diff --git a/README.md b/README.md
index 5f18788..816114b 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ Default support is in bold type.
- [Google(Gmail)](https://gmail.com/) : _TLSv1.3_ draft 23, 28, **final**
- [NSS TLS 1.3(Mozilla)](https://tls13.crypto.mozilla.org/) : _TLSv1.3_ **final**
-[Compatible OpenSSL-1.1.1a (OpenSSL, 22932 commits)](https://github.com/openssl/openssl/tree/d1c28d791a7391a8dc101713cd8646df96491d03)
+[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23063 commits)](https://github.com/openssl/openssl/tree/3a63dbef15b62b121c5df8762f8cb915fb06b27a)
## Patch files
@@ -47,9 +47,9 @@ Here is the basic patch content.
| Patch file name | Patch list |
| :--- | :--- |
| openssl-1.1.1a-tls13_draft.patch | Only for TLS 1.3 draft 23, 26, 28, final support patch. |
-| openssl-equal-1.1.1a.patch
openssl-equal-1.1.2-dev.patch | Support **final (TLS 1.3)**, TLS 1.3 cipher settings **_can not_** be changed on _nginx_. |
-| openssl-equal-1.1.1a_ciphers.patch
openssl-equal-1.1.2-dev_ciphers.patch | Support **final (TLS 1.3)**, TLS 1.3 cipher settings **_can_** be changed on _nginx_. |
-| openssl-1.1.1a-chacha_draft.patch | A draft version of chacha20-poly1305 is available. [View issue](https://github.com/hakasenyang/openssl-patch/issues/1#issuecomment-427554824) |
+| openssl-equal-1.1.1a.patch
openssl-equal-3.0.0-dev.patch | Support **final (TLS 1.3)**, TLS 1.3 cipher settings **_can not_** be changed on _nginx_. |
+| openssl-equal-1.1.1a_ciphers.patch
openssl-equal-3.0.0-dev_ciphers.patch | Support **final (TLS 1.3)**, TLS 1.3 cipher settings **_can_** be changed on _nginx_. |
+| openssl-1.1.1a-chacha_draft.patch
openssl-3.0.0-dev-chacha_draft.patch | A draft version of chacha20-poly1305 is available. [View issue](https://github.com/hakasenyang/openssl-patch/issues/1#issuecomment-427554824) |
| openssl-1.1.1a-tls13_draft.patch | Enable TLS 1.3 draft 23, 26, 28, final. |
| openssl-1.1.1a-tls13_nginx_config.patch | You can set TLS 1.3 ciphere in nginx. ex) TLS13+AESGCM+AES128 |
@@ -82,7 +82,7 @@ Example of setting TLS 1.3 cipher in nginx:
git clone https://github.com/openssl/openssl.git
git clone https://github.com/hakasenyang/openssl-patch.git
cd openssl
-patch -p1 < ../openssl-patch/openssl-equal-1.1.2-dev_ciphers.patch
+patch -p1 < ../openssl-patch/openssl-equal-3.0.0-dev_ciphers.patch
```
And then use --with-openssl in nginx or build after ./config.
@@ -139,6 +139,8 @@ Thanks [@JemmyLoveJenny](https://github.com/hakasenyang/openssl-patch/issues/1#i
### nginx OpenSSL-1.1.x Renegotiation Bugfix
+It has already been patched by nginx >= 1.15.4.
+
Run it from the nginx directory.
