From 6448f98c1857de521fb2dd3f9d4e5659845b5474 Mon Sep 17 00:00:00 2001 From: Jozef Kralik Date: Tue, 13 Dec 2016 21:10:00 +0100 Subject: vtls: add options to specify range of enabled TLS versions This commit introduces the CURL_SSLVERSION_MAX_* constants as well as the --tls-max option of the curl tool. Closes https://github.com/curl/curl/pull/1166 --- docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3') diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 index f96a9e6c5..85ecdc41f 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 +++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 @@ -46,6 +46,23 @@ TLSv1.1 TLSv1.2 .IP CURL_SSLVERSION_TLSv1_3 TLSv1.3 +.IP CURL_SSLVERSION_MAX_DEFAULT +The flag defines maximum supported TLS version as TLSv1.2 or default +value from SSL library. Only library NSS currently allows to get +maximum supported TLS version. +(Added in 7.54.0) +.IP CURL_SSLVERSION_MAX_TLSv1_0 +The flag defines maximum supported TLS version as TLSv1.0. +(Added in 7.54.0) +.IP CURL_SSLVERSION_MAX_TLSv1_1 +The flag defines maximum supported TLS version as TLSv1.1. +(Added in 7.54.0) +.IP CURL_SSLVERSION_MAX_TLSv1_2 +The flag defines maximum supported TLS version as TLSv1.2. +(Added in 7.54.0) +.IP CURL_SSLVERSION_MAX_TLSv1_3 +The flag defines maximum supported TLS version as TLSv1.3. +(Added in 7.54.0) .RE .SH DEFAULT CURL_SSLVERSION_DEFAULT @@ -58,7 +75,8 @@ if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* ask libcurl to use TLS version 1.0 or later */ - curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1); + curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1_1 | + CURL_SSLVERSION_MAX_DEFAULT); /* Perform the request */ curl_easy_perform(curl); -- cgit v1.2.3