Provided by: libcurl4-doc_7.68.0-1ubuntu2.25_all bug

NAME

       CURLOPT_PROXY_SSL_OPTIONS - set proxy SSL behavior options

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_OPTIONS, long bitmask);

DESCRIPTION

       Pass a long with a bitmask to tell libcurl about specific SSL behaviors.

       CURLSSLOPT_ALLOW_BEAST  tells  libcurl  to  not attempt to use any workarounds for a security flaw in the
       SSL3 and TLS1.0 protocols.  If this option isn't used or this bit is set to 0, the SSL layer libcurl uses
       may  use  a work-around for this flaw although it might cause interoperability problems with some (older)
       SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this  option
       to 1 you ask for exactly that.  This option is only supported for DarwinSSL, NSS and OpenSSL.

       CURLSSLOPT_NO_REVOKE  tells libcurl to disable certificate revocation checks for those SSL backends where
       such behavior is present. This option is only supported for Schannel (the native  Windows  SSL  library),
       with  an  exception  in  the  case  of  Windows'  Untrusted  Publishers blacklist which it seems can't be
       bypassed.

DEFAULT

       0

PROTOCOLS

       All

AVAILABLE

       Added in 7.52.0

EXAMPLE

       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
         curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
         /* weaken TLS only for use with silly proxies */
         curl_easy_setopt(curl, CURLOPT_PROXY_SSL_OPTIONS, CURLSSLOPT_ALLOW_BEAST |
                          CURLSSLOPT_NO_REVOKE);
         ret = curl_easy_perform(curl);
         curl_easy_cleanup(curl);
       }

RETURN VALUE

       Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

       CURLOPT_PROXY_SSLVERSION(3),           CURLOPT_PROXY_SSL_CIPHER_LIST(3),           CURLOPT_SSLVERSION(3),
       CURLOPT_SSL_CIPHER_LIST(3),