diff options
Diffstat (limited to 'docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html')
| -rw-r--r-- | docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html index aa7d8547..5b0a4a61 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html +++ b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.html @@ -55,7 +55,11 @@ p.roffit { <p class="level0">#include <curl/curl.h> <p class="level0">CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_OPTIONS, long bitmask); <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2> <p class="level0">Pass a long with a bitmask to tell libcurl about specific SSL behaviors. -<p class="level0"><span Class="emphasis">CURLSSLOPT_ALLOW_BEAST</span> is the only supported bit and by setting this the user will tell libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. <a name="DEFAULT"></a><h2 class="nroffsh">DEFAULT</h2> +<p class="level0"><span Class="emphasis">CURLSSLOPT_ALLOW_BEAST</span> tells libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only supported for DarwinSSL, NSS and OpenSSL. +<p class="level0">Added in 7.44.0: +<p class="level0"><span Class="emphasis">CURLSSLOPT_NO_REVOKE</span> tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. <span class="bold">Currently this option is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Publishers blacklist which it seems can't be bypassed.</span> This option may have broader support to accommodate other SSL backends in the future. <a href="http://curl.haxx.se/docs/ssl-compared.html">http://curl.haxx.se/docs/ssl-compared.html</a> +<p class="level0"> +<p class="level0"><a name="DEFAULT"></a><h2 class="nroffsh">DEFAULT</h2> <p class="level0">0 <a name="PROTOCOLS"></a><h2 class="nroffsh">PROTOCOLS</h2> <p class="level0">All TLS-based protocols <a name="EXAMPLE"></a><h2 class="nroffsh">EXAMPLE</h2> <p class="level0">TODO <a name="AVAILABILITY"></a><h2 class="nroffsh">AVAILABILITY</h2> |