From 0c448093dd1cbf7f1b9242ddf4fc166b42088a74 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 12 Nov 2018 16:22:23 +0100 Subject: [PATCH] nss: set default max-tls to 1.3/1.2 Fixes #3261 --- lib/vtls/nss.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 9dceb9773..2a9b44951 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1792,7 +1792,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) SSLVersionRange sslver = { SSL_LIBRARY_VERSION_TLS_1_0, /* min */ - SSL_LIBRARY_VERSION_TLS_1_0 /* max */ +#ifdef SSL_LIBRARY_VERSION_TLS_1_3 + SSL_LIBRARY_VERSION_TLS_1_3 /* max */ +#else + SSL_LIBRARY_VERSION_TLS_1_2 +#endif }; BACKEND->data = data;