From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 10 Nov 2016 10:16:25 +0000 (+0100)
Subject: openssl: raise the max_version to 1.3 if asked for
X-Git-Tag: curl-7_52_0~139
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ea80a2dcfcdc280ff412489dc3928600ec76296c;p=thirdparty%2Fcurl.git

openssl: raise the max_version to 1.3 if asked for

Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when
using boringssl.
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 66fa731dd9..74e5915c3f 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1925,6 +1925,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
 
   case CURL_SSLVERSION_TLSv1_3:
 #ifdef TLS1_3_VERSION
+    SSL_CTX_set_max_proto_version(connssl->ctx, TLS1_3_VERSION);
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_SSLv3;
     ctx_options |= SSL_OP_NO_TLSv1;