如果 curl_easy_setopt 函数禁用了 SSL,为什么 cURL 7.19 在握手期间显示 SSLv3?
curl_easy_setopt(m_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
cURL 输出:
CURL Info: SSLv3, TLS handshake, Client hello (1):
CURL Info: SSLv3, TLS handshake, Server hello (2):
CURL Info: SSLv3, TLS handshake, CERT (11):
CURL Info: SSLv3, TLS handshake, Server finished (14):
CURL Info: SSLv3, TLS handshake, Client key exchange (16):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSLv3, TLS handshake, Unknown (4):
CURL Info: SSLv3, TLS change cipher, Client hello (1):
CURL Info: SSLv3, TLS handshake, Finished (20):
CURL Info: SSL connection using DES-CBC3-SHA
cURL 显示“SSLv3”可以吗?
最佳答案
我会引用 my own answer (针对不同的问题):
Curl's debug code (
-v) only displays the major version number (mainly to distinguish between SSLv2 and SSLv3+ types of messages, seessl_tls_trace), so it will still display "SSLv3" when you use TLS 1.0 or above (because they're effectively SSL v3.1 or above, 3 is the same major version number).
如果你想确保你使用的是正确的版本,你应该检查 return value from setopt .
此外,您可以使用跟踪选项来详细查看握手:
== Info: SSLv3, TLS handshake, Client hello (1): => Send SSL data, 512 bytes (0x200) 0000: 01 00 01 fc 03 03
第 5 个字节将是主修订号(此处为 03),第 6 个字节将是次要修订号。
- (03, 00) 是 SSLv3
- (03, 01) 是 TLSv1.0
- (03, 02) 是 TLSv1.1
- (03, 03) 是 TLSv1.2
关于c++ - cURL 显示 SSLv3 而不是 TLSv1,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28240088/