As a server don't select TLSv1.3 if we're not capable of it
Check that we are either configured for PSK, or that we have a TLSv1.3 capable certificate type. DSA certs can't be used in TLSv1.3 and we don't (currently) allow GOST ones either (owing to the lack of standard sig algs). Reviewed-by:Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6650)
Please register or sign in to comment