Annotation of embedaddon/curl/docs/libcurl/opts/CURLOPT_SSLVERSION.3, revision 1.1.1.1
1.1 misho 1: .\" **************************************************************************
2: .\" * _ _ ____ _
3: .\" * Project ___| | | | _ \| |
4: .\" * / __| | | | |_) | |
5: .\" * | (__| |_| | _ <| |___
6: .\" * \___|\___/|_| \_\_____|
7: .\" *
8: .\" * Copyright (C) 1998 - 2019, 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
9: .\" *
10: .\" * This software is licensed as described in the file COPYING, which
11: .\" * you should have received as part of this distribution. The terms
12: .\" * are also available at https://curl.haxx.se/docs/copyright.html.
13: .\" *
14: .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15: .\" * copies of the Software, and permit persons to whom the Software is
16: .\" * furnished to do so, under the terms of the COPYING file.
17: .\" *
18: .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19: .\" * KIND, either express or implied.
20: .\" *
21: .\" **************************************************************************
22: .\"
23: .TH CURLOPT_SSLVERSION 3 "October 31, 2019" "libcurl 7.70.0" "curl_easy_setopt options"
24:
25: .SH NAME
26: CURLOPT_SSLVERSION \- set preferred TLS/SSL version
27: .SH SYNOPSIS
28: #include <curl/curl.h>
29:
30: CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version);
31: .SH DESCRIPTION
32: Pass a long as parameter to control which version range of SSL/TLS versions to
33: use.
34:
35: The SSL and TLS versions have typically developed from the most insecure
36: version to be more and more secure in this order through history: SSL v2,
37: SSLv3, TLS v1.0, TLS v1.1, TLS v1.2 and the most recent TLS v1.3.
38:
39: Use one of the available defines for this purpose. The available options are:
40: .RS
41: .IP CURL_SSLVERSION_DEFAULT
42: The default acceptable version range. The minimum acceptable version is by
43: default TLS v1.0 since 7.39.0 (unless the TLS library has a stricter rule).
44: .IP CURL_SSLVERSION_TLSv1
45: TLS v1.0 or later
46: .IP CURL_SSLVERSION_SSLv2
47: SSL v2 (but not SSLv3)
48: .IP CURL_SSLVERSION_SSLv3
49: SSL v3 (but not SSLv2)
50: .IP CURL_SSLVERSION_TLSv1_0
51: TLS v1.0 or later (Added in 7.34.0)
52: .IP CURL_SSLVERSION_TLSv1_1
53: TLS v1.1 or later (Added in 7.34.0)
54: .IP CURL_SSLVERSION_TLSv1_2
55: TLS v1.2 or later (Added in 7.34.0)
56: .IP CURL_SSLVERSION_TLSv1_3
57: TLS v1.3 or later (Added in 7.52.0)
58: .RE
59:
60: The maximum TLS version can be set by using \fIone\fP of the
61: CURL_SSLVERSION_MAX_ macros below. It is also possible to OR \fIone\fP of the
62: CURL_SSLVERSION_ macros with \fIone\fP of the CURL_SSLVERSION_MAX_ macros.
63: The MAX macros are not supported for WolfSSL.
64: .RS
65: .IP CURL_SSLVERSION_MAX_DEFAULT
66: The flag defines the maximum supported TLS version by libcurl, or the default
67: value from the SSL library is used. libcurl will use a sensible default
68: maximum, which was TLS v1.2 up to before 7.61.0 and is TLS v1.3 since then -
69: assuming the TLS library support it. (Added in 7.54.0)
70: .IP CURL_SSLVERSION_MAX_TLSv1_0
71: The flag defines maximum supported TLS version as TLS v1.0.
72: (Added in 7.54.0)
73: .IP CURL_SSLVERSION_MAX_TLSv1_1
74: The flag defines maximum supported TLS version as TLS v1.1.
75: (Added in 7.54.0)
76: .IP CURL_SSLVERSION_MAX_TLSv1_2
77: The flag defines maximum supported TLS version as TLS v1.2.
78: (Added in 7.54.0)
79: .IP CURL_SSLVERSION_MAX_TLSv1_3
80: The flag defines maximum supported TLS version as TLS v1.3.
81: (Added in 7.54.0)
82: .RE
83:
84: In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
85: documented to allow \fIonly\fP the specified TLS version, but behavior was
86: inconsistent depending on the TLS library.
87:
88: .SH DEFAULT
89: CURL_SSLVERSION_DEFAULT
90: .SH PROTOCOLS
91: All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
92: .SH EXAMPLE
93: .nf
94: CURL *curl = curl_easy_init();
95: if(curl) {
96: curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
97:
98: /* ask libcurl to use TLS version 1.0 or later */
99: curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
100:
101: /* Perform the request */
102: curl_easy_perform(curl);
103: }
104: .fi
105: .SH AVAILABILITY
106: SSLv2 is disabled by default since 7.18.1. Other SSL versions availability may
107: vary depending on which backend libcurl has been built to use.
108:
109: SSLv3 is disabled by default since 7.39.0.
110: .SH RETURN VALUE
111: Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
112: .SH "SEE ALSO"
113: .BR CURLOPT_USE_SSL "(3), " CURLOPT_HTTP_VERSION "(3), "
114: .BR CURLOPT_PROXY_SSLVERSION "(3), " CURLOPT_IPRESOLVE "(3) "
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>