sslutil: add support for clients to set TLSv1.3 as the minimum protocol AFAICT, all of the TLS versions are supported by the server without doing any explicit work, and there's only a `devel` config to specify an exact version on the server side. Clients would also use TLSv1.3 if available, but this prevents the server from negotiating down. This also causes "tls1.3" to be listed in `hg debuginstall`, even though it was previously supported (if the Python intepreter supported it- IDK if there's a good way to proactively test for and show future protocols without requiring manual updates like this). The v1.3 tests are nested inside the v1.2 tests for simplicity. The v1.2 blocks already assume v1.0 and v1.1 support, so this seems reasonable for now. If/when the older protocols start getting dropped, this will have to be reworked anyway.

from __future__ import annotations

import cffi
import os

ffi = cffi.FFI()
with open(
    os.path.join(os.path.join(os.path.dirname(__file__), '..'), 'bdiff.c')
) as f:
    ffi.set_source(
        "mercurial.cffi._bdiff", f.read(), include_dirs=['mercurial']
    )
ffi.cdef(
    """
struct bdiff_line {
    int hash, n, e;
    ssize_t len;
    const char *l;
};

struct bdiff_hunk;
struct bdiff_hunk {
    int a1, a2, b1, b2;
    struct bdiff_hunk *next;
};

int bdiff_splitlines(const char *a, ssize_t len, struct bdiff_line **lr);
int bdiff_diff(struct bdiff_line *a, int an, struct bdiff_line *b, int bn,
    struct bdiff_hunk *base);
void bdiff_freehunks(struct bdiff_hunk *l);
void free(void*);
"""
)

if __name__ == '__main__':
    ffi.compile()