Comment 5 for bug 1968467

@jgunthorpe, what if you do something like this, where you create an OPENSSL_CONF that explicitly (re)enables unsafe legacy negotiation? Instead of using /dev/null.

```
$ cat > /tmp/openssl.conf <<EOF
_openssl_conf = openssl_init
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
Options = UnsafeLegacyRenegotiation_
EOF

$ OPENSSL_CONF=/tmp/openssl.conf curl <usual options>
```

That comes from https://github.com/dlenski/gp-saml-gui/issues/42