summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2022-01-19 11:42:27 +0100
committerDaniel Stenberg <daniel@haxx.se>2022-01-19 23:30:07 +0100
commitcdb495f743d9154294686b4faf7075ff6b4f1b5a (patch)
treec58b937e4fd4b3027c8050f98f6fc9638319d28c
parentfde0925214c41300b50c8136d35031615ecaa6bb (diff)
downloadcurl-cdb495f743d9154294686b4faf7075ff6b4f1b5a.tar.gz
docs: document HTTP/2 not insisting on TLS 1.2
Both for --http2 and CURLOPT_HTTP_VERSION. Reported-by: jhoyla on github Fixes #8235 Closes #8300
-rw-r--r--docs/cmdline-opts/http2.d4
-rw-r--r--docs/libcurl/opts/CURLOPT_HTTP_VERSION.36
2 files changed, 9 insertions, 1 deletions
diff --git a/docs/cmdline-opts/http2.d b/docs/cmdline-opts/http2.d
index 168b54b2e..f06057508 100644
--- a/docs/cmdline-opts/http2.d
+++ b/docs/cmdline-opts/http2.d
@@ -17,3 +17,7 @@ handshake. curl does this by default.
For HTTP, this means curl will attempt to upgrade the request to HTTP/2 using
the Upgrade: request header.
+
+When curl uses HTTP/2 over HTTPS, it does not itself insist on TLS 1.2 or
+higher even though that is required by the specification. A user can add this
+version requirement with --tlsv1.2.
diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
index cb7c61ea1..bc9e00a36 100644
--- a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
+++ b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -48,6 +48,10 @@ Enforce HTTP 1.1 requests.
Attempt HTTP 2 requests. libcurl will fall back to HTTP 1.1 if HTTP 2 cannot be
negotiated with the server. (Added in 7.33.0)
+When libcurl uses HTTP/2 over HTTPS, it does not itself insist on TLS 1.2 or
+higher even though that is required by the specification. A user can add this
+version requirement with \fICURLOPT_SSLVERSION(3)\fP.
+
The alias \fICURL_HTTP_VERSION_2\fP was added in 7.43.0 to better reflect the
actual protocol name.
.IP CURL_HTTP_VERSION_2TLS