Return to CURLOPT_PROXY_SSL_OPTIONS.3 CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / docs / libcurl / opts

Annotation of embedaddon/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3, revision 1.1.1.1

1.1       misho       1: .\" **************************************************************************
                      2: .\" *                                  _   _ ____  _
                      3: .\" *  Project                     ___| | | |  _ \| |
                      4: .\" *                             / __| | | | |_) | |
                      5: .\" *                            | (__| |_| |  _ <| |___
                      6: .\" *                             \___|\___/|_| \_\_____|
                      7: .\" *
                      8: .\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
                      9: .\" *
                     10: .\" * This software is licensed as described in the file COPYING, which
                     11: .\" * you should have received as part of this distribution. The terms
                     12: .\" * are also available at https://curl.haxx.se/docs/copyright.html.
                     13: .\" *
                     14: .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
                     15: .\" * copies of the Software, and permit persons to whom the Software is
                     16: .\" * furnished to do so, under the terms of the COPYING file.
                     17: .\" *
                     18: .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
                     19: .\" * KIND, either express or implied.
                     20: .\" *
                     21: .\" **************************************************************************
                     22: .\"
                     23: .TH CURLOPT_PROXY_SSL_OPTIONS 3 "March 23, 2020" "libcurl 7.70.0" "curl_easy_setopt options"
                     24: 
                     25: .SH NAME
                     26: CURLOPT_PROXY_SSL_OPTIONS \- set proxy SSL behavior options
                     27: .SH SYNOPSIS
                     28: #include <curl/curl.h>
                     29: 
                     30: CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_OPTIONS, long bitmask);
                     31: .SH DESCRIPTION
                     32: Pass a long with a bitmask to tell libcurl about specific SSL
                     33: behaviors. Available bits:
                     34: .IP CURLSSLOPT_ALLOW_BEAST
                     35: Tells libcurl to not attempt to use any workarounds for a security flaw in the
                     36: SSL3 and TLS1.0 protocols.  If this option isn't used or this bit is set to 0,
                     37: the SSL layer libcurl uses may use a work-around for this flaw although it
                     38: might cause interoperability problems with some (older) SSL
                     39: implementations. WARNING: avoiding this work-around lessens the security, and
                     40: by setting this option to 1 you ask for exactly that.  This option is only
                     41: supported for DarwinSSL, NSS and OpenSSL.
                     42: .IP CURLSSLOPT_NO_REVOKE
                     43: Tells libcurl to disable certificate revocation checks for those SSL backends
                     44: where such behavior is present. This option is only supported for Schannel
                     45: (the native Windows SSL library), with an exception in the case of Windows'
                     46: Untrusted Publishers blacklist which it seems can't be bypassed. (Added in
                     47: 7.44.0)
                     48: .IP CURLSSLOPT_NO_PARTIALCHAIN
                     49: Tells libcurl to not accept "partial" certificate chains, which it otherwise
                     50: does by default. This option is only supported for OpenSSL and will fail the
                     51: certificate verification if the chain ends with an intermediate certificate
                     52: and not with a root cert. (Added in 7.68.0)
                     53: 
                     54: .IP CURLSSLOPT_REVOKE_BEST_EFFORT
                     55: Tells libcurl to ignore certificate revocation checks in case of missing or
                     56: offline distribution points for those SSL backends where such behavior is
                     57: present. This option is only supported for Schannel (the native Windows SSL
                     58: library). If combined with \fICURLSSLOPT_NO_REVOKE\fP, the latter takes
                     59: precedence. (Added in 7.70.0)
                     60: .SH DEFAULT
                     61: 0
                     62: .SH PROTOCOLS
                     63: All TLS-based protocols
                     64: .SH AVAILABLE
                     65: Added in 7.52.0
                     66: .SH EXAMPLE
                     67: .nf
                     68: CURL *curl = curl_easy_init();
                     69: if(curl) {
                     70:   curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
                     71:   curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
                     72:   /* weaken TLS only for use with silly proxies */
                     73:   curl_easy_setopt(curl, CURLOPT_PROXY_SSL_OPTIONS, CURLSSLOPT_ALLOW_BEAST |
                     74:                    CURLSSLOPT_NO_REVOKE);
                     75:   ret = curl_easy_perform(curl);
                     76:   curl_easy_cleanup(curl);
                     77: }
                     78: .fi
                     79: .SH RETURN VALUE
                     80: Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
                     81: .SH "SEE ALSO"
                     82: .BR CURLOPT_PROXY_SSLVERSION "(3), " CURLOPT_PROXY_SSL_CIPHER_LIST "(3), "
                     83: .BR CURLOPT_SSLVERSION "(3), " CURLOPT_SSL_CIPHER_LIST "(3), "