From: Emeric Brun <ebrun@exceliance.fr>
Date: Thu, 11 Oct 2012 16:36:21 +0000 (+0200)
Subject: BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3'
X-Git-Tag: v1.5-dev13~166
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=992adc9210c7667bfa5985c1ba0cb93c7687db61;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3'

bit field collision with 'force-tlsv*'.
---

diff --git a/include/types/server.h b/include/types/server.h
index 3e83d64fcd..fd99b64ff5 100644
--- a/include/types/server.h
+++ b/include/types/server.h
@@ -82,15 +82,17 @@
 #ifdef USE_OPENSSL
 /* server ssl options */
 #define SRV_SSL_O_NONE         0x0000
+#define SRV_SSL_O_NO_VMASK     0x000F /* force version mask */
 #define SRV_SSL_O_NO_SSLV3     0x0001 /* disable SSLv3 */
 #define SRV_SSL_O_NO_TLSV10    0x0002 /* disable TLSv1.0 */
 #define SRV_SSL_O_NO_TLSV11    0x0004 /* disable TLSv1.1 */
 #define SRV_SSL_O_NO_TLSV12    0x0008 /* disable TLSv1.2 */
 /* 0x000F reserved for 'no' protocol version options */
-#define SRV_SSL_O_USE_SSLV3    0x0001 /* force SSLv3 */
-#define SRV_SSL_O_USE_TLSV10   0x0002 /* force TLSv1.0 */
-#define SRV_SSL_O_USE_TLSV11   0x0004 /* force TLSv1.1 */
-#define SRV_SSL_O_USE_TLSV12   0x0008 /* force TLSv1.2 */
+#define SRV_SSL_O_USE_VMASK    0x00F0 /* force version mask */
+#define SRV_SSL_O_USE_SSLV3    0x0010 /* force SSLv3 */
+#define SRV_SSL_O_USE_TLSV10   0x0020 /* force TLSv1.0 */
+#define SRV_SSL_O_USE_TLSV11   0x0040 /* force TLSv1.1 */
+#define SRV_SSL_O_USE_TLSV12   0x0080 /* force TLSv1.2 */
 /* 0x00F0 reserved for 'force' protocol version options */
 #endif