generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

--ssl-allow-beast added

Browse Source 
This new option tells curl to not work around a security flaw in the
SSL3 and TLS1.0 protocols. It uses the new libcurl option
CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.
This commit is contained in:
Daniel Stenberg
2012-02-06 22:25:04 +01:00
parent 2a699bc6e9
commit 62d15f159e
5 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/curl.1
View File

@@ -1259,6 +1259,12 @@ connection if the server doesn't support SSL/TLS. (Added in 7.20.0)
This option was formerly known as \fI--ftp-ssl-reqd\fP (added in 7.15.5). That
option name can still be used but will be removed in a future version.
.IP "--ssl-allow-beast"
(SSL) This option tells curl to not work around a security flaw in the SSL3
and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer
may use work-arounds known to cause interoperability problems with some older
SSL implementations. WARNING: this option loosens the SSL security, and by
using this flag you ask for exactly that. (Added in 7.25.0)
.IP "--socks4 <host[:port]>"
Use the specified SOCKS4 proxy. If the port number is not specified, it is
assumed at port 1080. (Added in 7.15.2)