* [PATCH v3] Allow use of TLS 1.3 @ 2018-03-26 9:24 Loganaden Velvindron 2018-03-26 21:38 ` Johannes Schindelin 0 siblings, 1 reply; 3+ messages in thread From: Loganaden Velvindron @ 2018-03-26 9:24 UTC (permalink / raw) To: git Add a tlsv1.3 option to http.sslVersion in addition to the existing tlsv1.[012] options. libcurl has supported this since 7.52.0. Signed-off-by: Loganaden Velvindron <logan@hackers.mu> --- Documentation/config.txt | 1 + http.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/Documentation/config.txt b/Documentation/config.txt index ce9102cea..f31d62772 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1957,6 +1957,7 @@ http.sslVersion:: - tlsv1.0 - tlsv1.1 - tlsv1.2 + - tlsv1.3 + Can be overridden by the `GIT_SSL_VERSION` environment variable. diff --git a/http.c b/http.c index a5bd5d62c..f84b18551 100644 --- a/http.c +++ b/http.c @@ -62,6 +62,9 @@ static struct { { "tlsv1.1", CURL_SSLVERSION_TLSv1_1 }, { "tlsv1.2", CURL_SSLVERSION_TLSv1_2 }, #endif +#if LIBCURL_VERSION_NUM >= 0x073400 + { "tlsv1.3", CURL_SSLVERSION_TLSv1_3 } +#endif }; #if LIBCURL_VERSION_NUM >= 0x070903 static const char *ssl_key; -- 2.16.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v3] Allow use of TLS 1.3 2018-03-26 9:24 [PATCH v3] Allow use of TLS 1.3 Loganaden Velvindron @ 2018-03-26 21:38 ` Johannes Schindelin 2018-03-26 21:46 ` Daniel Stenberg 0 siblings, 1 reply; 3+ messages in thread From: Johannes Schindelin @ 2018-03-26 21:38 UTC (permalink / raw) To: Loganaden Velvindron; +Cc: git Hi Logan, On Mon, 26 Mar 2018, Loganaden Velvindron wrote: > Add a tlsv1.3 option to http.sslVersion in addition to the existing > tlsv1.[012] options. libcurl has supported this since 7.52.0. > > Signed-off-by: Loganaden Velvindron <logan@hackers.mu> Can we *please* also add that OpenSSL 1.1.* is required (or that cURL is built with NSS or BoringSSL as the TLS backend)? See https://public-inbox.org/git/nycvar.QRO.7.76.6.1803240035300.77@ZVAVAG-6OXH6DA.rhebcr.pbec.zvpebfbsg.pbz/ for my original please. I deem this information *really* important because a lot of Git packages are still built against OpenSSL 1.0.2 (e.g. Git for Windows) and *won't* benefit immediately from your patch. Ciao, Johannes ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v3] Allow use of TLS 1.3 2018-03-26 21:38 ` Johannes Schindelin @ 2018-03-26 21:46 ` Daniel Stenberg 0 siblings, 0 replies; 3+ messages in thread From: Daniel Stenberg @ 2018-03-26 21:46 UTC (permalink / raw) To: Johannes Schindelin; +Cc: Loganaden Velvindron, git On Mon, 26 Mar 2018, Johannes Schindelin wrote: > Can we *please* also add that OpenSSL 1.1.* is required (or that cURL is > built with NSS or BoringSSL as the TLS backend)? We might consider adding a way to extract that info from curl to make that work really good for you. There are now six TLS libraries that support TLS 1.3 and it might be hard for git to figure out the exact situation for each library and keep track of these moving targets... -- / daniel.haxx.se ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-03-26 21:46 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2018-03-26 9:24 [PATCH v3] Allow use of TLS 1.3 Loganaden Velvindron 2018-03-26 21:38 ` Johannes Schindelin 2018-03-26 21:46 ` Daniel Stenberg
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).