diff options
author | Gergely Nagy <ngg@tresorit.com> | 2013-09-19 15:17:13 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2013-10-15 20:26:47 +0200 |
commit | ad34a2d5c87c7f4b14e8dded34569395de0d8c5b (patch) | |
tree | a04f58cee7781e3b0fcf4d5701ccc53f547f8d38 /docs | |
parent | 31e106c01c594190432c386e3d1de87af6c4f242 (diff) |
SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).
axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.
darwinssl:
Added support for the new enum values.
SChannel:
Added support for the new enum values.
CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.
GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.
NSS:
TLS minor version cannot be set, so we don't allow the new enum values.
QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.
OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.
Command-line tool:
Added command line options for the new values.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/libcurl/curl_easy_setopt.3 | 8 | ||||
-rw-r--r-- | docs/libcurl/symbols-in-versions | 3 |
2 files changed, 10 insertions, 1 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 6c928834e..77fc550e1 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -2417,11 +2417,17 @@ The default action. This will attempt to figure out the remote SSL protocol version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled by default with 7.18.1). .IP CURL_SSLVERSION_TLSv1 -Force TLSv1 +Force TLSv1.x .IP CURL_SSLVERSION_SSLv2 Force SSLv2 .IP CURL_SSLVERSION_SSLv3 Force SSLv3 +.IP CURL_SSLVERSION_TLSv1_0 +Force TLSv1.0 +.IP CURL_SSLVERSION_TLSv1_1 +Force TLSv1.1 +.IP CURL_SSLVERSION_TLSv1_2 +Force TLSv1.2 .RE .IP CURLOPT_SSL_VERIFYPEER Pass a long as parameter. By default, curl assumes a value of 1. diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 7c362cde7..35b08789c 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -695,6 +695,9 @@ CURL_SSLVERSION_DEFAULT 7.9.2 CURL_SSLVERSION_SSLv2 7.9.2 CURL_SSLVERSION_SSLv3 7.9.2 CURL_SSLVERSION_TLSv1 7.9.2 +CURL_SSLVERSION_TLSv1_0 7.33.0 +CURL_SSLVERSION_TLSv1_1 7.33.0 +CURL_SSLVERSION_TLSv1_2 7.33.0 CURL_TIMECOND_IFMODSINCE 7.9.7 CURL_TIMECOND_IFUNMODSINCE 7.9.7 CURL_TIMECOND_LASTMOD 7.9.7 |