From efb0665c9162b2765977fa8bf8d46fef9fbeca37 Mon Sep 17 00:00:00 2001
From: FanDjango <51046875+FanDjango@users.noreply.github.com>
Date: Wed, 25 Dec 2024 13:24:06 +0100
Subject: [PATCH] TLS1.1 obsolete in .NET70+

---
 FluentFTP/Model/FtpConfig.cs                     | 4 ++++
 FluentFTP/Model/Functions/FtpAutoDetectConfig.cs | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/FluentFTP/Model/FtpConfig.cs b/FluentFTP/Model/FtpConfig.cs
index f95ba0ba2..2562a78ab 100644
--- a/FluentFTP/Model/FtpConfig.cs
+++ b/FluentFTP/Model/FtpConfig.cs
@@ -256,7 +256,11 @@ public bool SocketKeepAlive {
 		/// Encryption protocols to use. Only valid if EncryptionMode property is not equal to <see cref="FtpEncryptionMode.None"/>.
 		/// Default value is .NET Framework defaults from the <see cref="System.Net.Security.SslStream"/> class.
 		/// </summary>
+#if NET7_0_OR_GREATER
+		public SslProtocols SslProtocols { get; set; } = SslProtocols.Tls12;
+#else
 		public SslProtocols SslProtocols { get; set; } = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls;
+#endif
 
 		/// <summary>
 		/// Gets or sets the max number of socket write/read transactions
diff --git a/FluentFTP/Model/Functions/FtpAutoDetectConfig.cs b/FluentFTP/Model/Functions/FtpAutoDetectConfig.cs
index d8b0269d2..73e6494d3 100644
--- a/FluentFTP/Model/Functions/FtpAutoDetectConfig.cs
+++ b/FluentFTP/Model/Functions/FtpAutoDetectConfig.cs
@@ -34,11 +34,19 @@ public class FtpAutoDetectConfig {
 		/// <summary>
 		/// List of protocols to be tried, and the order they should be tried in.
 		/// </summary>
+#if NET7_0_OR_GREATER
+		public List<SysSslProtocols> ProtocolPriority { get; set; } = new List<SysSslProtocols> {
+			SysSslProtocols.Tls12,
+			// Do not EVER use "Default". It boils down to "SSL or TLS1.0" or worse.
+			// Do not use "None" - it can connect to TLS13, but Session Resume won't work, so a successful AutoDetect will be a false truth.
+		};
+#else
 		public List<SysSslProtocols> ProtocolPriority { get; set; } = new List<SysSslProtocols> {
 			SysSslProtocols.Tls11 | SysSslProtocols.Tls12,
 			// Do not EVER use "Default". It boils down to "SSL or TLS1.0" or worse.
 			// Do not use "None" - it can connect to TLS13, but Session Resume won't work, so a successful AutoDetect will be a false truth.
 		};
+#endif
 
 	}
 }
\ No newline at end of file