From 04b72873c79375fc9845e03f1d575d4891ea723f Mon Sep 17 00:00:00 2001
From: Raymond Tau <raymondtau@gmail.com>
Date: Mon, 23 Nov 2015 16:15:10 +0800
Subject: [PATCH] Fix the problem of the DisableSslVersions patch.

---
 src/Cedar/Cedar.c     |  2 ++
 src/Cedar/Cedar.h     |  9 ++++++---
 src/Cedar/Server.c    | 10 +++++-----
 src/Mayaqua/Network.c |  1 +
 4 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/Cedar/Cedar.c b/src/Cedar/Cedar.c
index 49841778..9242ff5b 100644
--- a/src/Cedar/Cedar.c
+++ b/src/Cedar/Cedar.c
@@ -1803,6 +1803,8 @@ CEDAR *NewCedar(X *server_x, K *server_k)
 
 	c->BuildInfo = CopyStr(tmp);
 
+	c->DisableSslVersions = SSL_OPT_DEFAULT;
+
 	return c;
 }
 
diff --git a/src/Cedar/Cedar.h b/src/Cedar/Cedar.h
index 4618c9c5..6bbfd1cc 100644
--- a/src/Cedar/Cedar.h
+++ b/src/Cedar/Cedar.h
@@ -415,8 +415,11 @@
 #define NAME_SSL_VERSION_SSL_V2	"SSL_V2"	// SSLv2
 #define NAME_SSL_VERSION_SSL_V3	"SSL_V3"	// SSLv3
 #define NAME_SSL_VERSION_TLS_V1_0	"TLS_V1_0"	// TLS v1.0
-#define NAME_SSL_VERSION_TLS_V1_0	"TLS_V1_1"	// TLS v1.1
-#define NAME_SSL_VERSION_TLS_V1_0	"TLS_V1_2"	// TLS v1.2
+#define NAME_SSL_VERSION_TLS_V1_1	"TLS_V1_1"	// TLS v1.1
+#define NAME_SSL_VERSION_TLS_V1_2	"TLS_V1_2"	// TLS v1.2
+
+// OpenSSL SSL Context Option Flags default
+#define SSL_OPT_DEFAULT	0x0
 
 //////////////////////////////////////////////////////////////////////
 // 
@@ -1065,7 +1068,7 @@ typedef struct CEDAR
 	LOCK *FifoBudgetLock;			// Fifo budget lock
 	UINT FifoBudget;				// Fifo budget
 	bool AcceptOnlyTls;				// Accept only TLS (Disable SSL)
-	UINT DisableSslVersions = 0x0;	// Bitmap of SSL Version to disable
+	UINT DisableSslVersions;	// Bitmap of SSL Version to disable
 	char OpenVPNDefaultClientOption[MAX_SIZE];	// OpenVPN Default Client Option String
 } CEDAR;
 
diff --git a/src/Cedar/Server.c b/src/Cedar/Server.c
index bfd14338..23c08593 100644
--- a/src/Cedar/Server.c
+++ b/src/Cedar/Server.c
@@ -6167,23 +6167,23 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
 			UINT i;		
 			for (i = 0;i < sslVersions->NumTokens;i++)
 			{
-				if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2)) 
+				if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2)) {
 					c->DisableSslVersions |= SSL_VERSION_SSL_V2;
 					continue;
 				}
-				if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3)) 
+				if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3)) {
 					c->DisableSslVersions |= SSL_VERSION_SSL_V3;
 					continue;
 				}
-				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0)) 
+				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0)) { 
 					c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
 					continue;
 				}
-				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1)) 
+				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1)) {
 					c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
 					continue;
 				}
-				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2)) 
+				if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2)) {
 					c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
 					continue;
 				}
diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c
index e0395aa4..69278c80 100644
--- a/src/Mayaqua/Network.c
+++ b/src/Mayaqua/Network.c
@@ -155,6 +155,7 @@
 #ifdef	UNIX_MACOS
 #include <sys/event.h>
 #endif	// UNIX_MACOS
+#include <Cedar/Cedar.h>
 
 #ifdef	OS_WIN32
 NETWORK_WIN32_FUNCTIONS *w32net;