``curl https://raw.githubusercontent.com/hakasenyang/openssl-patch/master/nginx_openssl-1.1.x_renegotiation_bugfix.patch | patch -p1``
@@ -157,12 +159,12 @@ ssl_ecdh_curve X25519:P-256:P-384;
ssl_prefer_server_ciphers on;
```
-### OpenSSL-1.1.x (>= 1.1.1a) ciphers (draft 23, 26, 28, final)
+### OpenSSL-1.1.1a, 3.0.0-dev ciphers (draft 23, 26, 28, final)
```
[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES
```
-### OpenSSL-1.1.x_ciphers (>= 1.1.1a) ciphers (draft 23, 26, 28, final)
+### OpenSSL-1.1.1a_ciphers, 3.0.0-dev_ciphers ciphers (draft 23, 26, 28, final)
```
[TLS13+AESGCM+AES128|TLS13+AESGCM+AES256|TLS13+CHACHA20]:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES
```
diff --git a/openssl-1.1.2-dev-chacha_draft.patch b/openssl-3.0.0-dev-chacha_draft.patch
similarity index 97%
rename from openssl-1.1.2-dev-chacha_draft.patch
rename to openssl-3.0.0-dev-chacha_draft.patch
index 483d527..d018445 100644
--- a/openssl-1.1.2-dev-chacha_draft.patch
+++ b/openssl-3.0.0-dev-chacha_draft.patch
@@ -291,7 +291,7 @@ index 590bbe9a13..39a76eb2e1 100644
ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
-index d22956d343..77006675f3 100644
+index 36249b4201..4896155729 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -918,6 +918,7 @@ const EVP_CIPHER *EVP_camellia_256_ctr(void);
@@ -318,7 +318,7 @@ index e977a24c66..280efb665e 100644
#define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 920
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
-index 1e9e8d5721..babce9025d 100644
+index fe2e479028..da1ff8f855 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -125,6 +125,7 @@ extern "C" {
@@ -330,7 +330,7 @@ index 1e9e8d5721..babce9025d 100644
# define SSL_TXT_ARIA "ARIA"
# define SSL_TXT_ARIA_GCM "ARIAGCM"
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
-index e13b5dd4bc..53d43c121e 100644
+index 434dff1500..e1603867d0 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -597,7 +597,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
@@ -372,7 +372,7 @@ index e13b5dd4bc..53d43c121e 100644
# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index 4b9906f215..4821bbf269 100644
+index a5b3dbbfd5..a5a7993065 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2082,6 +2082,54 @@ static SSL_CIPHER ssl3_ciphers[] = {
@@ -431,7 +431,7 @@ index 4b9906f215..4821bbf269 100644
1,
TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
-index 14066d0ea4..0ded2bd6b6 100644
+index bd97c0fdab..020ba7ac63 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -43,7 +43,8 @@
@@ -480,7 +480,7 @@ index 14066d0ea4..0ded2bd6b6 100644
} else if (c->algorithm_mac & SSL_AEAD) {
/* We're supposed to have handled all the AEAD modes above */
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 70e5a1740f..d75ba89a40 100644
+index 98e8e8a46d..d64dd57d78 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -230,12 +230,13 @@
@@ -499,11 +499,11 @@ index 70e5a1740f..d75ba89a40 100644
# define SSL_ARIA (SSL_ARIAGCM)
diff --git a/util/libcrypto.num b/util/libcrypto.num
-index f7d6cb5823..de1a6e7804 100644
+index 964f581667..66d7b47dc3 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
-@@ -4603,3 +4603,4 @@ SRP_user_pwd_new 4556 1_1_2 EXIST::FUNCTION:SRP
- SRP_user_pwd_set_gN 4557 1_1_2 EXIST::FUNCTION:SRP
- SRP_user_pwd_set1_ids 4558 1_1_2 EXIST::FUNCTION:SRP
- SRP_user_pwd_set0_sv 4559 1_1_2 EXIST::FUNCTION:SRP
-+EVP_chacha20_poly1305_draft 4560 1_1_0 EXIST::FUNCTION:CHACHA,POLY1305_DRAFT
+@@ -4608,3 +4608,4 @@ OPENSSL_version_minor 4561 3_0_0 EXIST::FUNCTION:
+ OPENSSL_version_patch 4562 3_0_0 EXIST::FUNCTION:
+ OPENSSL_version_pre_release 4563 3_0_0 EXIST::FUNCTION:
+ OPENSSL_version_build_metadata 4564 3_0_0 EXIST::FUNCTION:
++EVP_chacha20_poly1305_draft 4565 1_1_0 EXIST::FUNCTION:CHACHA,POLY1305_DRAFT
diff --git a/openssl-equal-1.1.2-dev.patch b/openssl-equal-3.0.0-dev.patch
similarity index 98%
rename from openssl-equal-1.1.2-dev.patch
rename to openssl-equal-3.0.0-dev.patch
index c760465..d585575 100644
--- a/openssl-equal-1.1.2-dev.patch
+++ b/openssl-equal-3.0.0-dev.patch
@@ -25,7 +25,7 @@ index 3aea982384..3c93eba0bf 100644
The following lists give the SSL or TLS cipher suites names from the
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
-index 1e9e8d5721..f49e049d90 100644
+index fe2e479028..4d4ed0a0b8 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -173,12 +173,12 @@ extern "C" {
@@ -71,7 +71,7 @@ index 87b295c9f9..d118d8e864 100644
# define SSL_R_UNINITIALIZED 276
# define SSL_R_UNKNOWN_ALERT_TYPE 246
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
-index e13b5dd4bc..779341c948 100644
+index 434dff1500..f90230ff45 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -30,6 +30,16 @@ extern "C" {
@@ -92,7 +92,7 @@ index e13b5dd4bc..779341c948 100644
