cURL 显示 SSLv3 而不是 TLSv1
cURL displays SSLv3 instead of TLSv1
如果 curl_easy_setopt 函数禁用了 SSL,为什么 cURL 7.19 在握手期间显示 SSLv3?
curl_easy_setopt(m_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
cURL 输出:
CURL Info: SSLv3, TLS handshake, Client hello (1):
CURL Info: SSLv3, TLS handshake, Server hello (2):
CURL Info: SSLv3, TLS handshake, CERT (11):
CURL Info: SSLv3, TLS handshake, Server finished (14):
CURL Info: SSLv3, TLS handshake, Client key exchange (16):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSLv3, TLS handshake, Unknown (4):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSL connection using DES-CBC3-SHA
cURL 显示 "SSLv3" 可以吗?
我将引用 my own answer(针对不同的问题):
Curl's debug code (-v) only displays the major version number
(mainly to distinguish between SSLv2 and SSLv3+ types of messages, see
ssl_tls_trace),
so it will still display "SSLv3" when you use TLS 1.0 or above
(because they're effectively SSL v3.1 or above, 3 is the same major
version number).
如果您想确保使用的是正确的版本,您可能应该检查 return value from setopt。
此外,您可以使用跟踪选项来详细查看握手:
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03
第 5 个字节将是主修订号(此处为 03),第 6 个字节将是次要修订号。
- (03, 00) 是 SSLv3
- (03, 01) 是 TLSv1.0
- (03, 02) 是 TLSv1.1
- (03, 03) 是 TLSv1.2
如果 curl_easy_setopt 函数禁用了 SSL,为什么 cURL 7.19 在握手期间显示 SSLv3?
curl_easy_setopt(m_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
cURL 输出:
CURL Info: SSLv3, TLS handshake, Client hello (1):
CURL Info: SSLv3, TLS handshake, Server hello (2):
CURL Info: SSLv3, TLS handshake, CERT (11):
CURL Info: SSLv3, TLS handshake, Server finished (14):
CURL Info: SSLv3, TLS handshake, Client key exchange (16):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSLv3, TLS handshake, Unknown (4):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSL connection using DES-CBC3-SHA
cURL 显示 "SSLv3" 可以吗?
我将引用 my own answer(针对不同的问题):
Curl's debug code (
-v) only displays the major version number (mainly to distinguish between SSLv2 and SSLv3+ types of messages, seessl_tls_trace), so it will still display "SSLv3" when you use TLS 1.0 or above (because they're effectively SSL v3.1 or above, 3 is the same major version number).
如果您想确保使用的是正确的版本,您可能应该检查 return value from setopt。
此外,您可以使用跟踪选项来详细查看握手:
== Info: SSLv3, TLS handshake, Client hello (1): => Send SSL data, 512 bytes (0x200) 0000: 01 00 01 fc 03 03
第 5 个字节将是主修订号(此处为 03),第 6 个字节将是次要修订号。
- (03, 00) 是 SSLv3
- (03, 01) 是 TLSv1.0
- (03, 02) 是 TLSv1.1
- (03, 03) 是 TLSv1.2