summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorGergely Nagy <ngg@tresorit.com>2013-09-19 15:17:13 +0200
committerDaniel Stenberg <daniel@haxx.se>2013-10-15 20:26:47 +0200
commitad34a2d5c87c7f4b14e8dded34569395de0d8c5b (patch)
treea04f58cee7781e3b0fcf4d5701ccc53f547f8d38 /include
parent31e106c01c594190432c386e3d1de87af6c4f242 (diff)
downloadcurl-ad34a2d5c87c7f4b14e8dded34569395de0d8c5b.tar.gz
SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version (CURL_SSLVERSION_TLSv1 means TLS 1.x). axTLS: axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one of these should be used, so we don't allow the new enum values. darwinssl: Added support for the new enum values. SChannel: Added support for the new enum values. CyaSSL: Added support for the new enum values. Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it did the same before this commit), because CyaSSL cannot be configured to use TLS 1.0-1.2. GSKit: GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow those values. Bugfix: There was a typo that caused wrong SSL versions to be passed to GSKit. NSS: TLS minor version cannot be set, so we don't allow the new enum values. QsoSSL: TLS minor version cannot be set, so we don't allow the new enum values. OpenSSL: Added support for the new enum values. Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0, now it enables 1.0-1.2. Command-line tool: Added command line options for the new values.
Diffstat (limited to 'include')
-rw-r--r--include/curl/curl.h5
1 files changed, 4 insertions, 1 deletions
diff --git a/include/curl/curl.h b/include/curl/curl.h
index 4e09cf728..e3c6bf279 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -1659,9 +1659,12 @@ enum CURL_NETRC_OPTION {
enum {
CURL_SSLVERSION_DEFAULT,
- CURL_SSLVERSION_TLSv1,
+ CURL_SSLVERSION_TLSv1, /* TLS 1.x */
CURL_SSLVERSION_SSLv2,
CURL_SSLVERSION_SSLv3,
+ CURL_SSLVERSION_TLSv1_0,
+ CURL_SSLVERSION_TLSv1_1,
+ CURL_SSLVERSION_TLSv1_2,
CURL_SSLVERSION_LAST /* never use, keep last */
};