On Fri, Oct 25, 2019 at 2:08 PM Eric Covener <[email protected]> wrote: > > Could the callback behave differently in the omitted case (opt-in)? > That would allow the case where it's explicit to be handled better > OOTB (not even opt-out really)
Nice idea, I suppose I could make the callback check for ->protocol_set == 0 and not switch in this case. The opt-in may not be that useful then, without it (or "off") the default would be the base server's SSLProtocol, while "on" would be whatever SSLProtocol default is? If we don't care about the compatibility of an explicit SSLProtocol (e.g any SSLProtocol specified in my server2 example) which was ignored until now but which suddenly isn't, I can go with that change.
