[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Question about --secure-protocol
From: |
Michal Ruprich |
Subject: |
Question about --secure-protocol |
Date: |
Fri, 3 Sep 2021 10:28:56 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 |
Hi,
the manpage for --secure-protocol option states this:
"Specifying SSLv2, SSLv3, TLSv1, TLSv1_1, TLSv1_2 or TLSv1_3 forces the
use of the corresponding protocol."
In reality, when you specify let's say --secure-protocol=TLSv1_2, wget
sends a request to use this protocol AND all higher versions. So in the
negotiation packet, we can see TLSv1_2 and TLSv1_3. In the gnutls.c in
set_prio_default, this is exactly as described, though the description
is confusing then. Maybe it should state that it will force the use of
corresponding protocol and any higher version or something like that.
On related note - is there a way to force wget to use just the one
requested protocol? TLSv1_2 for instance? In case there is a broken
support for TLSv1_3 for some reason?
Thanks and regards,
Michal Ruprich
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Question about --secure-protocol,
Michal Ruprich <=