Loading docs/curl.1 +2 −1 Original line number Diff line number Diff line Loading @@ -569,7 +569,8 @@ mode where a TLS client will start sending application data before verifying the server's Finished message, thus saving a round trip when performing a full handshake. This is currently only implemented in the NSS backend. This is currently only implemented in the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) backends. (Added in 7.42.0) .IP "-f, --fail" (HTTP) Fail silently (no output at all) on server errors. This is mostly done Loading docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3 +2 −2 Original line number Diff line number Diff line Loading @@ -41,8 +41,8 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc. .SH EXAMPLE TODO .SH AVAILABILITY Added in 7.42.0. This option is currently only supported by the NSS TLS backend. Added in 7.42.0. This option is currently only supported by the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) TLS backends. .SH RETURN VALUE Returns CURLE_OK if false start is supported by the SSL backend, otherwise returns CURLE_NOT_BUILT_IN. lib/vtls/darwinssl.c +12 −1 Original line number Diff line number Diff line Loading @@ -1459,9 +1459,12 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 /* We want to enable 1/n-1 when using a CBC cipher unless the user specifically doesn't want us doing that: */ if(SSLSetSessionOption != NULL) if(SSLSetSessionOption != NULL) { SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord, !data->set.ssl_enable_beast); SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionFalseStart, data->set.ssl.falsestart); /* false start support */ } #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */ /* Check if there's a cached ID we can/should use here! */ Loading Loading @@ -2364,6 +2367,14 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum); } bool Curl_darwinssl_false_start(void) { #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 if(SSLSetSessionOption != NULL) return TRUE; #endif return FALSE; } static ssize_t darwinssl_send(struct connectdata *conn, int sockindex, const void *mem, Loading lib/vtls/darwinssl.h +2 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,7 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ size_t tmplen, unsigned char *md5sum, /* output */ size_t md5len); bool Curl_darwinssl_false_start(void); /* Set the API backend definition to SecureTransport */ #define CURL_SSL_BACKEND CURLSSLBACKEND_DARWINSSL Loading @@ -69,6 +70,7 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ #define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y) #define curlssl_random(x,y,z) ((void)x, Curl_darwinssl_random(y,z)) #define curlssl_md5sum(a,b,c,d) Curl_darwinssl_md5sum(a,b,c,d) #define curlssl_false_start() Curl_darwinssl_false_start() #endif /* USE_DARWINSSL */ #endif /* HEADER_CURL_DARWINSSL_H */ Loading
docs/curl.1 +2 −1 Original line number Diff line number Diff line Loading @@ -569,7 +569,8 @@ mode where a TLS client will start sending application data before verifying the server's Finished message, thus saving a round trip when performing a full handshake. This is currently only implemented in the NSS backend. This is currently only implemented in the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) backends. (Added in 7.42.0) .IP "-f, --fail" (HTTP) Fail silently (no output at all) on server errors. This is mostly done Loading
docs/libcurl/opts/CURLOPT_SSL_FALSESTART.3 +2 −2 Original line number Diff line number Diff line Loading @@ -41,8 +41,8 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc. .SH EXAMPLE TODO .SH AVAILABILITY Added in 7.42.0. This option is currently only supported by the NSS TLS backend. Added in 7.42.0. This option is currently only supported by the NSS and Secure Transport (on iOS 7.0 or later, or OS X 10.9 or later) TLS backends. .SH RETURN VALUE Returns CURLE_OK if false start is supported by the SSL backend, otherwise returns CURLE_NOT_BUILT_IN.
lib/vtls/darwinssl.c +12 −1 Original line number Diff line number Diff line Loading @@ -1459,9 +1459,12 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 /* We want to enable 1/n-1 when using a CBC cipher unless the user specifically doesn't want us doing that: */ if(SSLSetSessionOption != NULL) if(SSLSetSessionOption != NULL) { SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord, !data->set.ssl_enable_beast); SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionFalseStart, data->set.ssl.falsestart); /* false start support */ } #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */ /* Check if there's a cached ID we can/should use here! */ Loading Loading @@ -2364,6 +2367,14 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum); } bool Curl_darwinssl_false_start(void) { #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 if(SSLSetSessionOption != NULL) return TRUE; #endif return FALSE; } static ssize_t darwinssl_send(struct connectdata *conn, int sockindex, const void *mem, Loading
lib/vtls/darwinssl.h +2 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,7 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ size_t tmplen, unsigned char *md5sum, /* output */ size_t md5len); bool Curl_darwinssl_false_start(void); /* Set the API backend definition to SecureTransport */ #define CURL_SSL_BACKEND CURLSSLBACKEND_DARWINSSL Loading @@ -69,6 +70,7 @@ void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ #define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y) #define curlssl_random(x,y,z) ((void)x, Curl_darwinssl_random(y,z)) #define curlssl_md5sum(a,b,c,d) Curl_darwinssl_md5sum(a,b,c,d) #define curlssl_false_start() Curl_darwinssl_false_start() #endif /* USE_DARWINSSL */ #endif /* HEADER_CURL_DARWINSSL_H */
