luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
962097b8dd
curl/docs/cmdline-opts/tls-earlydata.md
Stefan Eissing 962097b8dd
TLS: TLSv1.3 earlydata support for curl 
Based on #14135, implement TLSv1.3 earlydata support for the curl
command line, libcurl and its implementation in GnuTLS.

If a known TLS session announces early data support, and the feature is
enabled *and* it is not a "connect-only" transfer, delay the TLS
handshake until the first request is being sent.

- Add --tls-earldata as new boolean command line option for curl.
- Add CURLSSLOPT_EARLYDATA to libcurl to enable use of the feature.
- Add CURLINFO_EARLYDATA_SENT_T to libcurl, reporting the amount of
  bytes sent and accepted/rejected by the server.

Implementation details:
- store the ALPN protocol selected at the SSL session.
- When reusing the session and enabling earlydata, use exactly
  that ALPN protocol for negoptiation with the server. When the
  sessions ALPN does not match the connections ALPN, earlydata
  will not be enabled.
- Check that the server selected the correct ALPN protocol for
  an earlydata connect. If the server does not confirm or reports
  something different, the connect fails.
- HTTP/2: delay sending the initial SETTINGS frames during connect,
  if not connect-only.

Verification:
- add test_02_32 to verify earlydata GET with nghttpx.
- add test_07_70 to verify earlydata PUT with nghttpx.
- add support in 'hx-download', 'hx-upload' clients for the feature

Assisted-by: ad-chaos on github
Closes #15211
2024-10-11 12:28:22 +02:00

1.4 KiB
Raw Blame History

c SPDX-License-Identifier Long Help Protocols Added Category Multi See-also Example
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. curl tls-earlydata Allow use of TLSv1.3 early data (0RTT) TLS 8.11.0 tls boolean
tlsv1.3
tls-max
--tls-earlydata $URL

--tls-earlydata

Enable the use of TLSv1.3 early data, also known as '0RTT' where possible. This has security implications for the requests sent that way.

This option is used when curl is built to use GnuTLS.

If a server supports this TLSv1.3 feature, and to what extent, is announced as part of the TLS "session" sent back to curl. Until curl has seen such a session in a previous request, early data cannot be used.

When a new connection is initiated with a known TLSv1.3 session, and that session announced early data support, the first request on this connection is sent before the TLS handshake is complete. While the early data is also encrypted, it is not protected against replays. An attacker can send your early data to the server again and the server would accept it.

If your request contacts a public server and only retrieves a file, there may be no harm in that. If the first request orders a refrigerator for you, it is probably not a good idea to use early data for it. curl cannot deduce what the security implications of your requests actually are and make this decision for you.

WARNING: this option has security implications. See above for more details.