openssl: make the requested TLS version the *minimum* wanted

The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694

3 files changed, 3 insertions, 3 deletions

diff --git a/docs/cmdline-opts/tlsv1.1.d b/docs/cmdline-opts/tlsv1.1.d
index 9bfdc3536..a3c10edba 100644
--- a/docs/cmdline-opts/tlsv1.1.d
+++ b/docs/cmdline-opts/tlsv1.1.d
@@ -3,4 +3,4 @@ Help: Use TLSv1.1
 Protocols: TLS
 Added: 7.34.0
 ---
-Forces curl to use TLS version 1.1 when connecting to a remote TLS server.
+Forces curl to use TLS version 1.1 or later when connecting to a remote TLS server.
diff --git a/docs/cmdline-opts/tlsv1.2.d b/docs/cmdline-opts/tlsv1.2.d
index 6db94dc8d..8879546b7 100644
--- a/docs/cmdline-opts/tlsv1.2.d
+++ b/docs/cmdline-opts/tlsv1.2.d
@@ -3,4 +3,4 @@ Help: Use TLSv1.2
 Protocols: TLS
 Added: 7.34.0
 ---
-Forces curl to use TLS version 1.2 when connecting to a remote TLS server.
+Forces curl to use TLS version 1.2 or later when connecting to a remote TLS server.
diff --git a/docs/cmdline-opts/tlsv1.3.d b/docs/cmdline-opts/tlsv1.3.d
index 123589653..cf32e3928 100644
--- a/docs/cmdline-opts/tlsv1.3.d
+++ b/docs/cmdline-opts/tlsv1.3.d
@@ -3,7 +3,7 @@ Help: Use TLSv1.3
 Protocols: TLS
 Added: 7.52.0
 ---
-Forces curl to use TLS version 1.3 when connecting to a remote TLS server.
+Forces curl to use TLS version 1.3 or later when connecting to a remote TLS server.
 
 Note that TLS 1.3 is only supported by a subset of TLS backends. At the time
 of this writing, they are BoringSSL, NSS, and Secure Transport (on iOS 11 or