Hi,

Could it be possible to make libcurl use tls as a default value? One of the
measures is to turn off sslv3 in the server side. However, once this is done,
curl (thru libcurl) has problems accessing a server that is installed
with openssl 1.0 when the curl command is executed from a box that only
has openssl 0.9.

The solution here is of course to do an explicit –tslv1 or -1.
I didn’t had this problem explicityl with curl but with a commercial product called
prince that is dynamically linked with libcurl and for which we don’t have the
source code, just the binary.

My short-term solution was to patch libcurl to make sure the default value
just before the options are read:

  data->set.ssl.version = CURL_SSLVERSION_TLSv1;

This solved our problems with that piece of software.

Here’s more info on this problem as reported elsewhere:

http://stackoverflow.com/questions/8619706/running-curl-with-openssl-0-9-8-against-openssl-1-0-0-server-causes-handshake-er

Hope this helps.

-jose
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-10-22