CURLOPT_SSL_OPTIONS (3) - Linux Manuals

CURLOPT_SSL_OPTIONS: set SSL behavior options

NAME

CURLOPT_SSL_OPTIONS - set SSL behavior options

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_OPTIONS, long bitmask);

DESCRIPTION

Pass a long with a bitmask to tell libcurl about specific SSL behaviors.

CURLSSLOPT_ALLOW_BEAST is the only supported bit and by setting this the user will tell libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that.

DEFAULT

0

PROTOCOLS

All TLS-based protocols

EXAMPLE

TODO

AVAILABILITY

Added in 7.25.0

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

CURLOPT_SSLVERSION(3), CURLOPT_SSL_CIPHER_LIST(3),

Pages related to CURLOPT_SSL_OPTIONS