Question about --secure-protocol

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question about --secure-protocol

From:	Michal Ruprich
Subject:	Question about --secure-protocol
Date:	Fri, 3 Sep 2021 10:28:56 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1

Hi,

the manpage for --secure-protocol option states this:

"Specifying SSLv2, SSLv3, TLSv1, TLSv1_1, TLSv1_2 or TLSv1_3 forces the
use of the corresponding protocol."

In reality, when you specify let's say --secure-protocol=TLSv1_2, wget
sends a request to use this protocol AND all higher versions. So in the
negotiation packet, we can see TLSv1_2 and TLSv1_3. In the gnutls.c in
set_prio_default, this is exactly as described, though the description
is confusing then. Maybe it should state that it will force the use of
corresponding protocol and any higher version or something like that.

On related note - is there a way to force wget to use just the one
requested protocol? TLSv1_2 for instance? In case there is a broken
support for TLSv1_3 for some reason?

Thanks and regards,

Michal Ruprich

[Prev in Thread]

Current Thread

[Next in Thread]

Question about --secure-protocol, Michal Ruprich <=

Prev by Date: bug report
Next by Date: Re: Relative links for wget2
Previous by thread: bug report
Next by thread: Re: Relative links for wget2
Index(es):
- Date
- Thread