From 0a65febccf0e31bc987be3f90c01194804e61b77 Mon Sep 17 00:00:00 2001 From: Xiaoyin Liu Date: Sun, 24 Nov 2019 01:29:46 +0800 Subject: [PATCH] schannel: fix --tls-max for when min is --tlsv1 or default Prior to this change schannel ignored --tls-max (CURL_SSLVERSION_MAX_ macros) when --tlsv1 (CURL_SSLVERSION_TLSv1) or default TLS (CURL_SSLVERSION_DEFAULT), using a max of TLS 1.2 always. Closes https://github.com/curl/curl/pull/4633 --- lib/vtls/schannel.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index bbd2fe921..5ab093b38 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -554,10 +554,6 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) switch(conn->ssl_config.version) { case CURL_SSLVERSION_DEFAULT: case CURL_SSLVERSION_TLSv1: - schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT | - SP_PROT_TLS1_1_CLIENT | - SP_PROT_TLS1_2_CLIENT; - break; case CURL_SSLVERSION_TLSv1_0: case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: