You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am trying to use curl_easy_setopt to specify TLS 1.1 or higher. If I do the following (from the documentation): result = curl_easy_setopt( curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_DEFAULT );
I always get CURLE_BAD_FUNCTION_ARGUMENT. Even if I try any of the other max values.
Looking at setopt, I see the validation is using: if((arg < CURL_SSLVERSION_DEFAULT) || (arg > CURL_SSLVERSION_TLSv1_3))
The problem with that is, the max values are shifted 16bits, so they are always greater than CURL_SSLVERSION_TLSv1_3.
I've submitted #2227 to address the issue you reported. Can you test it please?
The way those MAX values are used needs to be better documented to explain that only one MAX and one regular value can be OR'd together (if I understand it right). Otherwise in my opinion it can lead to user error.