Correctly handle TLSv1.3 ciphers suites in ssl3_choose_cipher().

Currently, TLSv1.3 cipher suites are filtered out by the fact that
they have authentication and key exchange algorithms that are not
being set in ssl_set_cert_masks(). Fix this so that ssl3_choose_cipher()
works for TLSv1.3, however we also now need to ensure that we filter out
TLSv1.3 for non-TLSv1.3 and only select TLSv1.3 for TLSv1.3.

ok beck@ tb@

1 files changed, 4 insertions, 1 deletions

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 1b141b6e2c..a6bdfaa4a1 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.209 2020/01/23 03:17:40 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.210 2020/01/23 10:40:59 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2006,6 +2006,9 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
                 mask_a |= SSL_aRSA;
 
         mask_a |= SSL_aNULL;
+        mask_a |= SSL_aTLS1_3;
+
+        mask_k |= SSL_kTLS1_3;
 
         /*
          * An ECC certificate may be usable for ECDH and/or