Hi All,

Currently i have a client application which sends some data to the server
using CURL library.

Due to SSL3 POODLE vulnerability (
http://security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability),
i was asked to use TLS instead of SSL.

I was wondering how to set these options, could any one help me with which
options i need to set to use TLS instead of SSL.

Currently I have following options set in my application:
---------------------------------------------------------------------------------------------------------------------
/* Set the URL */
curl_easy_setopt(locHandle, CURLOPT_URL, szTmpURL);

/* Set the connection timeout */
curl_easy_setopt(locHandle, CURLOPT_CONNECTTIMEOUT, hostDef.conTimeOut);

/* Set the response timeout */
curl_easy_setopt(locHandle, CURLOPT_TIMEOUT,
hostDef.conTimeOut + hostDef.respTimeOut);

curl_easy_setopt(handle, CURLOPT_NOSIGNAL, 1L);

/* Set the HTTP post option */
curl_easy_setopt(handle, CURLOPT_POST, 1L);

/* Add the headers */
curl_easy_setopt(handle, CURLOPT_HTTPHEADER, headers);

/* Add the debug function */
curl_easy_setopt(handle, CURLOPT_DEBUGFUNCTION, curlDbgFunc);

curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 1L);
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYHOST, 2L);

/* Set the CA certificate */
curl_easy_setopt(handle, CURLOPT_CAINFO, CA_CERT_FILE);

/* Set the write function */
curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, saveResponse);

/* Set the detection as TRUE for HTTP errors */
curl_easy_setopt(handle, CURLOPT_FAILONERROR, PAAS_TRUE);
---------------------------------------------------------------------------------------------------------------------

Please let me know if any more information is required. Thank you for your
time and help.

Regards
Praveen

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-11-13