-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nss: fix max-tls to be 1.3/1.2 #3262
Conversation
Did you test it? If I read the code correctly, the proposed change is a no-op. libcurl on top of NSS defaults to NSS' default min/max versions of TLS. There seems to be one place that needs to be updated for the https://github.com/curl/curl/blob/42fd2350/lib/vtls/nss.c#L1642 |
Yeps. Before my patch: curl fails as #3261 describes. After patch: that command line works...
I beg to differ. The non-patch version sets 1.0 to be the max version by default here: Line 1795 in 42fd235
... so when we raise the minimum to 1.2 with the option, the call to Line 1844 in 42fd235
If you have a better/more appropriate fix, I'll happily accept that! =) |
Sorry, I overlooked commit 2e5651a which had actually triggered this bug (allowing to set The code I was talking about is actually dead code now and it can be safely removed:
|
a629c8a
to
3d988c5
Compare
Thanks @kdudka, rebased and committed your patch in the branch. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Uh, the default value that is!
Fixes #3261