mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 16:48:49 -05:00
tls13-docs: mention it is only for OpenSSL >= 1.1.1
Reported-by: Jay Satiro Co-authored-by: Jay Satiro Fixes #3938 Closes #3946
This commit is contained in:
parent
ca09d96574
commit
7e590b3ecd
@ -6,11 +6,12 @@ and
|
|||||||
[`--ciphers`](https://curl.haxx.se/docs/manpage.html#--ciphers)
|
[`--ciphers`](https://curl.haxx.se/docs/manpage.html#--ciphers)
|
||||||
users can control which ciphers to consider when negotiating TLS connections.
|
users can control which ciphers to consider when negotiating TLS connections.
|
||||||
|
|
||||||
TLS 1.3 ciphers are supported since curl 7.61 with options
|
TLS 1.3 ciphers are supported since curl 7.61 for OpenSSL 1.1.1+ with options
|
||||||
[`CURLOPT_TLS13_CIPHERS`](https://curl.haxx.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html)
|
[`CURLOPT_TLS13_CIPHERS`](https://curl.haxx.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html)
|
||||||
and
|
and
|
||||||
[`--tls13-ciphers`](https://curl.haxx.se/docs/manpage.html#--tls13-ciphers)
|
[`--tls13-ciphers`](https://curl.haxx.se/docs/manpage.html#--tls13-ciphers)
|
||||||
.
|
. If you are using a different SSL backend you can try setting TLS 1.3 cipher
|
||||||
|
suites by using the respective regular cipher option.
|
||||||
|
|
||||||
The names of the known ciphers differ depending on which TLS backend that
|
The names of the known ciphers differ depending on which TLS backend that
|
||||||
libcurl was built to use. This is an attempt to list known cipher names.
|
libcurl was built to use. This is an attempt to list known cipher names.
|
||||||
|
@ -9,4 +9,8 @@ ciphers. Read up on TLS 1.3 cipher suite details on this URL:
|
|||||||
|
|
||||||
https://curl.haxx.se/docs/ssl-ciphers.html
|
https://curl.haxx.se/docs/ssl-ciphers.html
|
||||||
|
|
||||||
|
This option is currently used only when curl is built to use OpenSSL 1.1.1 or
|
||||||
|
later. If you are using a different SSL backend you can try setting TLS 1.3
|
||||||
|
cipher suites by using the --proxy-ciphers option.
|
||||||
|
|
||||||
If this option is used several times, the last one will be used.
|
If this option is used several times, the last one will be used.
|
||||||
|
@ -9,4 +9,8 @@ cipher suite details on this URL:
|
|||||||
|
|
||||||
https://curl.haxx.se/docs/ssl-ciphers.html
|
https://curl.haxx.se/docs/ssl-ciphers.html
|
||||||
|
|
||||||
|
This option is currently used only when curl is built to use OpenSSL 1.1.1 or
|
||||||
|
later. If you are using a different SSL backend you can try setting TLS 1.3
|
||||||
|
cipher suites by using the --ciphers option.
|
||||||
|
|
||||||
If this option is used several times, the last one will be used.
|
If this option is used several times, the last one will be used.
|
||||||
|
@ -37,6 +37,10 @@ You'll find more details about cipher lists on this URL:
|
|||||||
|
|
||||||
https://curl.haxx.se/docs/ssl-ciphers.html
|
https://curl.haxx.se/docs/ssl-ciphers.html
|
||||||
|
|
||||||
|
This option is currently used only when curl is built to use OpenSSL 1.1.1 or
|
||||||
|
later. If you are using a different SSL backend you can try setting TLS 1.3
|
||||||
|
cipher suites by using the CURLOPT_PROXY_SSL_CIPHER_LIST option.
|
||||||
|
|
||||||
The application does not have to keep the string around after setting this
|
The application does not have to keep the string around after setting this
|
||||||
option.
|
option.
|
||||||
.SH DEFAULT
|
.SH DEFAULT
|
||||||
|
@ -36,6 +36,10 @@ You'll find more details about cipher lists on this URL:
|
|||||||
|
|
||||||
https://curl.haxx.se/docs/ssl-ciphers.html
|
https://curl.haxx.se/docs/ssl-ciphers.html
|
||||||
|
|
||||||
|
This option is currently used only when curl is built to use OpenSSL 1.1.1 or
|
||||||
|
later. If you are using a different SSL backend you can try setting TLS 1.3
|
||||||
|
cipher suites by using the CURLOPT_SSL_CIPHER_LIST option.
|
||||||
|
|
||||||
The application does not have to keep the string around after setting this
|
The application does not have to keep the string around after setting this
|
||||||
option.
|
option.
|
||||||
.SH DEFAULT
|
.SH DEFAULT
|
||||||
|
@ -335,8 +335,8 @@ static const struct helptxt helptext[] = {
|
|||||||
"SPNEGO proxy service name"},
|
"SPNEGO proxy service name"},
|
||||||
{" --proxy-ssl-allow-beast",
|
{" --proxy-ssl-allow-beast",
|
||||||
"Allow security flaw for interop for HTTPS proxy"},
|
"Allow security flaw for interop for HTTPS proxy"},
|
||||||
{" --proxy-tls13-ciphers <ciphersuite list>",
|
{" --proxy-tls13-ciphers <list>",
|
||||||
"TLS 1.3 proxy cipher suites"},
|
"TLS 1.3 ciphersuites for proxy (OpenSSL)"},
|
||||||
{" --proxy-tlsauthtype <type>",
|
{" --proxy-tlsauthtype <type>",
|
||||||
"TLS authentication type for HTTPS proxy"},
|
"TLS authentication type for HTTPS proxy"},
|
||||||
{" --proxy-tlspassword <string>",
|
{" --proxy-tlspassword <string>",
|
||||||
@ -445,8 +445,8 @@ static const struct helptxt helptext[] = {
|
|||||||
"Transfer based on a time condition"},
|
"Transfer based on a time condition"},
|
||||||
{" --tls-max <VERSION>",
|
{" --tls-max <VERSION>",
|
||||||
"Set maximum allowed TLS version"},
|
"Set maximum allowed TLS version"},
|
||||||
{" --tls13-ciphers <list of TLS 1.3 ciphersuites>",
|
{" --tls13-ciphers <list>",
|
||||||
"TLS 1.3 cipher suites to use"},
|
"TLS 1.3 ciphersuites (OpenSSL)"},
|
||||||
{" --tlsauthtype <type>",
|
{" --tlsauthtype <type>",
|
||||||
"TLS authentication type"},
|
"TLS authentication type"},
|
||||||
{" --tlspassword",
|
{" --tlspassword",
|
||||||
|
Loading…
Reference in New Issue
Block a user