From e221b55f67a2e12717e911f25d1bb6c85fcebfab Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 2 Dec 2013 16:09:12 +0100
Subject: nss: make sure that 'sslver' is always initialized

---
 lib/nss.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/nss.c b/lib/nss.c
index 8ddc45178..70bff7b52 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1191,13 +1191,10 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
   switch (data->set.ssl.version) {
   default:
   case CURL_SSLVERSION_DEFAULT:
-    sslver->min = SSL_LIBRARY_VERSION_3_0;
     if(data->state.ssl_connect_retry) {
       infof(data, "TLS disabled due to previous handshake failure\n");
       sslver->max = SSL_LIBRARY_VERSION_3_0;
     }
-    else
-      sslver->max = SSL_LIBRARY_VERSION_TLS_1_0;
     return CURLE_OK;
 
   case CURL_SSLVERSION_TLSv1:
@@ -1251,7 +1248,6 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
 {
   PRErrorCode err = 0;
   PRFileDesc *model = NULL;
-  SSLVersionRange sslver;
   PRBool ssl_no_cache;
   PRBool ssl_cbc_random_iv;
   struct SessionHandle *data = conn->data;
@@ -1263,6 +1259,11 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
   long time_left;
   PRUint32 timeout;
 
+  SSLVersionRange sslver = {
+    SSL_LIBRARY_VERSION_3_0,      /* min */
+    SSL_LIBRARY_VERSION_TLS_1_0   /* max */
+  };
+
   if(connssl->state == ssl_connection_complete)
     return CURLE_OK;
 
-- 
cgit v1.2.3