cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: curl protocol order

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 7 Oct 2014 11:59:03 +0200 (CEST)

On Tue, 7 Oct 2014, Rokas Adžgauskas wrote:

> lets say webserver accepts SSLv2, SSLv3 and TLS1.0, in what order curl will
> try to use these protocols?

It isn't as easy to answer to as we would like.

First, it depends on what TLS backend your curl uses. Then it also depends on
how your TLS library was built.

In general however: SSLv2 is avoided completely by default, and then the TLS
libraries favor an as late version as possible, so TLS 1.2 will be prefered to
1.1 and 1.1 to 1.0 etc and last SSLv3.

> is it possible to change this 'order'?

With the command line tool you can only select preferred version "family":
TLS1, SSLv3 or SSLv2. (Using --tlsv1, --sslv3 or --sslv2)

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-10-07

This message: [ Message body ]
Next message: Vipul Mehta: "High CPU usage in CURL"
Previous message: Rokas Adžgauskas: "curl protocol order"
In reply to: Rokas Adžgauskas: "curl protocol order"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]