From 707b02d256281971f0ebbcee03712c8a3c11c203 Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Wed, 10 Feb 2021 21:06:57 +0900
Subject: Mention ssl_* options as a workaround for SSL error

Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900984
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934493
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953045
---
 url.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/url.c b/url.c
index 9e67e06..4a228be 100644
--- a/url.c
+++ b/url.c
@@ -474,8 +474,11 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 	SSL_free(handle);
     /* FIXME: gettextize? */
     disp_err_message(Sprintf
-		     ("SSL error: %s",
-		      ERR_error_string(ERR_get_error(), NULL))->ptr, FALSE);
+		     ("SSL error: %s"
+#ifdef SSL_CTX_set_min_proto_version
+		      ", a workaround might be: w3m -o ssl_cipher=ALL:@SECLEVEL=0 -o ssl_min_version=TLSv1.0 -o ssl_forbid_method= -o ssl_verify_server=0"
+#endif
+		      , ERR_error_string(ERR_get_error(), NULL))->ptr, FALSE);
     return NULL;
 }
 
-- 
cgit v1.2.3