From fa74545e6b1f3d7340a6e6fce5f0f6d89593b01c Mon Sep 17 00:00:00 2001 From: Pirabarlen Cheenaramen Date: Sun, 12 Nov 2017 00:18:30 +0100 Subject: [PATCH] openssl tls v1.3 draft 18 --- doc/manual-src/en/aria2c.rst | 2 +- src/LibsslTLSContext.cc | 2 ++ src/LibsslTLSSession.cc | 6 ++++++ src/OptionHandlerFactory.cc | 2 +- src/TLSContext.h | 1 + src/prefs.cc | 1 + src/prefs.h | 1 + src/util.cc | 3 +++ 8 files changed, 16 insertions(+), 2 deletions(-) diff --git a/doc/manual-src/en/aria2c.rst b/doc/manual-src/en/aria2c.rst index 7d8e048a..28392ea6 100644 --- a/doc/manual-src/en/aria2c.rst +++ b/doc/manual-src/en/aria2c.rst @@ -1477,7 +1477,7 @@ Advanced Options .. option:: --min-tls-version= Specify minimum SSL/TLS version to enable. - Possible Values: ``SSLv3``, ``TLSv1``, ``TLSv1.1``, ``TLSv1.2`` + Possible Values: ``SSLv3``, ``TLSv1``, ``TLSv1.1``, ``TLSv1.2``, ``TLSv1.3`` Default: ``TLSv1`` .. option:: --multiple-interface= diff --git a/src/LibsslTLSContext.cc b/src/LibsslTLSContext.cc index 171e498c..85d2a940 100644 --- a/src/LibsslTLSContext.cc +++ b/src/LibsslTLSContext.cc @@ -112,6 +112,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer) long ver_opts = 0; switch (minVer) { + case TLS_PROTO_TLS13: + ver_opts |= SSL_OP_NO_TLSv1_2; case TLS_PROTO_TLS12: ver_opts |= SSL_OP_NO_TLSv1_1; // fall through diff --git a/src/LibsslTLSSession.cc b/src/LibsslTLSSession.cc index f7024b1c..54235882 100644 --- a/src/LibsslTLSSession.cc +++ b/src/LibsslTLSSession.cc @@ -217,6 +217,12 @@ int OpenSSLTLSSession::handshake(TLSVersion& version) break; #endif // TLS1_2_VERSION +#ifdef TLS1_3_VERSION + case TLS1_3_VERSION: + version = TLS_PROTO_TLS13; + break; +#endif //TLS1_3_VERSION + default: version = TLS_PROTO_NONE; break; diff --git a/src/OptionHandlerFactory.cc b/src/OptionHandlerFactory.cc index 44d1c3bf..ee330872 100644 --- a/src/OptionHandlerFactory.cc +++ b/src/OptionHandlerFactory.cc @@ -514,7 +514,7 @@ std::vector OptionHandlerFactory::createOptionHandlers() { OptionHandler* op(new ParameterOptionHandler( PREF_MIN_TLS_VERSION, TEXT_MIN_TLS_VERSION, A2_V_TLS10, - {A2_V_SSL3, A2_V_TLS10, A2_V_TLS11, A2_V_TLS12})); + {A2_V_SSL3, A2_V_TLS10, A2_V_TLS11, A2_V_TLS12, A2_V_TLS13})); op->addTag(TAG_ADVANCED); handlers.push_back(op); } diff --git a/src/TLSContext.h b/src/TLSContext.h index 2897c774..d3919dbf 100644 --- a/src/TLSContext.h +++ b/src/TLSContext.h @@ -49,6 +49,7 @@ enum TLSVersion { TLS_PROTO_TLS10, TLS_PROTO_TLS11, TLS_PROTO_TLS12, + TLS_PROTO_TLS13, }; class TLSContext { diff --git a/src/prefs.cc b/src/prefs.cc index 937e927d..dc3b1c83 100644 --- a/src/prefs.cc +++ b/src/prefs.cc @@ -154,6 +154,7 @@ const std::string A2_V_SSL3("SSLv3"); const std::string A2_V_TLS10("TLSv1"); const std::string A2_V_TLS11("TLSv1.1"); const std::string A2_V_TLS12("TLSv1.2"); +const std::string A2_V_TLS13("TLSv1.3"); PrefPtr PREF_VERSION = makePref("version"); PrefPtr PREF_HELP = makePref("help"); diff --git a/src/prefs.h b/src/prefs.h index e1f83978..0a9030b4 100644 --- a/src/prefs.h +++ b/src/prefs.h @@ -111,6 +111,7 @@ extern const std::string A2_V_SSL3; extern const std::string A2_V_TLS10; extern const std::string A2_V_TLS11; extern const std::string A2_V_TLS12; +extern const std::string A2_V_TLS13; extern PrefPtr PREF_VERSION; extern PrefPtr PREF_HELP; diff --git a/src/util.cc b/src/util.cc index 40fc55f2..e0318aac 100644 --- a/src/util.cc +++ b/src/util.cc @@ -2129,6 +2129,9 @@ TLSVersion toTLSVersion(const std::string& ver) if (ver == A2_V_TLS12) { return TLS_PROTO_TLS12; } + if (ver == A2_V_TLS13) { + return TLS_PROTO_TLS13; + } return TLS_PROTO_TLS10; } #endif // ENABLE_SSL