git@vger.kernel.org list mirror (unofficial, one of many)
 help / color / mirror / Atom feed
* [PATCH v4] Allow use of TLS 1.3
@ 2018-03-29 10:14 Loganaden Velvindron
  2018-03-29 15:03 ` Johannes Schindelin
  2018-03-29 20:40 ` Junio C Hamano
  0 siblings, 2 replies; 3+ messages in thread
From: Loganaden Velvindron @ 2018-03-29 10:14 UTC (permalink / raw)
  To: git

Add a tlsv1.3 option to http.sslVersion in addition to the existing
tlsv1.[012] options. libcurl has supported this since 7.52.0.

This requires OpenSSL 1.1.1 with TLS 1.3 enabled or curl built with
recent versions of NSS or BoringSSL as the TLS backend.

Signed-off-by: Loganaden Velvindron <logan@hackers.mu>
---
 Documentation/config.txt | 1 +
 http.c                   | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/Documentation/config.txt b/Documentation/config.txt
index ce9102cea..f31d62772 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -1957,6 +1957,7 @@ http.sslVersion::
 	- tlsv1.0
 	- tlsv1.1
 	- tlsv1.2
+	- tlsv1.3
 
 +
 Can be overridden by the `GIT_SSL_VERSION` environment variable.
diff --git a/http.c b/http.c
index a5bd5d62c..f84b18551 100644
--- a/http.c
+++ b/http.c
@@ -62,6 +62,9 @@ static struct {
 	{ "tlsv1.1", CURL_SSLVERSION_TLSv1_1 },
 	{ "tlsv1.2", CURL_SSLVERSION_TLSv1_2 },
 #endif
+#if LIBCURL_VERSION_NUM >= 0x073400
+	{ "tlsv1.3", CURL_SSLVERSION_TLSv1_3 }
+#endif
 };
 #if LIBCURL_VERSION_NUM >= 0x070903
 static const char *ssl_key;
-- 
2.16.2


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH v4] Allow use of TLS 1.3
  2018-03-29 10:14 [PATCH v4] Allow use of TLS 1.3 Loganaden Velvindron
@ 2018-03-29 15:03 ` Johannes Schindelin
  2018-03-29 20:40 ` Junio C Hamano
  1 sibling, 0 replies; 3+ messages in thread
From: Johannes Schindelin @ 2018-03-29 15:03 UTC (permalink / raw)
  To: Loganaden Velvindron; +Cc: git

Hi Logan,

On Thu, 29 Mar 2018, Loganaden Velvindron wrote:

> Add a tlsv1.3 option to http.sslVersion in addition to the existing
> tlsv1.[012] options. libcurl has supported this since 7.52.0.
> 
> This requires OpenSSL 1.1.1 with TLS 1.3 enabled or curl built with
> recent versions of NSS or BoringSSL as the TLS backend.

Thank you,
Johannes

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH v4] Allow use of TLS 1.3
  2018-03-29 10:14 [PATCH v4] Allow use of TLS 1.3 Loganaden Velvindron
  2018-03-29 15:03 ` Johannes Schindelin
@ 2018-03-29 20:40 ` Junio C Hamano
  1 sibling, 0 replies; 3+ messages in thread
From: Junio C Hamano @ 2018-03-29 20:40 UTC (permalink / raw)
  To: Loganaden Velvindron; +Cc: git

Loganaden Velvindron <logan@hackers.mu> writes:

> diff --git a/http.c b/http.c
> index a5bd5d62c..f84b18551 100644
> --- a/http.c
> +++ b/http.c
> @@ -62,6 +62,9 @@ static struct {
>  	{ "tlsv1.1", CURL_SSLVERSION_TLSv1_1 },
>  	{ "tlsv1.2", CURL_SSLVERSION_TLSv1_2 },
>  #endif
> +#if LIBCURL_VERSION_NUM >= 0x073400
> +	{ "tlsv1.3", CURL_SSLVERSION_TLSv1_3 }

Looks OK to me, except one minor nit.

I'll add a trailing comma for this entry while queuing, so that a
future patch to add tlsv1.4 or whatever won't have to worry about
it.

Thanks.

> +#endif
>  };
>  #if LIBCURL_VERSION_NUM >= 0x070903
>  static const char *ssl_key;

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2018-03-29 20:40 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-29 10:14 [PATCH v4] Allow use of TLS 1.3 Loganaden Velvindron
2018-03-29 15:03 ` Johannes Schindelin
2018-03-29 20:40 ` Junio C Hamano

git@vger.kernel.org list mirror (unofficial, one of many)

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://public-inbox.org/git
	git clone --mirror http://ou63pmih66umazou.onion/git
	git clone --mirror http://czquwvybam4bgbro.onion/git
	git clone --mirror http://hjrcffqmbrq6wope.onion/git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 git git/ https://public-inbox.org/git \
		git@vger.kernel.org
	public-inbox-index git

Example config snippet for mirrors.
Newsgroups are available over NNTP:
	nntp://news.public-inbox.org/inbox.comp.version-control.git
	nntp://ou63pmih66umazou.onion/inbox.comp.version-control.git
	nntp://czquwvybam4bgbro.onion/inbox.comp.version-control.git
	nntp://hjrcffqmbrq6wope.onion/inbox.comp.version-control.git
	nntp://news.gmane.io/gmane.comp.version-control.git
 note: .onion URLs require Tor: https://www.torproject.org/

code repositories for the project(s) associated with this inbox:

	https://80x24.org/mirrors/git.git

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git