Tor doesn't work when built with (unreleased) OpenSSL 1.1.1 built with enable-tls1_3

From https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/ :

If you explicitly configure your ciphersuites then care should be taken to ensure that you are not inadvertently excluding all TLSv1.3 compatible ciphersuites. If a client has TLSv1.3 enabled but no TLSv1.3 ciphersuites configured then it will immediately fail (even if the server does not support TLSv1.3) with an error message

That's the situation we're in now. When OpenSSL 1.1.1 releases in April, current Tor versions just won't work with it at all, since they have neither disabled TLS1.3 nor enabled any TLS1.3 ciphers.

We have two options for fixing this: I'll implement both and we can see what we like.