From a6671aec37cc408335657b11c8013f8be18bbad9 Mon Sep 17 00:00:00 2001
From: Nils Maier <maierman@web.de>
Date: Sun, 6 Oct 2019 09:20:11 +0200
Subject: [PATCH] AppleTLS: TLSv3

---
 src/AppleTLSSession.cc | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/AppleTLSSession.cc b/src/AppleTLSSession.cc
index cb9cf8ee..5f2f2ee1 100644
--- a/src/AppleTLSSession.cc
+++ b/src/AppleTLSSession.cc
@@ -53,8 +53,9 @@
 
 namespace {
 #if !defined(__MAC_10_8)
-static const SSLProtocol kTLSProtocol11 = (SSLProtocol)(kSSLProtocolAll + 1);
-static const SSLProtocol kTLSProtocol12 = (SSLProtocol)(kSSLProtocolAll + 2);
+static const SSLProtocol kTLSProtocol11 = 7;
+static const SSLProtocol kTLSProtocol12 = 8;
+static const SSLProtocol kTLSProtocol13 = 13;
 #endif
 
 #ifndef CIPHER_NO_DHPARAM
@@ -92,6 +93,8 @@ static inline const char* protoToString(SSLProtocol proto)
     return "TLSv1.1";
   case kTLSProtocol12:
     return "TLSv1.2";
+  case kTLSProtocol13:
+    return "TLSv1.3";
   default:
     return "Unknown";
   }
@@ -382,6 +385,9 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
   case TLS_PROTO_TLS12:
     (void)SSLSetProtocolVersionMin(sslCtx_, kTLSProtocol12);
     break;
+  case TLS_PROTO_TLS13:
+    (void)SSLSetProtocolVersionMin(sslCtx_, kTLSProtocol13);
+    break;
   default:
     break;
   }
@@ -393,6 +399,9 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
   // fall through
   case TLS_PROTO_TLS12:
     (void)SSLSetProtocolVersionEnabled(sslCtx_, kTLSProtocol12, true);
+  // fall through
+  case TLS_PROTO_TLS13:
+    (void)SSLSetProtocolVersionEnabled(sslCtx_, kTLSProtocol13, true);
   default:
     break;
   }
@@ -742,6 +751,9 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
   case kTLSProtocol12:
     version = TLS_PROTO_TLS12;
     break;
+  case kTLSProtocol13:
+    version = TLS_PROTO_TLS13;
+    break;
   default:
     version = TLS_PROTO_NONE;
     break;