docs: Explain behavior change in --tlsv1. options since 7.54

Since 7.54 --tlsv1. options use the specified version or later, however
older versions of curl documented it as using just the specified version
which may or may not have happened depending on the TLS library.
Document this discrepancy to allay confusion for users familiar with the
old documentation that expect just the specified version.

Fixes https://github.com/curl/curl/issues/4097
Closes https://github.com/curl/curl/pull/4119

5 files changed, 22 insertions, 0 deletions

diff --git a/docs/cmdline-opts/tlsv1.0.d b/docs/cmdline-opts/tlsv1.0.d
index 312b67b3f..2b1f0156a 100644
--- a/docs/cmdline-opts/tlsv1.0.d
+++ b/docs/cmdline-opts/tlsv1.0.d
@@ -4,3 +4,7 @@ Protocols: TLS
 Added: 7.34.0
 ---
 Forces curl to use TLS version 1.0 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.0,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/cmdline-opts/tlsv1.1.d b/docs/cmdline-opts/tlsv1.1.d
index 8182ac6d5..405d552bb 100644
--- a/docs/cmdline-opts/tlsv1.1.d
+++ b/docs/cmdline-opts/tlsv1.1.d
@@ -4,3 +4,7 @@ Protocols: TLS
 Added: 7.34.0
 ---
 Forces curl to use TLS version 1.1 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.1,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/cmdline-opts/tlsv1.2.d b/docs/cmdline-opts/tlsv1.2.d
index 7ba440225..bdf1fcf62 100644
--- a/docs/cmdline-opts/tlsv1.2.d
+++ b/docs/cmdline-opts/tlsv1.2.d
@@ -4,3 +4,7 @@ Protocols: TLS
 Added: 7.34.0
 ---
 Forces curl to use TLS version 1.2 or later when connecting to a remote TLS server.
+
+In old versions of curl this option was documented to allow _only_ TLS 1.2,
+but behavior was inconsistent depending on the TLS library. Use --tls-max if
+you want to set a maximum TLS version.
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
index 9dc69959c..204a7a997 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3
@@ -69,6 +69,11 @@ The flag defines maximum supported TLS version as TLSv1.2.
 The flag defines maximum supported TLS version as TLSv1.3.
 (Added in 7.54.0)
 .RE
+
+In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
+documented to allow \fIonly\fP the specified TLS version, but behavior was
+inconsistent depending on the TLS library.
+
 .SH DEFAULT
 CURL_SSLVERSION_DEFAULT
 .SH PROTOCOLS
diff --git a/docs/libcurl/opts/CURLOPT_SSLVERSION.3 b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
index 42ef20abc..354b004e6 100644
--- a/docs/libcurl/opts/CURLOPT_SSLVERSION.3
+++ b/docs/libcurl/opts/CURLOPT_SSLVERSION.3
@@ -79,6 +79,11 @@ The flag defines maximum supported TLS version as TLS v1.2.
 The flag defines maximum supported TLS version as TLS v1.3.
 (Added in 7.54.0)
 .RE
+
+In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
+documented to allow \fIonly\fP the specified TLS version, but behavior was
+inconsistent depending on the TLS library.
+
 .SH DEFAULT
 CURL_SSLVERSION_DEFAULT
 .SH PROTOCOLS