From a763ca11777ce01a286751f3f3dd9b106ef74f30 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 14 Jan 2021 15:50:20 +0000
Subject: Stop disabling TLSv1.3 if ec and dh are disabled

Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provider.

Fixes #13767

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
---
 Configure | 2 --
 1 file changed, 2 deletions(-)

(limited to 'Configure')

diff --git a/Configure b/Configure
index e429d6ff5b..9a96a7f0c0 100755
--- a/Configure
+++ b/Configure
@@ -563,8 +563,6 @@ my @disable_cascades = (
     "zlib"              => [ "zlib-dynamic" ],
     "des"               => [ "mdc2" ],
     "ec"                => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost" ],
-    sub { $disabled{"ec"} && $disabled{"dh"} }
-                        => [ "tls1_3" ],
     "dgram"             => [ "dtls", "sctp" ],
     "sock"              => [ "dgram" ],
     "dtls"              => [ @dtls ],
-- 
cgit v1.2.1