From b57913b13ad07cfaa345f7d1e964cd37e5545aa5 Mon Sep 17 00:00:00 2001
From: KokaKiwi <kokakiwi@kokakiwi.net>
Date: Sun, 3 Mar 2019 18:33:02 +0100
Subject: [PATCH] Fix supported TLS versions as TLS 1.3 support seems buggy.

---
 config/config.exs        | 9 ++++++++-
 lib/pleroma/http/http.ex | 7 +++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/config/config.exs b/config/config.exs
index a620e7451..e6a21104c 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -133,7 +133,14 @@ config :pleroma, :httpoison, Pleroma.HTTP
 config :tesla, adapter: Tesla.Adapter.Hackney
 
 # Configures http settings, upstream proxy etc.
-config :pleroma, :http, proxy_url: nil
+config :pleroma, :http,
+  proxy_url: nil,
+  adapter: [
+    ssl_options: [
+      # We don't support TLS v1.3 yet
+      versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"]
+    ]
+  ]
 
 config :pleroma, :instance,
   name: "Pleroma",
diff --git a/lib/pleroma/http/http.ex b/lib/pleroma/http/http.ex
index 75c58e6c9..26214ef3f 100644
--- a/lib/pleroma/http/http.ex
+++ b/lib/pleroma/http/http.ex
@@ -30,6 +30,7 @@ defmodule Pleroma.HTTP do
     options =
       process_request_options(options)
       |> process_sni_options(url)
+      |> process_adapter_options()
 
     params = Keyword.get(options, :params, [])
 
@@ -56,6 +57,12 @@ defmodule Pleroma.HTTP do
     end
   end
 
+  def process_adapter_options(options) do
+    adapter_options = Pleroma.Config.get([:http, :adapter], [])
+
+    options ++ [adapter: adapter_options]
+  end
+
   def process_request_options(options) do
     config = Application.get_env(:pleroma, :http, [])
     proxy = Keyword.get(config, :proxy_url, nil)