From d81b651f56060038a1547f4beb949122533a8165 Mon Sep 17 00:00:00 2001 From: Loganaden Velvindron Date: Thu, 29 Mar 2018 14:14:18 +0400 Subject: http: allow use of TLS 1.3 Add a tlsv1.3 option to http.sslVersion in addition to the existing tlsv1.[012] options. libcurl has supported this since 7.52.0. This requires OpenSSL 1.1.1 with TLS 1.3 enabled or curl built with recent versions of NSS or BoringSSL as the TLS backend. Signed-off-by: Loganaden Velvindron Signed-off-by: Junio C Hamano --- Documentation/config.txt | 1 + http.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/Documentation/config.txt b/Documentation/config.txt index 0e25b2c92b..ca8d1687cc 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1948,6 +1948,7 @@ http.sslVersion:: - tlsv1.0 - tlsv1.1 - tlsv1.2 + - tlsv1.3 + Can be overridden by the `GIT_SSL_VERSION` environment variable. diff --git a/http.c b/http.c index 32a8238955..4699cf76c9 100644 --- a/http.c +++ b/http.c @@ -62,6 +62,9 @@ static struct { { "tlsv1.1", CURL_SSLVERSION_TLSv1_1 }, { "tlsv1.2", CURL_SSLVERSION_TLSv1_2 }, #endif +#if LIBCURL_VERSION_NUM >= 0x073400 + { "tlsv1.3", CURL_SSLVERSION_TLSv1_3 }, +#endif }; #if LIBCURL_VERSION_NUM >= 0x070903 static const char *ssl_key; -- cgit v1.2.3