From f9a60620818b6a19ebe3e6f15e1b57d7012e6fb0 Mon Sep 17 00:00:00 2001
From: Gunter Knauf <gk@gknw.de>
Date: Tue, 19 Feb 2008 23:10:07 +0000
Subject: applied patch to disable SSLv2 by default; discussion:
 http://sourceforge.net/tracker/index.php?func=detail&aid=1767276&group_id=976&atid=350976
 Submitted by Kaspar Brand.

---
 docs/libcurl/curl_easy_setopt.3 | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'docs/libcurl')

diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index dec4371e1..0da9d20bf 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -1379,10 +1379,9 @@ Pass a long as parameter to control what version of SSL/TLS to attempt to use.
 The available options are:
 .RS
 .IP CURL_SSLVERSION_DEFAULT
-The default action. When libcurl built with OpenSSL or NSS, this will attempt
-to figure out the remote SSL protocol version. Unfortunately there are a lot of
-ancient and broken servers in use which cannot handle this technique and will
-fail to connect. When libcurl is built with GnuTLS, this will mean SSLv3.
+The default action. This will attempt to figure out the remote SSL protocol
+version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
+by default with 7.18.1).
 .IP CURL_SSLVERSION_TLSv1
 Force TLSv1
 .IP CURL_SSLVERSION_SSLv2
-- 
cgit v1.2.3