Enable the TLSv1.3 client in libssl.

This also makes it available to clients that use libtls, including ftp(1) and nc(1). Note that this does not expose additional defines via public headers, which means that any code conditioning on defines like TLS1_3_VERSION or SSL_OP_NO_TLSv1_3 will not enable or use TLSv1.3. This approach is necessary since too many pieces of software assume that if TLS1_3_VERSION is available, other OpenSSL 1.1 API will also be available, which is not necessarily the case. ok beck@ tb@
author: jsing <> 2020-01-22 08:24:25 +0000
committer: jsing <> 2020-01-22 08:24:25 +0000
commit: 5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21 (patch)
tree: df36cc4b0d334b8b04732f81351b0afdd6c7426a /src
parent: 4f26d92ef6c1cbf96978b89f265f7433c4acb9e2 (diff)
download: openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.tar.gz
openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.tar.bz2
openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 6016b4f984..897f92f848 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.249 2020/01/22 07:49:33 beck Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.250 2020/01/22 08:24:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -186,7 +186,8 @@ __BEGIN_HIDDEN_DECLS
 #define s2n(s,c)        ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
                          c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
-/* #define LIBRESSL_HAS_TLS1_3_CLIENT */
+#define LIBRESSL_HAS_TLS1_3_CLIENT
 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER)
 #define LIBRESSL_HAS_TLS1_3
 #endif
author	jsing <>	2020-01-22 08:24:25 +0000
committer	jsing <>	2020-01-22 08:24:25 +0000
commit	5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21 (patch)
tree	df36cc4b0d334b8b04732f81351b0afdd6c7426a /src
parent	4f26d92ef6c1cbf96978b89f265f7433c4acb9e2 (diff)
download	openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.tar.gz openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.tar.bz2 openbsd-5b77cdf79751ec0ec2e3f2b0a0d159d7f16d9e21.zip

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 6016b4f984..897f92f848 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.249 2020/01/22 07:49:33 beck Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.250 2020/01/22 08:24:25 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -186,7 +186,8 @@ __BEGIN_HIDDEN_DECLS
186	#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \	186	#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
187	c[1]=(unsigned char)(((s) )&0xff)),c+=2)	187	c[1]=(unsigned char)(((s) )&0xff)),c+=2)
188		188
189	/* #define LIBRESSL_HAS_TLS1_3_CLIENT */	189	#define LIBRESSL_HAS_TLS1_3_CLIENT
		190
190	#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) \|\| defined(LIBRESSL_HAS_TLS1_3_SERVER)	191	#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) \|\| defined(LIBRESSL_HAS_TLS1_3_SERVER)
191	#define LIBRESSL_HAS_TLS1_3	192	#define LIBRESSL_HAS_TLS1_3
192	#endif	193	#endif