Currently known libressl problems:
#1: https://bitbucket.org https://mirror.vdms.com https://ftp.postgresql.org fail with: Error: error:14FFF3E7:SSL routines:(UNKNOWN)SSL_internal:unknown failure occurred #2: The "Provide struct/functions for handling TLSv1.3 key shares" commit breaks server side for non-libressl clients, including if 1.3 is disabled. ssl alert, decode_error. This is nasty for servers on -current. backout: cd /usr/src/lib/libssl ftp -o- 'https://github.com/openbsd/src/commit/4673309b7add502ba4c75a5eed0b550a38c0a8b1.patch' | patch -R #3: libtls session resumption is broken with 1.3. This is used by default in pkg_add and breaks 5 openbsd mirrors. tb@ has a diff or we can disable "-S session" in pkg_add for now if needed. rm /tmp/sess ftp -S session=/tmp/sess -o/dev/null https://cloudflare.cdn.openbsd.org/pub/OpenBSD/ ftp -S session=/tmp/sess -o/dev/null https://cloudflare.cdn.openbsd.org/pub/OpenBSD/ If you are running into big problems with #1 and #3 rebuild libssl with "#define LIBRESSL_HAS_TLS1_3_CLIENT" commented out in ssl_locl.h.
