diff -r -u python-nss-0.16.0.orig/doc/examples/ssl_version_range.py python-nss-0.16.0/doc/examples/ssl_version_range.py
--- python-nss-0.16.0.orig/doc/examples/ssl_version_range.py	2014-11-25 12:20:58.744325434 -0500
+++ python-nss-0.16.0/doc/examples/ssl_version_range.py	2014-11-25 14:50:42.530189512 -0500
@@ -96,13 +96,12 @@
 
 names = [
     'ssl2', 'ssl3',
-    'tls1.0', 'tls1.1', 'tls1.2', 'tls1.3',
+    'tls1.0', 'tls1.1', 'tls1.2',
     'SSL_LIBRARY_VERSION_2',
     'SSL_LIBRARY_VERSION_3_0',
     'SSL_LIBRARY_VERSION_TLS_1_0',
     'SSL_LIBRARY_VERSION_TLS_1_1',
     'SSL_LIBRARY_VERSION_TLS_1_2',
-    'SSL_LIBRARY_VERSION_TLS_1_3',
     ]
 
 print
diff -r -u python-nss-0.16.0.orig/src/py_ssl.c python-nss-0.16.0/src/py_ssl.c
--- python-nss-0.16.0.orig/src/py_ssl.c	2014-11-25 12:20:58.766325459 -0500
+++ python-nss-0.16.0/src/py_ssl.c	2014-11-25 14:49:47.032128344 -0500
@@ -193,9 +193,11 @@
         case 3:
             version_enum = SSL_LIBRARY_VERSION_TLS_1_2;
             break;
+#if (NSS_VMAJOR > 3) || (NSS_VMAJOR == 3 && NSS_VMINOR >= 17)
         case 4:
             version_enum = SSL_LIBRARY_VERSION_TLS_1_3;
             break;
+#endif
         default:
             PyErr_Format(PyExc_ValueError, 
                          "Verson %d.%d has unkown minor version",
@@ -4411,7 +4413,9 @@
     ExportConstant(SSL_LIBRARY_VERSION_TLS_1_0);
     ExportConstant(SSL_LIBRARY_VERSION_TLS_1_1);
     ExportConstant(SSL_LIBRARY_VERSION_TLS_1_2);
+#if (NSS_VMAJOR > 3) || (NSS_VMAJOR == 3 && NSS_VMINOR >= 17)
     ExportConstant(SSL_LIBRARY_VERSION_TLS_1_3);
+#endif
 
 
     if ((ssl_library_version_alias_to_value = PyDict_New()) == NULL) {
@@ -4430,7 +4434,9 @@
     ExportConstantAlias(SSL_LIBRARY_VERSION_TLS_1_0, "tls1.0");
     ExportConstantAlias(SSL_LIBRARY_VERSION_TLS_1_1, "tls1.1");
     ExportConstantAlias(SSL_LIBRARY_VERSION_TLS_1_2, "tls1.2");
+#if (NSS_VMAJOR > 3) || (NSS_VMAJOR == 3 && NSS_VMINOR >= 17)
     ExportConstantAlias(SSL_LIBRARY_VERSION_TLS_1_3, "tls1.3");
+#endif
 
 
 #undef ExportConstant
@@ -4639,7 +4645,9 @@
     /* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a
      * handshake is the result of TLS version fallback.
      */
+#if (NSS_VMAJOR > 3) || (NSS_VMAJOR == 3 && NSS_VMINOR >= 17)
     ExportConstant(TLS_FALLBACK_SCSV);
+#endif
 
     /* Cipher Suite Values starting with 0xC000 are defined in informational
      * RFCs.
diff -r -u python-nss-0.16.0.orig/src/SSLerrs.h python-nss-0.16.0/src/SSLerrs.h
--- python-nss-0.16.0.orig/src/SSLerrs.h	2014-11-25 12:20:58.766325459 -0500
+++ python-nss-0.16.0/src/SSLerrs.h	2014-11-25 14:49:47.033128345 -0500
@@ -419,6 +419,8 @@
 ER3(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL, (SSL_ERROR_BASE + 130),
 "The server supports no protocols that the client advertises in the ALPN extension.")
 
+#if (NSS_VMAJOR > 3) || (NSS_VMAJOR == 3 && NSS_VMINOR >= 17)
 ER3(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT, (SSL_ERROR_BASE + 131),
 "The server rejected the handshake because the client downgraded to a lower "
 "TLS version than the server supports.")
+#endif