From 930bf0016defe35ec0c582607df696f43cd7bc14 Mon Sep 17 00:00:00 2001
From: Jacek Caban <jacek@codeweavers.com>
Date: Wed, 17 Apr 2013 14:23:44 +0200
Subject: [PATCH] secur32: Added support for TLS 1.1 and TLS 1.2 on Mac.

---
 dlls/secur32/schannel_macosx.c | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/dlls/secur32/schannel_macosx.c b/dlls/secur32/schannel_macosx.c
index 5ec06cf793..9463c94c8f 100644
--- a/dlls/secur32/schannel_macosx.c
+++ b/dlls/secur32/schannel_macosx.c
@@ -1007,7 +1007,25 @@ BOOL schan_imp_init(void)
     supported_protocols = SP_PROT_SSL2_CLIENT | SP_PROT_SSL3_CLIENT | SP_PROT_TLS1_0_CLIENT;
 
 #if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
-    /* FIXME: Test max allowed version for TLS 1.1 and TLS 1.2 */
+    if(SSLGetProtocolVersionMax != NULL) {
+        SSLProtocol max_protocol;
+        SSLContextRef ctx;
+        OSStatus status;
+
+        status = SSLNewContext(FALSE, &ctx);
+        if(status == noErr) {
+            status = SSLGetProtocolVersionMax(ctx, &max_protocol);
+            if(status == noErr) {
+                if(max_protocol >= kTLSProtocol11)
+                    supported_protocols |= SP_PROT_TLS1_1_CLIENT;
+                if(max_protocol >= kTLSProtocol12)
+                    supported_protocols |= SP_PROT_TLS1_2_CLIENT;
+            }
+            SSLDisposeContext(ctx);
+        }else {
+            WARN("SSLNewContext failed\n");
+        }
+    }
 #endif
 
     return TRUE;
-- 
2.32.0.93.g670b81a890