Switch the default TLS 1.3 variant to tls13_rfc.

Update-Note: If not explicitly configured to use tls13_all, callers that enable
TLS 1.3 will now only enable the final standard version.

Change-Id: Ifcfc65a9d8782c983df6e002925e8f77f45b6e53
Reviewed-on: https://boringssl-review.googlesource.com/31384
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index c2afa15..daa58b0 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3381,15 +3381,13 @@
 OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl);
 
 // tls13_variant_t determines what TLS 1.3 variant to negotiate.
-//
-// TODO(svaldez): Make |tls13_rfc| the default after callers are switched to
-// explicitly enable |tls13_all|.
 enum tls13_variant_t {
-  tls13_default = 0,
+  tls13_rfc = 0,
   tls13_draft23,
   tls13_draft28,
-  tls13_rfc,
-  tls13_all = tls13_default,
+  // tls13_all enables all variants of TLS 1.3, to keep the transition smooth as
+  // early adopters move to the final version.
+  tls13_all,
 };
 
 // SSL_CTX_set_tls13_variant sets which variant of TLS 1.3 we negotiate. On the
diff --git a/ssl/internal.h b/ssl/internal.h
index 14c871a..087f5fb 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -2794,7 +2794,7 @@
 
   // tls13_variant is the variant of TLS 1.3 we are using for this
   // configuration.
-  tls13_variant_t tls13_variant = tls13_default;
+  tls13_variant_t tls13_variant = tls13_rfc;
 
   bssl::UniquePtr<bssl::SSLCipherPreferenceList> cipher_list;
 
@@ -3123,7 +3123,7 @@
 
   // tls13_variant is the variant of TLS 1.3 we are using for this
   // configuration.
-  tls13_variant_t tls13_variant = tls13_default;
+  tls13_variant_t tls13_variant = tls13_rfc;
 
   // session is the configured session to be offered by the client. This session
   // is immutable.
diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc
index 6f07b93..212c3ac 100644
--- a/ssl/ssl_versions.cc
+++ b/ssl/ssl_versions.cc
@@ -304,7 +304,7 @@
         return version == TLS1_3_DRAFT28_VERSION;
       case tls13_rfc:
         return version == TLS1_3_VERSION;
-      case tls13_default:
+      case tls13_all:
         return true;
     }
   }
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index cb77a73..702814d 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -39,10 +39,10 @@
 )
 
 const (
-	TLS13Default = 0
+	TLS13RFC     = 0
 	TLS13Draft23 = 1
 	TLS13Draft28 = 2
-	TLS13RFC     = 3
+	TLS13All     = 3
 )
 
 var allTLSWireVersions = []uint16{
@@ -1772,7 +1772,7 @@
 			if wireVers != VersionTLS13 {
 				return 0, false
 			}
-		case TLS13Default:
+		case TLS13All:
 			// Allow all of them.
 		default:
 			panic(c.TLS13Variant)
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 5955eda..6bbaecf 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1024,8 +1024,7 @@
 			panic(fmt.Sprintf("The name of test %q suggests that it's version specific, but min/max version in the Config is %x/%x. One of them should probably be %x", test.name, test.config.MinVersion, test.config.MaxVersion, ver.version))
 		}
 
-		// Ignore this check against "TLS13", since TLS13 is used in many test names.
-		if ver.tls13Variant != 0 && ver.tls13Variant != TLS13RFC {
+		if ver.tls13Variant != 0 {
 			var foundFlag bool
 			for _, flag := range test.flags {
 				if flag == "-tls13-variant" {
@@ -1418,11 +1417,11 @@
 		return allVersions(protocol)
 	}
 	tls13Default := tlsVersion{
-		name:         "TLS13Default",
+		name:         "TLS13All",
 		version:      VersionTLS13,
 		excludeFlag:  "-no-tls13",
 		versionWire:  0,
-		tls13Variant: TLS13Default,
+		tls13Variant: TLS13All,
 	}
 
 	var shimVersions []tlsVersion
@@ -5581,7 +5580,7 @@
 				}
 
 				if expectedVersion == VersionTLS13 && runnerVers.tls13Variant != shimVers.tls13Variant {
-					if shimVers.tls13Variant != TLS13Default {
+					if shimVers.tls13Variant != TLS13All {
 						expectedVersion = VersionTLS12
 					}
 				}
@@ -5782,7 +5781,7 @@
 		name:     "IgnoreClientVersionOrder",
 		config: Config{
 			Bugs: ProtocolBugs{
-				SendSupportedVersions: []uint16{VersionTLS12, tls13Draft23Version},
+				SendSupportedVersions: []uint16{VersionTLS12, VersionTLS13},
 			},
 		},
 		expectedVersion: VersionTLS13,
diff --git a/tool/client.cc b/tool/client.cc
index 9012993..80acf34 100644
--- a/tool/client.cc
+++ b/tool/client.cc
@@ -341,6 +341,10 @@
     *out = tls13_rfc;
     return true;
   }
+  if (in == "all") {
+    *out = tls13_all;
+    return true;
+  }
   return false;
 }
 
diff --git a/tool/server.cc b/tool/server.cc
index 824538a..c4b23bf 100644
--- a/tool/server.cc
+++ b/tool/server.cc
@@ -161,6 +161,10 @@
     *out = tls13_rfc;
     return true;
   }
+  if (in == "all") {
+    *out = tls13_all;
+    return true;
+  }
   return false;
 }