TLS v1.1 / TLS v1.2 support in RCurl
ETA: Per https://github.com/hiratake55/RForcecom/issues/42, it looks like the author of the rforcecom package has updated rforcecom to use httr instead of RCu
-
RCurl is an interface to libcurl and what it supports depends on the latter. It is possible that your libcurl was built with an older version of OpenSSL which does not have support for TLS v1.1 or v.1.2. Your can determine your SSL version from R like this:
RCurl::curlVersion()$ssl_versionI think that by default (e.g. ssl option
CURL_SSLVERSION_DEFAULT), during the SSL handshake, the server and client would agree on the newest version that they both support. To make it work you would have to update OpenSSL to a newer version, recompile libcurl with it and rebuild RCurl so that it registers the updates.That said, you can enforce a particular ssl version not defined in RCurl by passing the integer value of the required option yourself. The numbers you are looking for can be deduced from the C enum defined in the curl header file on GitHub:
enum { CURL_SSLVERSION_DEFAULT, // 0 CURL_SSLVERSION_TLSv1, /* TLS 1.x */ // 1 CURL_SSLVERSION_SSLv2, // 2 CURL_SSLVERSION_SSLv3, // 3 CURL_SSLVERSION_TLSv1_0, // 4 CURL_SSLVERSION_TLSv1_1, // 5 CURL_SSLVERSION_TLSv1_2, // 6 CURL_SSLVERSION_TLSv1_3, // 7 CURL_SSLVERSION_LAST /* never use, keep last */ // 8 };For example:
# the data of you post request nameValueList = list(data1 = "data1", data2 = "data2") CURL_SSLVERSION_TLSv1_1 <- 5L CURL_SSLVERSION_TLSv1_2 <- 6L # TLS 1.1 opts <- RCurl::curlOptions(verbose = TRUE, sslversion = CURL_SSLVERSION_TLSv1_1, ...) # TLS 1.2 opts <- RCurl::curlOptions(verbose = TRUE, sslversion = CURL_SSLVERSION_TLSv1_2, ...) # finally, POST the data RCurl::postForm(URL, .params = nameValueList, .opts = opts)In general, this may not be a good practice because the authors of cURL could decide to change the values (although I believe chances are low) those options have.
讨论(0)
加载中...
- 热议问题