From 931a68e56f63d2fcdb342fc5544903bc5aebbead Mon Sep 17 00:00:00 2001
From: Pavel Peganov <side.spb@gmail.com>
Date: Sun, 25 Feb 2018 23:24:31 +0300
Subject: [PATCH] Enforce TLS 1.2 for PowerShell downloader

https://github.com/blog/2507-weak-cryptographic-standards-removed
---
 bin/lein.bat | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/lein.bat b/bin/lein.bat
index f0d2ce44..af8a78ed 100755
--- a/bin/lein.bat
+++ b/bin/lein.bat
@@ -154,7 +154,7 @@ if "x%HTTP_CLIENT%" == "x" goto TRY_POWERSHELL
 call powershell -? >nul 2>&1
 if NOT ERRORLEVEL 0 goto TRY_WGET
     set LAST_HTTP_CLIENT=powershell
-    powershell -Command "& {param($a,$f) $client = New-Object System.Net.WebClient;  $client.Proxy.Credentials =[System.Net.CredentialCache]::DefaultNetworkCredentials; $client.DownloadFile($a, $f)}" ""%2"" ""%1""
+    powershell -Command "& {param($a,$f) $client = New-Object System.Net.WebClient; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $client.Proxy.Credentials =[System.Net.CredentialCache]::DefaultNetworkCredentials; $client.DownloadFile($a, $f)}" ""%2"" ""%1""
     SET RC=%ERRORLEVEL%
     goto EXITRC