diff options
| -rw-r--r-- | lib/ssluse.c | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c index 0faf43cf3..d0a83f740 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1568,10 +1568,8 @@ ossl_connect_step1(struct connectdata *conn, case CURL_SSLVERSION_TLSv1_0: ctx_options |= SSL_OP_NO_SSLv2; ctx_options |= SSL_OP_NO_SSLv3; -#if defined(SSL_OP_NO_TLSv1_1) +#if OPENSSL_VERSION_NUMBER >= 0x1000100FL ctx_options |= SSL_OP_NO_TLSv1_1; -#endif -#if defined(SSL_OP_NO_TLSv1_2) ctx_options |= SSL_OP_NO_TLSv1_2; #endif break; @@ -1581,24 +1579,20 @@ ossl_connect_step1(struct connectdata *conn, ctx_options |= SSL_OP_NO_SSLv2; ctx_options |= SSL_OP_NO_SSLv3; ctx_options |= SSL_OP_NO_TLSv1; -#if defined(SSL_OP_NO_TLSv1_2) ctx_options |= SSL_OP_NO_TLSv1_2; -#endif break; case CURL_SSLVERSION_TLSv1_2: ctx_options |= SSL_OP_NO_SSLv2; ctx_options |= SSL_OP_NO_SSLv3; ctx_options |= SSL_OP_NO_TLSv1; -#if defined(SSL_OP_NO_TLSv1_1) ctx_options |= SSL_OP_NO_TLSv1_1; -#endif break; #endif default: - failf(data, "Unsupported cipher version"); - return CURLE_SSL_CIPHER; + failf(data, "Unsupported SSL protocol version"); + return CURLE_SSL_CONNECT_ERROR; } SSL_CTX_set_options(connssl->ctx, ctx_options); |