Use identifier with SSL engine. See \fICURLOPT_SSLENGINE(3)\fP
.IP CURLOPT_SSLENGINE_DEFAULT
Default SSL engine. See \fICURLOPT_SSLENGINE_DEFAULT(3)\fP
+.IP CURLOPT_SSL_FALSESTART
+Enable TLS False Start. See \fICURLOPT_SSL_FALSESTART(3)\fP
.IP CURLOPT_SSLVERSION
SSL version to use. See \fICURLOPT_SSLVERSION(3)\fP
.IP CURLOPT_SSL_VERIFYHOST
--- /dev/null
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SSL_FALSESTART 3 "14 Feb 2015" "libcurl 7.41.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_SSL_FALSESTART \- enable TLS false start
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_FALSESTART, long enable);
+.SH DESCRIPTION
+Pass a long as parameter set to 1 to enable or 0 to disable.
+
+This option determines whether libcurl should use false start during the TLS
+handshake. False start is a mode where a TLS client will start sending
+application data before verifying the server's Finished message, thus saving a
+round trip when performing a full handshake.
+.SH DEFAULT
+0
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.42.0. This option is currently only supported by the NSS TLS
+backend.
+.SH RETURN VALUE
+Returns CURLE_OK if false start is supported by the SSL backend, otherwise
+returns CURLE_NOT_BUILT_IN.
CURLOPT_SSLCERT.3 CURLOPT_SSLCERTTYPE.3 CURLOPT_SSL_CIPHER_LIST.3 \
CURLOPT_SSL_CTX_DATA.3 CURLOPT_SSL_CTX_FUNCTION.3 \
CURLOPT_SSL_ENABLE_ALPN.3 CURLOPT_SSL_ENABLE_NPN.3 CURLOPT_SSLENGINE.3 \
- CURLOPT_SSLENGINE_DEFAULT.3 CURLOPT_SSLKEY.3 CURLOPT_SSLKEYTYPE.3 \
+ CURLOPT_SSLENGINE_DEFAULT.3 CURLOPT_SSL_FALSESTART.3 \
+ CURLOPT_SSLKEY.3 CURLOPT_SSLKEYTYPE.3 \
CURLOPT_SSL_OPTIONS.3 CURLOPT_SSL_SESSIONID_CACHE.3 \
CURLOPT_SSL_VERIFYHOST.3 CURLOPT_SSL_VERIFYPEER.3 \
CURLOPT_SSL_VERIFYSTATUS.3 CURLOPT_SSLVERSION.3 CURLOPT_STDERR.3 \
CURLOPT_SSL_CIPHER_LIST.html CURLOPT_SSL_CTX_DATA.html \
CURLOPT_SSL_CTX_FUNCTION.html CURLOPT_SSL_ENABLE_ALPN.html \
CURLOPT_SSL_ENABLE_NPN.html CURLOPT_SSLENGINE.html \
- CURLOPT_SSLENGINE_DEFAULT.html CURLOPT_SSLKEY.html \
- CURLOPT_SSLKEYTYPE.html CURLOPT_SSL_OPTIONS.html \
+ CURLOPT_SSLENGINE_DEFAULT.html CURLOPT_SSL_FALSESTART.html \
+ CURLOPT_SSLKEY.html CURLOPT_SSLKEYTYPE.html CURLOPT_SSL_OPTIONS.html \
CURLOPT_SSL_SESSIONID_CACHE.html CURLOPT_SSL_VERIFYHOST.html \
CURLOPT_SSL_VERIFYPEER.html CURLOPT_SSL_VERIFYSTATUS.html \
CURLOPT_SSLVERSION.html CURLOPT_STDERR.html CURLOPT_TCP_KEEPALIVE.html \
CURLOPT_SSL_CIPHER_LIST.pdf CURLOPT_SSL_CTX_DATA.pdf \
CURLOPT_SSL_CTX_FUNCTION.pdf CURLOPT_SSL_ENABLE_ALPN.pdf \
CURLOPT_SSL_ENABLE_NPN.pdf CURLOPT_SSLENGINE.pdf \
- CURLOPT_SSLENGINE_DEFAULT.pdf CURLOPT_SSLKEY.pdf \
- CURLOPT_SSLKEYTYPE.pdf CURLOPT_SSL_OPTIONS.pdf \
+ CURLOPT_SSLENGINE_DEFAULT.pdf CURLOPT_SSL_FALSESTART.pdf \
+ CURLOPT_SSLKEY.pdf CURLOPT_SSLKEYTYPE.pdf CURLOPT_SSL_OPTIONS.pdf \
CURLOPT_SSL_SESSIONID_CACHE.pdf CURLOPT_SSL_VERIFYHOST.pdf \
CURLOPT_SSL_VERIFYPEER.pdf CURLOPT_SSL_VERIFYSTATUS.pdf \
CURLOPT_SSLVERSION.pdf CURLOPT_STDERR.pdf CURLOPT_TCP_KEEPALIVE.pdf \
CURLOPT_SSL_CTX_FUNCTION 7.10.6
CURLOPT_SSL_ENABLE_ALPN 7.36.0
CURLOPT_SSL_ENABLE_NPN 7.36.0
+CURLOPT_SSL_FALSESTART 7.42.0
CURLOPT_SSL_OPTIONS 7.25.0
CURLOPT_SSL_SESSIONID_CACHE 7.16.0
CURLOPT_SSL_VERIFYHOST 7.8.1
/* Set if we should verify the certificate status. */
CINIT(SSL_VERIFYSTATUS, LONG, 232),
+ /* Set if we should enable TLS false start. */
+ CINIT(SSL_FALSESTART, LONG, 233),
+
CURLOPT_LASTENTRY /* the last unused */
} CURLoption;
result = CURLE_NOT_BUILT_IN;
#endif
break;
+ case CURLOPT_SSL_FALSESTART:
+ /*
+ * Enable TLS false start.
+ */
+ if(!Curl_ssl_false_start()) {
+ result = CURLE_NOT_BUILT_IN;
+ break;
+ }
+
+ data->set.ssl.falsestart = (0 != va_arg(param, long))?TRUE:FALSE;
+ break;
case CURLOPT_CERTINFO:
#ifdef have_curlssl_certinfo
data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE;
void *fsslctxp; /* parameter for call back */
bool sessionid; /* cache session IDs or not */
bool certinfo; /* gather lots of certificate info */
+ bool falsestart;
#ifdef USE_TLS_SRP
char *username; /* TLS username (for, e.g., SRP) */
#endif
}
+/*
+ * Check whether the SSL backend supports false start.
+ */
+bool Curl_ssl_false_start(void)
+{
+#ifdef curlssl_false_start
+ return curlssl_false_start();
+#else
+ return FALSE;
+#endif
+}
+
#endif /* USE_SSL */
bool Curl_ssl_cert_status_request(void);
+bool Curl_ssl_false_start(void);
+
#define SSL_SHUTDOWN_TIMEOUT 10000 /* ms */
#else
#define Curl_ssl_kill_session(x) Curl_nop_stmt
#define Curl_ssl_random(x,y,z) ((void)x, CURLE_NOT_BUILT_IN)
#define Curl_ssl_cert_status_request() FALSE
+#define Curl_ssl_false_start() FALSE
#endif
#endif /* HEADER_CURL_VTLS_H */
projects / curl / commitdiff