Forbid to specify -nextprotoneg if -tls1_3 is enabled This applies both to s_client and s_server app. Reaction to Issue #3665. Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3697)

commit: 837f87c217fd595c814c4e1ab47ec1842d29b60d [log] [tgz]
author: Paul Yang <paulyang.inf@gmail.com> Fri Jun 16 18:12:02 2017 +0800
committer: Rich Salz <rsalz@openssl.org> Fri Jun 16 17:00:22 2017 -0400
tree: 06f5a526fb5715cf9eeb8d0811d793fb31b59b10
parent: 6ea3bca427b3e759939a63555821d0c4678dd79c [diff] [blame]
diff --git a/apps/s_client.c b/apps/s_client.c
index 8af3853..ad0eaec 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c

@@ -1424,6 +1424,12 @@
     if (argc != 0)
         goto opthelp;
 
+#ifndef OPENSSL_NO_NEXTPROTONEG
+    if (min_version == TLS1_3_VERSION && next_proto_neg_in != NULL) {
+        BIO_printf(bio_err, "Cannot supply -nextprotoneg with TLSv1.3\n");
+        goto opthelp;
+    }
+#endif
     if (proxystr != NULL) {
         int res;
         char *tmp_host = host, *tmp_port = port;
commit	837f87c217fd595c814c4e1ab47ec1842d29b60d	[log] [tgz]
author	Paul Yang <paulyang.inf@gmail.com>	Fri Jun 16 18:12:02 2017 +0800
committer	Rich Salz <rsalz@openssl.org>	Fri Jun 16 17:00:22 2017 -0400
tree	06f5a526fb5715cf9eeb8d0811d793fb31b59b10
parent	6ea3bca427b3e759939a63555821d0c4678dd79c [diff] [blame]