From cadf0d7ba866e004b409d165f4ac2391fe8b6b7c Mon Sep 17 00:00:00 2001
From: Joseph Gooch <mrwizard@k12system.com>
Date: Fri, 20 Dec 2013 07:46:20 -0500
Subject: Fix for SSL Versioning when multiple options are used.

If you specify -S1 -C 30... The -C option will reset the ssl_version to 0.  This is not a good thing.

Instead we set the default to 0 and retain the version when later args are passed.

diff --git a/plugins/check_http.c b/plugins/check_http.c
index 1595a59..4eba4b6 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -57,7 +57,7 @@ enum {
 
 #ifdef HAVE_SSL
 int check_cert = FALSE;
-int ssl_version;
+int ssl_version = 0;
 int days_till_exp_warn, days_till_exp_crit;
 char *randbuff;
 X509 *server_cert;
@@ -339,10 +339,10 @@ process_arguments (int argc, char **argv)
     case 'S': /* use SSL */
 #ifdef HAVE_SSL
     enable_ssl:
+      /* ssl_version initialized to 0 as a default. Only set if it's non-zero.  This helps when we include multiple
+         parameters, like -S and -C combinations */
       use_ssl = TRUE;
-      if (optarg == NULL || c != 'S')
-        ssl_version = 0;
-      else {
+      if (c=='S' && optarg != NULL) {
         ssl_version = atoi(optarg);
         if (ssl_version < 1 || ssl_version > 3)
             usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)"));
-- 
cgit v0.10-9-g596f