TLS1_3_VERSION
return (min_ver <= TLS1_3_VERSION && TLS1_3_VERSION <= max_ver);
if (s->tls13 != NULL && s->version == TLS1_3_VERSION) {
if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION)
if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION)
case TLS1_3_VERSION:
.version = TLS1_3_VERSION,
.max_tls_version = TLS1_3_VERSION,
.version = TLS1_3_VERSION,
.max_tls_version = TLS1_3_VERSION,
if (version == TLS1_3_VERSION)
if (tls_version >= TLS1_3_VERSION) {
if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION)
if (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION &&
if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION &&
if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION) {
if (ssl_effective_tls_version(s) >= TLS1_3_VERSION) {
return (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION);
s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
if (s->s3->hs.our_max_tls_version < TLS1_3_VERSION)
return (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION &&
if (s->s3->hs.tls13.server_version >= TLS1_3_VERSION &&
return (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION);
return (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION);
return CBB_add_u16(cbb, TLS1_3_VERSION);
if (selected_version < TLS1_3_VERSION) {
return (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION &&
return (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION &&
(s->s3->hs.our_max_tls_version >= TLS1_3_VERSION);
s->s3->hs.our_max_tls_version >= TLS1_3_VERSION);
if (tls_version >= TLS1_3_VERSION &&
if (tls_version >= TLS1_3_VERSION && is_server &&
if (tls_version >= TLS1_3_VERSION &&
return (s->s3->hs.negotiated_tls_version < TLS1_3_VERSION &&
return (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION);
if (ssl_effective_tls_version(s) < TLS1_3_VERSION)
max_version = TLS1_3_VERSION;
min_version = TLS1_3_VERSION;
if ((options & SSL_OP_NO_TLSv1_3) && min_version < TLS1_3_VERSION)
if (max_version < TLS1_3_VERSION)
if (min_version < TLS1_3_VERSION)
min_version = TLS1_3_VERSION;
version == TLS1_2_VERSION || version == TLS1_3_VERSION)
if (peer_tls_version >= TLS1_3_VERSION)
shared_version = TLS1_3_VERSION;
if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
if (s->s3->hs.negotiated_tls_version >= TLS1_3_VERSION)
return (selected_version < TLS1_3_VERSION);
if (ctx->hs->our_max_tls_version >= TLS1_3_VERSION) {
if (ctx->hs->tls13.server_version != TLS1_3_VERSION ||
ctx->hs->our_max_tls_version >= TLS1_3_VERSION) {
if (ctx->ssl->method->version < TLS1_3_VERSION)
if (tls13_client_hello_is_legacy(cbs) || s->version < TLS1_3_VERSION) {
ctx->hs->negotiated_tls_version = TLS1_3_VERSION;
if (s->method->version < TLS1_3_VERSION)
if (s->method->version < TLS1_3_VERSION)
return (max_version < TLS1_3_VERSION);
failed |= ssl_get_peer_cert_chain_test(TLS1_3_VERSION);
#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
.protocol = TLS1_3_VERSION,
.protocol = TLS1_3_VERSION,
.protocol = TLS1_3_VERSION,
.protocol = TLS1_3_VERSION,
.protocol = TLS1_3_VERSION,
case TLS1_3_VERSION:
.tls_version = TLS1_3_VERSION,
.tls_version = TLS1_3_VERSION,
.tls_version = TLS1_3_VERSION,
.tls_version = TLS1_3_VERSION,
if (et->tls_version >= TLS1_3_VERSION) {
.tls_version = TLS1_3_VERSION,
#ifdef TLS1_3_VERSION
case TLS1_3_VERSION:
#ifdef TLS1_3_VERSION
version = TLS1_3_VERSION;
#ifdef TLS1_3_VERSION
case TLS1_3_VERSION:
version = TLS1_3_VERSION;
.ssl_max_proto_version = TLS1_3_VERSION,
.ssl_max_proto_version = TLS1_3_VERSION,
.ssl_max_proto_version = TLS1_3_VERSION,
.version = TLS1_3_VERSION,
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
.max_version = TLS1_3_VERSION,
.max_version = TLS1_3_VERSION,
.max_version = TLS1_3_VERSION,
.min_version = TLS1_3_VERSION,
.max_version = TLS1_3_VERSION,
.min_version = TLS1_3_VERSION,
.max_version = TLS1_3_VERSION,
.min_version = TLS1_3_VERSION,
.max_version = TLS1_3_VERSION,
.min_version = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_minver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.minver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_minver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.peerver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
.want_maxver = TLS1_3_VERSION,
SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
.value = TLS1_3_VERSION,
case TLS1_3_VERSION:
version == TLS1_3_VERSION || version == DTLS1_VERSION ||
cfg.min_version = TLS1_3_VERSION;
cfg.max_version = TLS1_3_VERSION;
cfg.min_version = TLS1_3_VERSION;
cfg.max_version = TLS1_3_VERSION;
else if (!SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION)) {
SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);