openssl: return error if TLS 1.3 is requested when not supportedbagder/tls13-not-there

Previously curl would just silently ignore it if the necessary defines are not present at build-time. Reported-by: Stefan Eissing Fixes #8309
author: Daniel Stenberg <daniel@haxx.se> 2022-01-20 17:21:38 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2022-01-20 17:21:38 +0100
commit: befc011638c87b3521a515719a8461c4ed2061ad (patch)
tree: 020ca2fe8eb5a849fda15348ce271d6c5d86e60c
parent: e29665c77559a44155f48028f345ddc1999f5a86 (diff)
download: curl-bagder/tls13-not-there.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 694b9b626..be2f7be44 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2363,10 +2363,12 @@ set_ssl_version_min_max(SSL_CTX *ctx, struct connectdata *conn)
     case CURL_SSLVERSION_TLSv1_2:
       ossl_ssl_version_min = TLS1_2_VERSION;
       break;
-#ifdef TLS1_3_VERSION
     case CURL_SSLVERSION_TLSv1_3:
+#ifdef TLS1_3_VERSION
       ossl_ssl_version_min = TLS1_3_VERSION;
       break;
+#else
+      return CURLE_NOT_BUILT_IN;
 #endif
   }
author	Daniel Stenberg <daniel@haxx.se>	2022-01-20 17:21:38 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2022-01-20 17:21:38 +0100
commit	befc011638c87b3521a515719a8461c4ed2061ad (patch)
tree	020ca2fe8eb5a849fda15348ce271d6c5d86e60c
parent	e29665c77559a44155f48028f345ddc1999f5a86 (diff)
download	curl-bagder/tls13-not-there.tar.gz