curlopt_proxy_ssl_options(3) [mojave man page]
CURLOPT_PROXY_SSL_OPTIONS(3) curl_easy_setopt options CURLOPT_PROXY_SSL_OPTIONS(3) NAME
CURLOPT_PROXY_SSL_OPTIONS - set proxy SSL behavior options SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_OPTIONS, long bitmask); DESCRIPTION
Pass a long with a bitmask to tell libcurl about specific SSL behaviors. CURLSSLOPT_ALLOW_BEAST tells libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interop- erability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only supported for DarwinSSL, NSS and OpenSSL. CURLSSLOPT_NO_REVOKE tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. Cur- rently this option is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Pub- lishers blacklist which it seems can't be bypassed. This option may have broader support to accommodate other SSL backends in the future. https://curl.haxx.se/docs/ssl-compared.html DEFAULT
0 PROTOCOLS
All AVAILABLE
Added in 7.52.0 EXAMPLE
TODO RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. SEE ALSO
CURLOPT_PROXY_SSLVERSION(3), CURLOPT_PROXY_SSL_CIPHER_LIST(3), CURLOPT_SSLVERSION(3), CURLOPT_SSL_CIPHER_LIST(3), libcurl 7.54.0 December 16, 2016 CURLOPT_PROXY_SSL_OPTIONS(3)
Check Out this Related Man Page
CURLOPT_PROXY_SSL_VERIFYHOST(3) curl_easy_setopt options CURLOPT_PROXY_SSL_VERIFYHOST(3) NAME
CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify); DESCRIPTION
Pass a long set to 2L as asking curl to verify in the HTTPS proxy's certificate name fields against the proxy name. This option determines whether libcurl verifies that the proxy cert contains the correct name for the name it is known as. When CURLOPT_PROXY_SSL_VERIFYHOST(3) is 2, the proxy certificate must indicate that the server is the proxy to which you meant to connect to, or the connection fails. Curl considers the proxy the intended one when the Common Name field or a Subject Alternate Name field in the certificate matches the host name in the proxy string which you told curl to use. When the verify value is 1L, curl_easy_setopt will return an error and the option value will not be changed due to old legacy reasons. When the verify value is 0L, the connection succeeds regardless of the names used in the certificate. Use that ability with caution! See also CURLOPT_PROXY_SSL_VERIFYPEER(3) to verify the digital signature of the proxy certificate. If libcurl is built against NSS and CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero, CURLOPT_PROXY_SSL_VERIFYHOST(3) is also set to zero and cannot be overridden. DEFAULT
2 PROTOCOLS
All protocols when used over a HTTPS proxy. EXAMPLE
CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* Set the default value: strict name check please */ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L); curl_easy_perform(curl); } AVAILABILITY
Added in 7.52.0. If built TLS enabled. RETURN VALUE
Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not. If 1 is set as argument, CURLE_BAD_FUNCTION_ARGUMENT is returned. SEE ALSO
CURLOPT_PROXY_SSL_VERIFYPEER(3), CURLOPT_PROXY_CAINFO(3), , CURLOPT_SSL_VERIFYPEER(3), CURLOPT_CAINFO(3), , libcurl 7.54.0 December 16, 2016 CURLOPT_PROXY_SSL_VERIFYHOST(3)