luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b4f9ae5126
curl/docs/libcurl
History
Jay Satiro b4f9ae5126 schannel: fix user-set legacy algorithms in Windows 10 & 11 
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
  use the SCHANNEL_CRED legacy structure to pass the list to Schannel.

- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
  then abort.

Although MS doesn't document it, Schannel will not negotiate TLS 1.3
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
limits the user to earlier versions of TLS.

Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
ignore legacy algorithms in Windows 10 1809 and later.

Reported-by: zhihaoy@users.noreply.github.com

Fixes https://github.com/curl/curl/pull/10741
Closes https://github.com/curl/curl/pull/10746
2023-08-02 03:43:13 -04:00
..
opts schannel: fix user-set legacy algorithms in Windows 10 & 11 2023-08-02 03:43:13 -04:00
.gitignore copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
ABI.md copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
CMakeLists.txt copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
curl_easy_cleanup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_duphandle.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_escape.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_getinfo.3 lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID 2023-06-12 23:53:00 +02:00
curl_easy_header.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_init.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_nextheader.3 curl_easy_nextheader.3: add missing open parenthesis examples 2023-07-08 22:22:17 +02:00
curl_easy_option_by_id.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_option_by_name.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_option_next.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_pause.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_perform.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_recv.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_reset.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_send.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_setopt.3 haproxy: add --haproxy-clientip flag to spoof client IPs 2023-06-05 20:08:37 +02:00
curl_easy_strerror.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_easy_unescape.3 docs/libcurl/curl_*escape.3: rename "url" argument to "input"/"string" 2023-04-26 10:20:04 +02:00
curl_easy_upkeep.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_escape.3 docs/libcurl/curl_*escape.3: rename "url" argument to "input"/"string" 2023-04-26 10:20:04 +02:00
curl_formadd.3 docs/libcurl: minor cleanups 2023-04-26 10:19:48 +02:00
curl_formfree.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_formget.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_free.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_getdate.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_getenv.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_global_cleanup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_global_init_mem.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_global_init.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_global_sslset.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_addpart.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_data_cb.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_data.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_encoder.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_filedata.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_filename.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_free.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_headers.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_init.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_name.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_subparts.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mime_type.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_mprintf.3 curl_mprintf.3: minor fix of the example 2023-06-09 11:29:41 +02:00
curl_multi_add_handle.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_assign.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_cleanup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_fdset.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_info_read.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_init.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_perform.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_poll.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_remove_handle.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_setopt.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_socket_action.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_socket_all.3 The inital early embryos to describe the curl_multi_socket() API. Committed 2005-12-22 15:11:11 +00:00
curl_multi_socket.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_strerror.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_timeout.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_multi_wait.3 curl_multi_wait.3: fix arg quoting to doc macro .BR 2023-07-25 10:29:39 +02:00
curl_multi_wakeup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_pushheader_byname.3 curl_pushheader_byname/bynum.3: document in their own man pages 2023-06-09 14:25:47 +02:00
curl_pushheader_bynum.3 curl_pushheader_byname/bynum.3: document in their own man pages 2023-06-09 14:25:47 +02:00
curl_share_cleanup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_share_init.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_share_setopt.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_share_strerror.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_slist_append.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_slist_free_all.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_strequal.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_strnequal.3 prepend the man3 dir to the file name to work better. 2004-04-02 11:04:34 +00:00
curl_unescape.3 docs/libcurl/curl_*escape.3: rename "url" argument to "input"/"string" 2023-04-26 10:20:04 +02:00
curl_url_cleanup.3 docs: document that curl_url_cleanup(NULL) is a safe no-op 2023-05-19 16:18:21 +02:00
curl_url_dup.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_url_get.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_url_set.3 curl_url_set: enforce the max string length check for all parts 2023-06-08 23:40:08 +02:00
curl_url_strerror.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_url.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_version_info.3 docs/libcurl: minor cleanups 2023-04-26 10:19:48 +02:00
curl_version.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
curl_ws_meta.3 curl_ws_*.3: enhance 2023-06-15 00:05:31 +02:00
curl_ws_recv.3 curl_ws_*.3: enhance 2023-06-15 00:05:31 +02:00
curl_ws_send.3 curl_ws_*.3: enhance 2023-06-15 00:05:31 +02:00
libcurl-easy.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
libcurl-env.3 nss: remove support for this TLS library 2023-07-29 23:44:28 +02:00
libcurl-errors.3 libcurl-errors.3: add CURLUE_OK 2023-07-20 23:36:58 +02:00
libcurl-multi.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
libcurl-security.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
libcurl-share.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
libcurl-thread.3 man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
libcurl-tutorial.3 docs: use a space after RFC when spelling out RFC numbers 2023-07-09 19:13:33 +02:00
libcurl-url.3 libcurl-url.3: also mention CURLUPART_ZONEID 2023-06-14 10:18:14 +02:00
libcurl-ws.3 libcurl-ws.3: mention raw mode 2023-06-18 23:39:51 +02:00
libcurl.3 docs/libcurl/libcurl.3: cleanups and improvements 2023-06-15 08:31:51 +02:00
libcurl.m4 libcurl.m4: remove trailing 'dnl' that causes this to break autoconf 2023-05-28 08:40:33 +02:00
Makefile.am copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
Makefile.inc libcurl-ws.3. WebSocket API overview 2023-06-14 13:14:57 +02:00
mksymbolsmanpage.pl man pages: simplify the .TH sections 2023-04-26 10:17:13 +02:00
symbols-in-versions lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID 2023-06-12 23:53:00 +02:00
symbols.pl copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00