# define TLS_ANY_VERSION 0x10000
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
-index a11ed483e6..4fd583dd03 100644
+index 30e5dddf82..4f1c2f2bd1 100644
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -173,8 +173,9 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
@@ -108,7 +108,7 @@ index a11ed483e6..4fd583dd03 100644
(unsigned int)rec->length) <= 0
|| EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index 4b9906f215..d6739d97f7 100644
+index a5b3dbbfd5..505c32d18e 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -167,7 +167,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
@@ -352,7 +352,7 @@ index 4b9906f215..d6739d97f7 100644
}
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
-index 14066d0ea4..165f1c83b1 100644
+index bd97c0fdab..add5843bfb 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -190,6 +190,7 @@ typedef struct cipher_order_st {
@@ -795,7 +795,7 @@ index 14066d0ea4..165f1c83b1 100644
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
-index 11331ce41f..cfc770b8d6 100644
+index 7b06878cef..4e03448e95 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -965,6 +965,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -824,7 +824,7 @@ index 11331ce41f..cfc770b8d6 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
-index 087f768b0b..1cc5e6c3a9 100644
+index a709792c21..7cb488d16e 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1115,6 +1115,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
@@ -971,7 +971,7 @@ index 087f768b0b..1cc5e6c3a9 100644
/* Dup the client_CA list */
if (!dup_ca_names(&ret->ca_names, s->ca_names)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 70e5a1740f..d583840984 100644
+index 98e8e8a46d..674f820253 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -741,9 +741,46 @@ typedef struct ssl_ctx_ext_secure_st {
@@ -1073,7 +1073,7 @@ index 70e5a1740f..d583840984 100644
__owur int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
-index ab4dbf6713..745897b638 100644
+index 6e133e026e..f26bc8e879 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -533,8 +533,25 @@ EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
@@ -1120,7 +1120,7 @@ index ab4dbf6713..745897b638 100644
* The only protocol version we support which is valid in this extension in
* a ServerHello is TLSv1.3 therefore we shouldn't be getting anything else.
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
-index 0f2b22392b..6c1ce9813f 100644
+index 6545f5727d..15786a7bfc 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -897,7 +897,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
@@ -1144,10 +1144,10 @@ index 0f2b22392b..6c1ce9813f 100644
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS,
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
-index 4324896f50..d0de7ffe3d 100644
+index 9e68e05ccf..d05fa9f532 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
-@@ -1786,6 +1786,8 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1788,6 +1788,8 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
unsigned int best_vers = 0;
const SSL_METHOD *best_method = NULL;
PACKET versionslist;
@@ -1156,7 +1156,7 @@ index 4324896f50..d0de7ffe3d 100644
suppversions->parsed = 1;
-@@ -1807,6 +1809,23 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1809,6 +1811,23 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
return SSL_R_BAD_LEGACY_VERSION;
while (PACKET_get_net_2(&versionslist, &candidate_vers)) {
@@ -1180,7 +1180,7 @@ index 4324896f50..d0de7ffe3d 100644
if (version_cmp(s, candidate_vers, best_vers) <= 0)
continue;
if (ssl_version_supported(s, candidate_vers, &best_method))
-@@ -1829,6 +1848,9 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1831,6 +1850,9 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
}
check_for_downgrade(s, best_vers, dgrd);
s->version = best_vers;
@@ -1191,7 +1191,7 @@ index 4324896f50..d0de7ffe3d 100644
return 0;
}
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
-index e7c11c4bea..a2a6c1e44e 100644
+index b0dd54903d..1d096858f8 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1744,7 +1744,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1234,7 +1234,7 @@ index e7c11c4bea..a2a6c1e44e 100644
if (cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
-index be3039af38..99c4ddcb41 100644
+index 656fefe896..654271f368 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -65,6 +65,11 @@ static const ssl_trace_tbl ssl_version_tbl[] = {
diff --git a/openssl-equal-1.1.2-dev_ciphers.patch b/openssl-equal-3.0.0-dev_ciphers.patch
similarity index 98%
rename from openssl-equal-1.1.2-dev_ciphers.patch
rename to openssl-equal-3.0.0-dev_ciphers.patch
index 48b9bfa..1cae23c 100644
--- a/openssl-equal-1.1.2-dev_ciphers.patch
+++ b/openssl-equal-3.0.0-dev_ciphers.patch
@@ -50,7 +50,7 @@ index 87b295c9f9..d118d8e864 100644
