From e57dfc478bd93f945e354fd051cf3d06909ae37f Mon Sep 17 00:00:00 2001
From: Muzaffar Auhammud <muzaffar@hackers.mu>
Date: Thu, 12 Jul 2018 21:34:07 +0400
Subject: [PATCH 1/3] Fix a bug that ignored the --ssl-protocol parameter

---
 src/httperf.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/httperf.c b/src/httperf.c
index 4e42331..86d4e2e 100755
--- a/src/httperf.c
+++ b/src/httperf.c
@@ -668,6 +668,8 @@ main(int argc, char **argv)
                                 param.ssl_ca_path = optarg;
                         else if (flag == &param.ssl_protocol)
                         {
+			    param.use_ssl = 1;
+
                             if (strcasecmp (optarg, "auto") == 0)
                                 param.ssl_protocol = 0;
 #ifndef OPENSSL_NO_SSL2

From e3077ba65c368c2cdf738ae2496dd0e0be7795c4 Mon Sep 17 00:00:00 2001
From: Muzaffar Auhammud <muzaffar@hackers.mu>
Date: Thu, 12 Jul 2018 21:38:52 +0400
Subject: [PATCH 2/3] Remove extra 'break;' that prevent SSL_CTX_set_options
 from being set

---
 src/httperf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/httperf.c b/src/httperf.c
index 86d4e2e..d2a8100 100755
--- a/src/httperf.c
+++ b/src/httperf.c
@@ -1062,7 +1062,7 @@ main(int argc, char **argv)
 		    SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
 		    break;
 #else
-                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
+                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ());
 		    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break;
 #endif
 
@@ -1074,7 +1074,7 @@ main(int argc, char **argv)
 		    SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_1_VERSION);
 		    break;
 #else
-                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
+                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ());
 		    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2); break;
 #endif
 
@@ -1086,7 +1086,7 @@ main(int argc, char **argv)
 		    SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_2_VERSION);
 		    break;
 #else
-                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
+                    ssl_ctx = SSL_CTX_new (TLSv1_client_method ());
 		    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); break;
 #endif
 

From adf8806ab9b5647bde5f5639fe0367f327fcf8ab Mon Sep 17 00:00:00 2001
From: Muzaffar Auhammud <muzaffar@hackers.mu>
Date: Thu, 12 Jul 2018 21:41:54 +0400
Subject: [PATCH 3/3] Add missing 'case' statement that causes TLSv1.3
 implementation to be unreachable.

---
 src/httperf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/httperf.c b/src/httperf.c
index d2a8100..49727de 100755
--- a/src/httperf.c
+++ b/src/httperf.c
@@ -1092,6 +1092,7 @@ main(int argc, char **argv)
 
 #if (OPENSSL_VERSION_NUMBER >= 0x10101000L)
                     /* 7/TLSv1.3 */
+		    case 7:
                     ssl_ctx = SSL_CTX_new (TLS_client_method ());
                     SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION);
 		    SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_3_VERSION);