Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

curlopt_proxy_ssl_verifyhost(3) [mojave man page]

CURLOPT_PROXY_SSL_VERIFYHOST(3) 			     curl_easy_setopt options				   CURLOPT_PROXY_SSL_VERIFYHOST(3)

NAME

       CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify);

DESCRIPTION

       Pass a long set to 2L as asking curl to verify in the HTTPS proxy's certificate name fields against the proxy name.

       This option determines whether libcurl verifies that the proxy cert contains the correct name for the name it is known as.

       When  CURLOPT_PROXY_SSL_VERIFYHOST(3)  is 2, the proxy certificate must indicate that the server is the proxy to which you meant to connect
       to, or the connection fails.

       Curl considers the proxy the intended one when the Common Name field or a Subject Alternate Name field in the certificate matches the  host
       name in the proxy string which you told curl to use.

       When the verify value is 1L, curl_easy_setopt will return an error and the option value will not be changed due to old legacy reasons.

       When the verify value is 0L, the connection succeeds regardless of the names used in the certificate. Use that ability with caution!

       See  also  CURLOPT_PROXY_SSL_VERIFYPEER(3)  to  verify the digital signature of the proxy certificate.  If libcurl is built against NSS and
       CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero, CURLOPT_PROXY_SSL_VERIFYHOST(3) is also set to zero and cannot be overridden.

DEFAULT

       2

PROTOCOLS

       All protocols when used over a HTTPS proxy.

EXAMPLE

       CURL *curl = curl_easy_init();
       if(curl) {
	 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");

	 /* Set the default value: strict name check please */
	 curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);

	 curl_easy_perform(curl);
       }

AVAILABILITY

       Added in 7.52.0.

       If built TLS enabled.

RETURN VALUE

       Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.

       If 1 is set as argument, CURLE_BAD_FUNCTION_ARGUMENT is returned.

SEE ALSO

       CURLOPT_PROXY_SSL_VERIFYPEER(3), CURLOPT_PROXY_CAINFO(3), , CURLOPT_SSL_VERIFYPEER(3), CURLOPT_CAINFO(3), ,

libcurl 7.54.0							 December 16, 2016				   CURLOPT_PROXY_SSL_VERIFYHOST(3)

Check Out this Related Man Page

CURLOPT_PROXY_SSLVERSION(3)				     curl_easy_setopt options				       CURLOPT_PROXY_SSLVERSION(3)

NAME

       CURLOPT_PROXY_SSLVERSION - set preferred proxy TLS/SSL version

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLVERSION, long version);

DESCRIPTION

       Pass a long as parameter to control which version of SSL/TLS to attempt to use when connecting to an HTTPS proxy.

       Use one of the available defines for this purpose. The available options are:

	      CURL_SSLVERSION_DEFAULT
		     The default action. This will attempt to figure out the remote SSL protocol version.

	      CURL_SSLVERSION_TLSv1
		     TLSv1.x

	      CURL_SSLVERSION_TLSv1_0
		     TLSv1.0

	      CURL_SSLVERSION_TLSv1_1
		     TLSv1.1

	      CURL_SSLVERSION_TLSv1_2
		     TLSv1.2

	      CURL_SSLVERSION_TLSv1_3
		     TLSv1.3

	      CURL_SSLVERSION_MAX_DEFAULT
		     The  flag	defines  maximum  supported  TLS  version as TLSv1.2 or default value from SSL library. Only library NSS currently
		     allows to get maximum supported TLS version.  (Added in 7.54.0)

	      CURL_SSLVERSION_MAX_TLSv1_0
		     The flag defines maximum supported TLS version as TLSv1.0.  (Added in 7.54.0)

	      CURL_SSLVERSION_MAX_TLSv1_1
		     The flag defines maximum supported TLS version as TLSv1.1.  (Added in 7.54.0)

	      CURL_SSLVERSION_MAX_TLSv1_2
		     The flag defines maximum supported TLS version as TLSv1.2.  (Added in 7.54.0)

	      CURL_SSLVERSION_MAX_TLSv1_3
		     The flag defines maximum supported TLS version as TLSv1.3.  (Added in 7.54.0)

DEFAULT

       CURL_SSLVERSION_DEFAULT

PROTOCOLS

       All

EXAMPLE

       CURL *curl = curl_easy_init();
       if(curl) {
	 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");

	 /* ask libcurl to use TLS version 1.0 or later */
	 curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1_1 |
			  CURL_SSLVERSION_MAX_DEFAULT);

	 /* Perform the request */
	 curl_easy_perform(curl);
       }

AVAILABILITY

       Added in 7.52.0

RETURN VALUE

       Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

       CURLOPT_USE_SSL(3), CURLOPT_HTTP_VERSION(3), CURLOPT_IPRESOLVE(3) CURLOPT_SSLVERSION(3),

libcurl 7.54.0							 December 13, 2016				       CURLOPT_PROXY_SSLVERSION(3)
Man Page