http: allow use of TLS 1.3lv/tls-1.3

Add a tlsv1.3 option to http.sslVersion in addition to the existing tlsv1.[012] options. libcurl has supported this since 7.52.0. This requires OpenSSL 1.1.1 with TLS 1.3 enabled or curl built with recent versions of NSS or BoringSSL as the TLS backend. Signed-off-by: Loganaden Velvindron <logan@hackers.mu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Loganaden Velvindron <logan@hackers.mu> 2018-03-29 14:14:18 +0400
committer: Junio C Hamano <gitster@pobox.com> 2018-03-29 13:54:31 -0700
commit: d81b651f56060038a1547f4beb949122533a8165 (patch)
tree: 80d74303a79abee5b450ea25addc9be0bc7dc393
parent: d32eb83c1db7d0a8bb54fe743c6d1dd674d372c5 (diff)
download: git-lv/tls-1.3.tar.gz
2 files changed, 4 insertions, 0 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt
index 0e25b2c92b..ca8d1687cc 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -1948,6 +1948,7 @@ http.sslVersion::
 	- tlsv1.0
 	- tlsv1.1
 	- tlsv1.2
+	- tlsv1.3
 
 +
 Can be overridden by the `GIT_SSL_VERSION` environment variable.
diff --git a/http.c b/http.c
index 32a8238955..4699cf76c9 100644
--- a/http.c
+++ b/http.c
@@ -62,6 +62,9 @@ static struct {
 	{ "tlsv1.1", CURL_SSLVERSION_TLSv1_1 },
 	{ "tlsv1.2", CURL_SSLVERSION_TLSv1_2 },
 #endif
+#if LIBCURL_VERSION_NUM >= 0x073400
+	{ "tlsv1.3", CURL_SSLVERSION_TLSv1_3 },
+#endif
 };
 #if LIBCURL_VERSION_NUM >= 0x070903
 static const char *ssl_key;
author	Loganaden Velvindron <logan@hackers.mu>	2018-03-29 14:14:18 +0400
committer	Junio C Hamano <gitster@pobox.com>	2018-03-29 13:54:31 -0700
commit	d81b651f56060038a1547f4beb949122533a8165 (patch)
tree	80d74303a79abee5b450ea25addc9be0bc7dc393
parent	d32eb83c1db7d0a8bb54fe743c6d1dd674d372c5 (diff)
download	git-lv/tls-1.3.tar.gz