# define SSL_R_UNINITIALIZED 276
# define SSL_R_UNKNOWN_ALERT_TYPE 246
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
-index e13b5dd4bc..779341c948 100644
+index 434dff1500..f90230ff45 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -30,6 +30,16 @@ extern "C" {
@@ -71,7 +71,7 @@ index e13b5dd4bc..779341c948 100644
# define TLS_ANY_VERSION 0x10000
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
-index a11ed483e6..4fd583dd03 100644
+index 30e5dddf82..4f1c2f2bd1 100644
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -173,8 +173,9 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
@@ -87,7 +87,7 @@ index a11ed483e6..4fd583dd03 100644
(unsigned int)rec->length) <= 0
|| EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index 4b9906f215..de15b9e04e 100644
+index a5b3dbbfd5..6dd4ad4b68 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -31,7 +31,25 @@ const unsigned char tls12downgrade[] = {
@@ -380,7 +380,7 @@ index 4b9906f215..de15b9e04e 100644
}
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
-index 14066d0ea4..dc190fa334 100644
+index bd97c0fdab..eccce1509a 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -190,6 +190,7 @@ typedef struct cipher_order_st {
@@ -830,7 +830,7 @@ index 14066d0ea4..dc190fa334 100644
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
-index 11331ce41f..cfc770b8d6 100644
+index 7b06878cef..4e03448e95 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -965,6 +965,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -859,7 +859,7 @@ index 11331ce41f..cfc770b8d6 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
-index 087f768b0b..1cc5e6c3a9 100644
+index a709792c21..7cb488d16e 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1115,6 +1115,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
@@ -1006,7 +1006,7 @@ index 087f768b0b..1cc5e6c3a9 100644
/* Dup the client_CA list */
if (!dup_ca_names(&ret->ca_names, s->ca_names)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 70e5a1740f..d583840984 100644
+index 98e8e8a46d..674f820253 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -741,9 +741,46 @@ typedef struct ssl_ctx_ext_secure_st {
@@ -1108,7 +1108,7 @@ index 70e5a1740f..d583840984 100644
__owur int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
-index ab4dbf6713..745897b638 100644
+index 6e133e026e..f26bc8e879 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -533,8 +533,25 @@ EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
@@ -1155,7 +1155,7 @@ index ab4dbf6713..745897b638 100644
* The only protocol version we support which is valid in this extension in
* a ServerHello is TLSv1.3 therefore we shouldn't be getting anything else.
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
-index 0f2b22392b..6c1ce9813f 100644
+index 6545f5727d..15786a7bfc 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -897,7 +897,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
@@ -1179,10 +1179,10 @@ index 0f2b22392b..6c1ce9813f 100644
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS,
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
-index 4324896f50..d0de7ffe3d 100644
+index 9e68e05ccf..d05fa9f532 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
-@@ -1786,6 +1786,8 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1788,6 +1788,8 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
unsigned int best_vers = 0;
const SSL_METHOD *best_method = NULL;
PACKET versionslist;
@@ -1191,7 +1191,7 @@ index 4324896f50..d0de7ffe3d 100644
suppversions->parsed = 1;
-@@ -1807,6 +1809,23 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1809,6 +1811,23 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
return SSL_R_BAD_LEGACY_VERSION;
while (PACKET_get_net_2(&versionslist, &candidate_vers)) {
@@ -1215,7 +1215,7 @@ index 4324896f50..d0de7ffe3d 100644
if (version_cmp(s, candidate_vers, best_vers) <= 0)
continue;
if (ssl_version_supported(s, candidate_vers, &best_method))
-@@ -1829,6 +1848,9 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
+@@ -1831,6 +1850,9 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
}
check_for_downgrade(s, best_vers, dgrd);
s->version = best_vers;
@@ -1226,7 +1226,7 @@ index 4324896f50..d0de7ffe3d 100644
return 0;
}
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
-index e7c11c4bea..a2a6c1e44e 100644
+index b0dd54903d..1d096858f8 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1744,7 +1744,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1269,7 +1269,7 @@ index e7c11c4bea..a2a6c1e44e 100644
if (cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
-index be3039af38..99c4ddcb41 100644
+index 656fefe896..654271f368 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -65,6 +65,11 @@ static const ssl_trace_tbl ssl_version_tbl[] = {