nss: fix max-tls to be 1.3/1.2 #3262
Conversation
Did you test it? If I read the code correctly, the proposed change is a no-op. libcurl on top of NSS defaults to NSS' default min/max versions of TLS. There seems to be one place that needs to be updated for the https://github.com/curl/curl/blob/42fd2350/lib/vtls/nss.c#L1642 |
Yeps. Before my patch: curl fails as #3261 describes. After patch: that command line works...
I beg to differ. The non-patch version sets 1.0 to be the max version by default here: Line 1795 in 42fd235 ... so when we raise the minimum to 1.2 with the option, the call to Line 1844 in 42fd235 If you have a better/more appropriate fix, I'll happily accept that! =) |
Sorry, I overlooked commit 2e5651a which had actually triggered this bug (allowing to set The code I was talking about is actually dead code now and it can be safely removed:
|
Thanks @kdudka, rebased and committed your patch in the branch. |
Looks good! |
Uh, the default value that is!
Fixes #3261