luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3f7dc8a404
curl/lib/vtls
History
Jan Venekamp 3f7dc8a404
mbedtls: add CURLOPT_TLS13_CIPHERS support 
Bring setting ciphers with mbedTLS in line with other SSL backends,
to make the curl interface more consistent across the backends.

Now the tls1.3 ciphers are set with the --tls13-ciphers option, when
not set the default tls1.3 ciphers are used. The tls1.2 (1.1, 1.0)
ciphers are set with the --ciphers option, when not set the default
tls1.2 ciphers are used. The ciphers available for the connection
are now a union of the tls1.3 and tls1.2 ciphers.

This changes the behaviour for mbedTLS when --ciphers is set, but
--tls13-ciphers is not set. Now the ciphers set with --ciphers
are combined with the default tls1.3 ciphers, whereas before solely
the ciphers of --ciphers were used.

Thus before when no tls1.3 ciphers were specified in --ciphers,
tls1.3 was completely disabled. This might not be what the user
expected, especially as this does not happen with OpenSSL.

Closes #14384
2024-08-05 16:01:20 +02:00
..
bearssl.c bearssl: improve shutdown handling 2024-08-05 08:46:24 +02:00
bearssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
cipher_suite.c vtls: fix MSVC 'cast truncates constant value' warning 2024-08-03 09:22:25 +02:00
cipher_suite.h sectransp: use common code for cipher suite lookup 2024-05-29 13:08:14 +02:00
gtls.c http2: improved upload eos handling 2024-08-05 08:53:55 +02:00
gtls.h connection: shutdown TLS (for FTP) better 2024-06-10 13:08:12 +02:00
hostcheck.c code: language cleanup in comments 2024-07-01 22:58:55 +02:00
hostcheck.h code: language cleanup in comments 2024-07-01 22:58:55 +02:00
keylog.c tls: use shared init code for TCP+QUIC 2024-04-09 09:08:05 +02:00
keylog.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.c mbedtls: properly cleanup the thread-shared entropy 2024-03-12 03:09:37 -04:00
mbedtls_threadlock.h tidy-up: one comment and EOF newlines 2024-03-12 15:38:44 +00:00
mbedtls.c mbedtls: add CURLOPT_TLS13_CIPHERS support 2024-08-05 16:01:20 +02:00
mbedtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
openssl.c openssl: improve shutdown handling 2024-08-05 08:48:06 +02:00
openssl.h openssl: stop duplicate ssl key logging for legacy OpenSSL 2024-05-24 15:22:53 -04:00
rustls.c lib: add eos flag to send methods 2024-08-03 19:53:54 +02:00
rustls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
schannel_int.h code: language cleanup in comments 2024-07-01 22:58:55 +02:00
schannel_verify.c tidy-up: OS names 2024-08-04 19:17:45 +02:00
schannel.c tidy-up: OS names 2024-08-04 19:17:45 +02:00
schannel.h build: do not publish HAVE_BORINGSSL, HAVE_AWSLC macros 2023-10-08 22:29:45 +00:00
sectransp.c tidy-up: OS names 2024-08-04 19:17:45 +02:00
sectransp.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
vtls_int.h vtls: replace addsessionid with set_sessionid 2024-07-09 23:14:58 +02:00
vtls.c vtls: stop offering alpn http/1.1 for http2-prior-knowledge 2024-08-04 17:59:04 -04:00
vtls.h x509asn1: raise size limit for x509 certification information 2024-08-02 23:20:57 +02:00
wolfssl.c wolfssl: improve shutdown handling 2024-08-05 08:49:20 +02:00
wolfssl.h wolfssl: improve shutdown handling 2024-08-05 08:49:20 +02:00
x509asn1.c x509asn1: raise size limit for x509 certification information 2024-08-02 23:20:57 +02:00
x509asn1.h x509asn1: unittests and fixes for gtime2str 2024-07-30 23:08:59 +02:00