config->retry_delay) ?
           config->retry_delay*1000L : RETRY_SLEEP_DEFAULT; /* ms */
author	Daniel Stenberg <daniel@haxx.se>	2012-02-06 22:25:04 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2012-02-09 22:28:58 +0100
commit	62d15f159e163bf4e1a27ac1b0ffd9b84e02bf56 (patch)
tree	814274226306bf3baeeeef30c5baa2aadd50f9a4 /src/tool_operate.c
parent	2a699bc6e94b8223d900e8880ad628aebf17ab6d (diff)