From 1263f9cd099f0d8363a7a8a505b7e472d039bee8 Mon Sep 17 00:00:00 2001
From: Muzaffar Auhammud <muzaffar@hackers.mu>
Date: Wed, 11 Jul 2018 15:42:29 +0400
Subject: [PATCH] Make TLSv1 use TLSv1.0 specifically to prevent ambiguity with
 TLSv1.1, TLSv1.2, TLSv1.3

---
 src/httperf.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/httperf.c b/src/httperf.c
index 3a17e14..e1dde1a 100755
--- a/src/httperf.c
+++ b/src/httperf.c
@@ -1052,13 +1052,16 @@ main(int argc, char **argv)
                     ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break;
 #endif
 #endif
-                    /* 4/TLSv1 */
+                    /* 4/TLSv1.0 */
                     case 4: 
 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
                     ssl_ctx = SSL_CTX_new (TLS_client_method ()); 
-                    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); break;
+                    SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION);
+		    SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
+		    break;
 #else
                     ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
+		    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break;
 #endif
 
                 }