luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cfc657a48d
curl/docs/cmdline-opts/tls13-ciphers.md
Wyatt O'Day 6238888ca7 schannel: remove TLS 1.3 ciphersuite-list support 
Drop TLS 1.3 ciphersuite-list support from SChannel because of the
number of bugs in SChannel itself (a closed-source TLS library). TLS 1.3
with SChannel still works, however the ciphersuite negotiation is left
entirely to SChannel.

Bug: https://hackerone.com/reports/2792484
Reported-by: newfunction on hackerone

Fixes https://github.com/curl/curl/issues/15482
Closes https://github.com/curl/curl/pull/15621
2024-11-21 17:09:24 -05:00

799 B
Raw Blame History

c SPDX-License-Identifier Long Arg help Protocols Category Added Multi See-also Example
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. curl tls13-ciphers <list> TLS 1.3 cipher suites to use TLS tls 7.61.0 single
ciphers
proxy-tls13-ciphers
curves
--tls13-ciphers TLS_AES_128_GCM_SHA256 $URL

--tls13-ciphers

Specifies which cipher suites to use in the connection if it negotiates TLS 1.3. The list of ciphers suites must specify valid ciphers. Read up on TLS 1.3 cipher suite details on this URL:

https://curl.se/docs/ssl-ciphers.html

This option is used when curl is built to use OpenSSL 1.1.1 or later, wolfSSL, or mbedTLS 3.6.0 or later.

Before curl 8.10.0 with mbedTLS or wolfSSL, TLS 1.3 cipher suites were set by using the --ciphers option.