Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

curl: ignore options asking for SSLv2 or SSLv3 #6772

Closed
wants to merge 1 commit into from

Conversation

@bagder
Copy link
Member

@bagder bagder commented Mar 22, 2021

Instead output a warning about it and continue with the defaults.

These SSL versions are typically not supported by the TLS libraries since a
long time back already since they are inherently insecure and broken. Asking
for them to be used will just cause an error to be returned slightly later.

In the unlikely event that a user's TLS library actually still supports these
protocol versions, this change might make the request a little less insecure.

Instead output a warning about it and continue with the defaults.

These SSL versions are typically not supported by the TLS libraries since a
long time back already since they are inherently insecure and broken. Asking
for them to be used will just cause an error to be returned slightly later.

In the unlikely event that a user's TLS library actually still supports these
protocol versions, this change might make the request a little less insecure.
@bagder bagder closed this in cf65d42 Apr 19, 2021
@bagder bagder deleted the bagder/curl-ssl-ignored branch Apr 19, 2021
@divinity76
Copy link
Contributor

@divinity76 divinity76 commented Jun 19, 2021

FWIW the last time i actually used this (2019 i think?) i was using it to talk to some ancient un-upgradable Dell iDRAC (or DRAC?) servers from 2008ish;

don't know what other people are using it for, but some must be, because i just got this email
image

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants