diff options
author | Gergely Nagy <ngg@tresorit.com> | 2013-09-19 15:17:13 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2013-10-15 20:26:47 +0200 |
commit | ad34a2d5c87c7f4b14e8dded34569395de0d8c5b (patch) | |
tree | a04f58cee7781e3b0fcf4d5701ccc53f547f8d38 /include | |
parent | 31e106c01c594190432c386e3d1de87af6c4f242 (diff) | |
download | curl-ad34a2d5c87c7f4b14e8dded34569395de0d8c5b.tar.gz |
SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).
axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.
darwinssl:
Added support for the new enum values.
SChannel:
Added support for the new enum values.
CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.
GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.
NSS:
TLS minor version cannot be set, so we don't allow the new enum values.
QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.
OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.
Command-line tool:
Added command line options for the new values.
Diffstat (limited to 'include')
-rw-r--r-- | include/curl/curl.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/curl/curl.h b/include/curl/curl.h index 4e09cf728..e3c6bf279 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1659,9 +1659,12 @@ enum CURL_NETRC_OPTION { enum { CURL_SSLVERSION_DEFAULT, - CURL_SSLVERSION_TLSv1, + CURL_SSLVERSION_TLSv1, /* TLS 1.x */ CURL_SSLVERSION_SSLv2, CURL_SSLVERSION_SSLv3, + CURL_SSLVERSION_TLSv1_0, + CURL_SSLVERSION_TLSv1_1, + CURL_SSLVERSION_TLSv1_2, CURL_SSLVERSION_LAST /* never use, keep last */ }; |