From 7fc9325a52a6dad1f8b859a3269472ffc125edd0 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 25 Nov 2013 16:25:15 +0100
Subject: nss: allow to use TLS > 1.0 if built against recent NSS

Bug: http://curl.haxx.se/mail/lib-2013-11/0162.html
---
 lib/nss.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'lib')

diff --git a/lib/nss.c b/lib/nss.c
index d16d063f3..b4aa784c4 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1228,7 +1228,13 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
 
   case CURL_SSLVERSION_TLSv1:
     sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
+#ifdef SSL_LIBRARY_VERSION_TLS_1_2
+    sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
+#elif defined SSL_LIBRARY_VERSION_TLS_1_1
+    sslver->max = SSL_LIBRARY_VERSION_TLS_1_1;
+#else
     sslver->max = SSL_LIBRARY_VERSION_TLS_1_0;
+#endif
     return CURLE_OK;
 
   case CURL_SSLVERSION_SSLv2:
@@ -1242,8 +1248,24 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
     return CURLE_OK;
 
   case CURL_SSLVERSION_TLSv1_0:
+    sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
+    sslver->max = SSL_LIBRARY_VERSION_TLS_1_0;
+    return CURLE_OK;
+
   case CURL_SSLVERSION_TLSv1_1:
+#ifdef SSL_LIBRARY_VERSION_TLS_1_1
+    sslver->min = SSL_LIBRARY_VERSION_TLS_1_1;
+    sslver->max = SSL_LIBRARY_VERSION_TLS_1_1;
+    return CURLE_OK;
+#endif
+    break;
+
   case CURL_SSLVERSION_TLSv1_2:
+#ifdef SSL_LIBRARY_VERSION_TLS_1_2
+    sslver->min = SSL_LIBRARY_VERSION_TLS_1_2;
+    sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
+    return CURLE_OK;
+#endif
     break;
   }
 
-- 
cgit v1.2.3