-
Brad King authored
Our vendored curl only enables the Secure Transport backend by default (`CURL_SSL_BACKEND=secure-transport`), but it is limited to TLS 1.2. The macOS SDK provides the curl development components, and the corresponding `libcurl.4.dylib` runtime library comes with macOS. On macOS 12 and above, the default `CURL_SSL_BACKEND=openssl` backend seems to be capable of selecting TLS 1.3 at runtime for https connections. Unfortunately the macOS version of curl, even on macOS 14.4, does not accept `CURL_SSLVERSION_TLSv1_3` at runtime to enforce TLS 1.3. However, while our vendored curl accepts the option and passes it to Secure Transport, macOS does not actually enforce it anyway. Fixes: #25870 Fixes: #23701
d3cbee99