cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: CURLOPT_SSLVERSION option to force TLS minor version?

From: Frank Meier <frank.meier_at_ergon.ch>
Date: Wed, 28 Mar 2012 17:58:04 +0200

> My resolution was to disable tls1.2 in the CURLOPT_SSL_CTX_FUNCTION
> with SSL_CTX option SSL_OP_NO_TLSv1_2.
>
> Now I thought if there is the easy handle option CURLOPT_SSLVERSION,
> which cannot set the TLS minor version, could this be extended to have
> a config option like CURL_SSLVERSION_TLSv10, v11, v12 to force to an
> explicit TLS minor version?

just found out, if I set CURLOPT_SSLVERSION to CURL_SSLVERSION_TLSv1
then TLS1.0 is used. If I use _DEFAULT it uses TLSv1.2. So my solution
above might be to complicated. But anyway I think a config option to
enforce the TLS version would be nice.
BTW I'm using libcurl 7.24.0 on linux x86_64.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-03-28

This message: [ Message body ]
Next message: Bruce Cartland: "linking libcurl against newly built openssl package gives undefined references"
Previous message: tetetest tetetest: "Re: ftpget.c example error"
In reply to: Frank Meier: "CURLOPT_SSLVERSION option to force TLS minor version?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]