From 03e206d18aebad1fab67d5c0b583169cd9e544df Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 21 Dec 2014 23:25:49 +0100
Subject: [PATCH] openssl: warn for SRP set if SSLv3 is used, not for TLS
 version

... as it requires TLS and it was was left to warn on the default from
when default was SSL...
---
 lib/vtls/openssl.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 4bd7d0aaf..1ad0c9b70 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1653,6 +1653,11 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
 
   switch(data->set.ssl.version) {
   case CURL_SSLVERSION_SSLv3:
+#ifdef USE_TLS_SRP
+    if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
+      infof(data, "Set version TLSv1.x for SRP authorisation\n");
+    }
+#endif
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_TLSv1;
 #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
@@ -1662,11 +1667,6 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
     break;
 
   case CURL_SSLVERSION_DEFAULT:
-#ifdef USE_TLS_SRP
-    if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
-      infof(data, "Set version TLSv1.x for SRP authorisation\n");
-    }
-#endif
   case CURL_SSLVERSION_TLSv1:
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_SSLv3;