curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Fwd: curl not sending DHE cipher suites in the outgoing ClientHello

From: M K Saravanan via curl-users <curl-users_at_lists.haxx.se>
Date: Wed, 17 Nov 2021 14:49:16 +0800

Hi,

Today while testing something, I accidentally noticed that curl is not
sending any of the DHE cipher suites (my test needed DHE testing) in
the outgoing ClientHello (I believe for security reasons it prefers
ECDHE may be, to enforce PFS). See screenshot below:
https://www.dropbox.com/s/ehr99r1pitnryep/curl-clienthello-withoutdhe.png


What should I do to enable DHE cipher suite support in curl?

$ curl -V
curl 7.69.0-DEV (x86_64-pc-linux-gnu) libcurl/7.69.0-DEV BoringSSL
zlib/1.2.11 brotli/1.0.4 libidn2/2.0.4 nghttp2/1.30.0 quiche/0.2.0
librtmp/2.3
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HTTP2 HTTP3 HTTPS-proxy IDN IPv6
Largefile libz NTLM NTLM_WB SSL UnixSockets


with regards,
Saravanan
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-users
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2021-11-17