mirror of
https://github.com/curl/curl.git
synced 2026-07-04 02:27:18 +03:00
curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
143 lines
3.3 KiB
Markdown
143 lines
3.3 KiB
Markdown
---
|
|
c: Copyright (C) Daniel Stenberg, <daniel.se>, et al.
|
|
SPDX-License-Identifier: curl
|
|
Title: CURLOPT_SSLVERSION
|
|
Section: 3
|
|
Source: libcurl
|
|
See-also:
|
|
- CURLOPT_HTTP_VERSION (3)
|
|
- CURLOPT_IPRESOLVE (3)
|
|
- CURLOPT_PROXY_SSLVERSION (3)
|
|
- CURLOPT_USE_SSL (3)
|
|
---
|
|
|
|
# NAME
|
|
|
|
CURLOPT_SSLVERSION - preferred TLS/SSL version
|
|
|
|
# SYNOPSIS
|
|
|
|
~~~c
|
|
#include <curl/curl.h>
|
|
|
|
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version);
|
|
~~~
|
|
|
|
# DESCRIPTION
|
|
|
|
Pass a long as parameter to control which version range of SSL/TLS versions to
|
|
use.
|
|
|
|
The SSL and TLS versions have typically developed from the most insecure
|
|
version to be more and more secure in this order through history: SSL v2,
|
|
SSLv3, TLS v1.0, TLS v1.1, TLS v1.2 and the most recent TLS v1.3.
|
|
|
|
Use one of the available defines for this purpose. The available options are:
|
|
|
|
## CURL_SSLVERSION_DEFAULT
|
|
|
|
The default acceptable version range. The minimum acceptable version is by
|
|
default TLS v1.0 since 7.39.0 (unless the TLS library has a stricter rule).
|
|
|
|
## CURL_SSLVERSION_TLSv1
|
|
|
|
TLS v1.0 or later
|
|
|
|
## CURL_SSLVERSION_SSLv2
|
|
|
|
SSL v2 - refused
|
|
|
|
## CURL_SSLVERSION_SSLv3
|
|
|
|
SSL v3 - refused
|
|
|
|
## CURL_SSLVERSION_TLSv1_0
|
|
|
|
TLS v1.0 or later (Added in 7.34.0)
|
|
|
|
## CURL_SSLVERSION_TLSv1_1
|
|
|
|
TLS v1.1 or later (Added in 7.34.0)
|
|
|
|
## CURL_SSLVERSION_TLSv1_2
|
|
|
|
TLS v1.2 or later (Added in 7.34.0)
|
|
|
|
## CURL_SSLVERSION_TLSv1_3
|
|
|
|
TLS v1.3 or later (Added in 7.52.0)
|
|
|
|
The maximum TLS version can be set by using *one* of the
|
|
CURL_SSLVERSION_MAX_ macros below. It is also possible to OR *one* of the
|
|
CURL_SSLVERSION_ macros with *one* of the CURL_SSLVERSION_MAX_ macros.
|
|
The MAX macros are not supported for WolfSSL.
|
|
|
|
## CURL_SSLVERSION_MAX_DEFAULT
|
|
|
|
The flag defines the maximum supported TLS version by libcurl, or the default
|
|
value from the SSL library is used. libcurl uses a sensible default maximum,
|
|
which was TLS v1.2 up to before 7.61.0 and is TLS v1.3 since then - assuming
|
|
the TLS library support it. (Added in 7.54.0)
|
|
|
|
## CURL_SSLVERSION_MAX_TLSv1_0
|
|
|
|
The flag defines maximum supported TLS version as TLS v1.0.
|
|
(Added in 7.54.0)
|
|
|
|
## CURL_SSLVERSION_MAX_TLSv1_1
|
|
|
|
The flag defines maximum supported TLS version as TLS v1.1.
|
|
(Added in 7.54.0)
|
|
|
|
## CURL_SSLVERSION_MAX_TLSv1_2
|
|
|
|
The flag defines maximum supported TLS version as TLS v1.2.
|
|
(Added in 7.54.0)
|
|
|
|
## CURL_SSLVERSION_MAX_TLSv1_3
|
|
|
|
The flag defines maximum supported TLS version as TLS v1.3.
|
|
(Added in 7.54.0)
|
|
|
|
In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
|
|
documented to allow *only* the specified TLS version, but behavior was
|
|
inconsistent depending on the TLS library.
|
|
|
|
# DEFAULT
|
|
|
|
CURL_SSLVERSION_DEFAULT
|
|
|
|
# PROTOCOLS
|
|
|
|
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
|
|
|
|
# EXAMPLE
|
|
|
|
~~~c
|
|
int main(void)
|
|
{
|
|
CURL *curl = curl_easy_init();
|
|
if(curl) {
|
|
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
|
|
|
|
/* ask libcurl to use TLS version 1.0 or later */
|
|
curl_easy_setopt(curl, CURLOPT_SSLVERSION, (long)CURL_SSLVERSION_TLSv1);
|
|
|
|
/* Perform the request */
|
|
curl_easy_perform(curl);
|
|
}
|
|
}
|
|
~~~
|
|
|
|
# AVAILABILITY
|
|
|
|
SSLv2 and SSLv3 are refused completely since curl 7.77.0
|
|
|
|
SSLv2 is disabled by default since 7.18.1. Other SSL versions availability may
|
|
vary depending on which backend libcurl has been built to use.
|
|
|
|
SSLv3 is disabled by default since 7.39.0.
|
|
|
|
# RETURN VALUE
|
|
|
|
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
|