Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
TLSv1.3 0-RTT support #5450
@duke8253 It's not checked directly, but there're checks of OpenSSL v1.1.1 API on configure.
For some jobs, downloading docker image might be another option.
This completely breaks TLS < v1.3. I think there's some places where you either have to make sure that
for TLS < v1.3 (such that those code paths don't trigger, effectively forcing it turned off for TLS < v1.3). Or, consistently add the checks like
before doing anything that's new and specific to TLS v1.3 / early data. The compile time checks is not enough, since that only checks for availability, you have to be careful not to use this new functionality for TLS versions < 1.3.
zwoop left a comment
Still seeing failures with TLS < v1.3, similar same issue, where the early data code triggers even for a TLS v1.2 connection:
This causes the read() to fail later, since data was consumed prematurely (I think).