From 2615a5dfc89d6f430840d06cad4540c76b5bc3de Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Mon, 3 Nov 2014 14:01:05 -0800
Subject: [PATCH] mlogc: Checks if curl supports CURL_SSLVERSION_TLSv1_2 before
 use it

Seems like curl versions older than 7.34.0 does not have support for
`CURL_SSLVERSION_TLSv1_2'. In this cases, using CURL_SSLVERSION_TLSv1
which was added at version 7.9.2. ModSecurity demands a curl version
newer than 7.15.1.
---
 build/find_curl.m4 | 4 ++++
 mlogc/mlogc.c      | 8 +++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/build/find_curl.m4 b/build/find_curl.m4
index 7e476943..d1918268 100644
--- a/build/find_curl.m4
+++ b/build/find_curl.m4
@@ -66,6 +66,10 @@ if test -n "${curl_path}"; then
     curl_ver=`echo ${CURL_VERSION} | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
     if test "$curl_min_ver" -le "$curl_ver"; then
         AC_MSG_RESULT([yes, $CURL_VERSION])
+	curl_tlsv2_ver=`echo 7.34.0 | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
+	if test "$curl_tlsv2_ver" -le "$curl_ver"; then
+	    CURL_CFLAGS="${CURL_CFLAGS} -DWITH_CURL_SSLVERSION_TLSv1_2"
+	fi
     else
         AC_MSG_RESULT([no, $CURL_VERSION])
         AC_MSG_NOTICE([NOTE: curl library may be too old])
diff --git a/mlogc/mlogc.c b/mlogc/mlogc.c
index c4b2a23b..21668200 100644
--- a/mlogc/mlogc.c
+++ b/mlogc/mlogc.c
@@ -1218,8 +1218,14 @@ static void logc_init(void)
         curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+        /* Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl
+         * < v7.34.0
+         */
+#ifdef WITH_CURL_SSLVERSION_TLSv1_2
         curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
-
+#else
+        curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+#endif
         curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15);
         curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE);
         curl_easy_setopt(curl, CURLOPT_HEADER, TRUE);