diff options
author | Daniel Stenberg <daniel@haxx.se> | 2012-02-06 22:25:04 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2012-02-09 22:28:58 +0100 |
commit | 62d15f159e163bf4e1a27ac1b0ffd9b84e02bf56 (patch) | |
tree | 814274226306bf3baeeeef30c5baa2aadd50f9a4 /docs/curl.1 | |
parent | 2a699bc6e94b8223d900e8880ad628aebf17ab6d (diff) |
--ssl-allow-beast added
This new option tells curl to not work around a security flaw in the
SSL3 and TLS1.0 protocols. It uses the new libcurl option
CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.
Diffstat (limited to 'docs/curl.1')
-rw-r--r-- | docs/curl.1 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/curl.1 b/docs/curl.1 index 5bc8f0df8..4520e1b18 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -1259,6 +1259,12 @@ connection if the server doesn't support SSL/TLS. (Added in 7.20.0) This option was formerly known as \fI--ftp-ssl-reqd\fP (added in 7.15.5). That option name can still be used but will be removed in a future version. +.IP "--ssl-allow-beast" +(SSL) This option tells curl to not work around a security flaw in the SSL3 +and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer +may use work-arounds known to cause interoperability problems with some older +SSL implementations. WARNING: this option loosens the SSL security, and by +using this flag you ask for exactly that. (Added in 7.25.0) .IP "--socks4 <host[:port]>" Use the specified SOCKS4 proxy. If the port number is not specified, it is assumed at port 1080. (Added in 7.15.2) |