LibreSSL >= 4.3.0 supports MLKEM768, but Tor does not make use of it
After sending the PQC status email to tor-relays@, I checked the LibreSSL's ChangeLog and it looks like they did release a version that supports the MLKEM768/X25519 hybrid handshake for PQC.
Unfortunately, it doesn't work out of the box with C Tor right now. While just testing this, I tried the following and that does indeed make the connection use the new handshake type:
```patch
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index d18a112325..846e8ede9d 100644
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -573,6 +573,9 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
OPENSSL_V_SERIES(3,5,0),
"?*X25519MLKEM768 / ?SecP256r1MLKEM768 / *P-256:?X25519:P-224"
},
+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x40300000
+ { 0, "X25519MLKEM768" },
+#endif
{ 0, "P-256:X25519:P-224" },
{ 0, "P-256:P-224" },
};
```
We likely have to be careful with our versioning macros here given that the libressl versioning is now >= than the OpenSSL one.
issue