From 6ad3add60654182a747f5971afb40817488ef0e8 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Thu, 27 Oct 2016 14:57:11 +0200 Subject: vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3 Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro --- lib/vtls/darwinssl.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lib/vtls/darwinssl.c') diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 66e74f1ba..6aa30d451 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -1071,6 +1071,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol12); (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12); break; + case CURL_SSLVERSION_TLSv1_3: + failf(data, "TLSv1.3 is not yet supported with this TLS backend"); + return CURLE_SSL_CONNECT_ERROR; case CURL_SSLVERSION_SSLv3: err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3); if(err != noErr) { @@ -1122,6 +1125,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, kTLSProtocol12, true); break; + case CURL_SSLVERSION_TLSv1_3: + failf(data, "TLSv1.3 is not yet supported with this TLS backend"); + return CURLE_SSL_CONNECT_ERROR; case CURL_SSLVERSION_SSLv3: err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocol3, @@ -1160,6 +1166,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, case CURL_SSLVERSION_TLSv1_2: failf(data, "Your version of the OS does not support TLSv1.2"); return CURLE_SSL_CONNECT_ERROR; + case CURL_SSLVERSION_TLSv1_3: + failf(data, "Your version of the OS does not support TLSv1.3"); + return CURLE_SSL_CONNECT_ERROR; case CURL_SSLVERSION_SSLv2: err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocol2, -- cgit v1.2.3