From c011e0b7d5d3fa508c8421c26025e7c6122214f4 Mon Sep 17 00:00:00 2001
From: Sean Stockholm <sstockholm@roomkey.com>
Date: Tue, 11 Feb 2020 13:32:55 -0500
Subject: [PATCH] Add protocol option to ssl-context

---
 src/clj/http/async/client/cert.clj | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/clj/http/async/client/cert.clj b/src/clj/http/async/client/cert.clj
index 2e4cc10..e33d3ab 100644
--- a/src/clj/http/async/client/cert.clj
+++ b/src/clj/http/async/client/cert.clj
@@ -126,6 +126,9 @@
    :certificate-alias - A name by which to access an X509 certificate that will
    be loaded into the KeyStore.
 
+   :protocol - The version of TLS to be used, by default \"TLS\", but \"TLSv1.1\"
+   or \"TLSv1.2\" are also supported
+
    :trust-managers - [optional] A seq of javax.net.ssl.X509TrustManager objects.
    These are used to verify the certificates sent by the remote host. If
    you don't specify this option, the connection will use an instance of
@@ -135,7 +138,9 @@
              keystore-password
              certificate-alias
              certificate-file
-             trust-managers]}]
+             trust-managers
+             protocol]
+      :or {protocol "TLS"}}]
   (let [initial-keystore (load-keystore
                           (when keystore-file (resource-stream keystore-file))
                           keystore-password)
@@ -144,7 +149,7 @@
                             certificate-alias
                             (load-x509-cert certificate-file))
         key-mgr-factory (key-manager-factory keystore-with-cert keystore-password)
-        ctx (SSLContext/getInstance "TLS")
+        ctx (SSLContext/getInstance protocol)
         key-managers (.getKeyManagers key-mgr-factory)
         trust-managers (into-array javax.net.ssl.X509TrustManager
                                    (or trust-managers