aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorGergely Nagy <ngg@tresorit.com>2013-09-19 15:17:13 +0200
committerDaniel Stenberg <daniel@haxx.se>2013-10-15 20:26:47 +0200
commitad34a2d5c87c7f4b14e8dded34569395de0d8c5b (patch)
treea04f58cee7781e3b0fcf4d5701ccc53f547f8d38 /docs
parent31e106c01c594190432c386e3d1de87af6c4f242 (diff)
SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version (CURL_SSLVERSION_TLSv1 means TLS 1.x). axTLS: axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one of these should be used, so we don't allow the new enum values. darwinssl: Added support for the new enum values. SChannel: Added support for the new enum values. CyaSSL: Added support for the new enum values. Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it did the same before this commit), because CyaSSL cannot be configured to use TLS 1.0-1.2. GSKit: GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow those values. Bugfix: There was a typo that caused wrong SSL versions to be passed to GSKit. NSS: TLS minor version cannot be set, so we don't allow the new enum values. QsoSSL: TLS minor version cannot be set, so we don't allow the new enum values. OpenSSL: Added support for the new enum values. Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0, now it enables 1.0-1.2. Command-line tool: Added command line options for the new values.
Diffstat (limited to 'docs')
-rw-r--r--docs/libcurl/curl_easy_setopt.38
-rw-r--r--docs/libcurl/symbols-in-versions3
2 files changed, 10 insertions, 1 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 6c928834e..77fc550e1 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -2417,11 +2417,17 @@ The default action. This will attempt to figure out the remote SSL protocol
version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
by default with 7.18.1).
.IP CURL_SSLVERSION_TLSv1
-Force TLSv1
+Force TLSv1.x
.IP CURL_SSLVERSION_SSLv2
Force SSLv2
.IP CURL_SSLVERSION_SSLv3
Force SSLv3
+.IP CURL_SSLVERSION_TLSv1_0
+Force TLSv1.0
+.IP CURL_SSLVERSION_TLSv1_1
+Force TLSv1.1
+.IP CURL_SSLVERSION_TLSv1_2
+Force TLSv1.2
.RE
.IP CURLOPT_SSL_VERIFYPEER
Pass a long as parameter. By default, curl assumes a value of 1.
diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index 7c362cde7..35b08789c 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -695,6 +695,9 @@ CURL_SSLVERSION_DEFAULT 7.9.2
CURL_SSLVERSION_SSLv2 7.9.2
CURL_SSLVERSION_SSLv3 7.9.2
CURL_SSLVERSION_TLSv1 7.9.2
+CURL_SSLVERSION_TLSv1_0 7.33.0
+CURL_SSLVERSION_TLSv1_1 7.33.0
+CURL_SSLVERSION_TLSv1_2 7.33.0
CURL_TIMECOND_IFMODSINCE 7.9.7
CURL_TIMECOND_IFUNMODSINCE 7.9.7
CURL_TIMECOND_LASTMOD 7.9.7