fix ssl options

Pass correct tls order when connecting so we comply to the new rules.

fix #344

src/hackney_connect.erl

@@ -15,6 +15,7 @@
          close/1,
          is_pool/1]).
 
+-export([partial_chain/1]).
 
 -include("hackney.hrl").
 -include_lib("hackney_internal.hrl").

src/hackney_local_tcp.erl

@@ -25,14 +25,8 @@ connect(Host, Port, Opts) ->
 
 connect(Host, Port, Opts, Timeout) when is_list(Host), is_integer(Port),
 	(Timeout =:= infinity orelse is_integer(Timeout)) ->
-
-    %% filter options
-    AcceptedOpts =  [nodelay, keepalive, send_timeout,
-                     send_timeout_close, raw, reuseaddr,
-                     ip, ip_address],
     BaseOpts = [binary, {active, false}, {packet, raw}],
-    Opts1 = hackney_util:filter_options(Opts, AcceptedOpts, BaseOpts),
-
+    Opts1 = hackney_util:merge_opts(BaseOpts, Opts),
     %% connect
     gen_tcp:connect({local, Host}, Port, Opts1, Timeout).
 

src/hackney_ssl.erl

@@ -25,20 +25,12 @@ connect(Host, Port, Opts) ->
 
 connect(Host, Port, Opts, Timeout) when is_list(Host), is_integer(Port),
 	(Timeout =:= infinity orelse is_integer(Timeout)) ->
-
-    %% filter options
-    AcceptedOpts =  [cacertfile, cacerts, cert, certfile, ciphers,
-                     fail_if_no_peer_cert, hibernate_after, key, keyfile,
-                     linger, next_protocols_advertised, nodelay, password, raw,
-                     reuse_session, reuse_sessions, secure_renegotiate,
-                     send_timeout, send_timeout_close, verify, partial_chain,
-                     verify_fun, inet6, versions, server_name_indication,
-                     depth, reuseaddr, ip, ip_address, log_alert],
-    BaseOpts = [binary, {active, false}, {packet, raw}],
-    Opts1 = hackney_util:filter_options(Opts, AcceptedOpts, BaseOpts),
+    BaseOpts = [binary, {active, false}, {packet, raw},
+								{versions,['tlsv1.1',tlsv1,sslv3]}],
+		Opts1 = hackney_util:merge_opts(BaseOpts, Opts),
 
     %% connect
-	ssl:connect(Host, Port, Opts1, Timeout).
+		ssl:connect(Host, Port, Opts1, Timeout).
 
 recv(Socket, Length) ->
     recv(Socket, Length, infinity).

src/hackney_tcp.erl

@@ -25,16 +25,10 @@ connect(Host, Port, Opts) ->
 
 connect(Host, Port, Opts, Timeout) when is_list(Host), is_integer(Port),
 	(Timeout =:= infinity orelse is_integer(Timeout)) ->
-
-    %% filter options
-    AcceptedOpts =  [linger, nodelay, keepalive, send_timeout,
-                     send_timeout_close, raw, inet6, reuseaddr,
-                     ip, ip_address],
     BaseOpts = [binary, {active, false}, {packet, raw}],
-    Opts1 = hackney_util:filter_options(Opts, AcceptedOpts, BaseOpts),
-
+    Opts1 = hackney_util:merge_opts(BaseOpts, Opts),
     %% connect
-	gen_tcp:connect(Host, Port, Opts1, Timeout).
+	  gen_tcp:connect(Host, Port, Opts1, Timeout).
 
 recv(Socket, Length) ->
     recv(Socket, Length, infinity).

src/hackney_util.erl

@@ -17,6 +17,8 @@
 %% random compatibility
 -export([uniform/1]).
 
+-export([merge_opts/2]).
+
 -include("hackney.hrl").
 
 %% @doc filter a proplists and only keep allowed keys
@@ -40,6 +42,7 @@ filter_options([Opt|Tail], AllowedKeys, Acc) when is_atom(Opt) ->
 		false -> filter_options(Tail, AllowedKeys, Acc)
 	end.
 
+
 %% @doc set the default options in a proplists if not defined
 -spec set_option_default(Opts, atom(), any())
 	-> Opts when Opts :: [{atom(), any()}].
@@ -132,3 +135,21 @@ uniform(N) ->
   end.
 
 have_rand() -> (code:which(rand) /= non_existing).
+
+
+merge_opts([], Options) -> Options;
+merge_opts([Opt = {K, _}| Rest], Options) ->
+	case lists:member(K, Options) of
+		true -> merge_opts(Rest, Options);
+		false -> merge_opts(Rest, [Opt | Options])
+	end;
+merge_opts([Opt={raw, _, _, _} | Rest], Options) ->
+	merge_opts(Rest, [Opt | Options]);
+merge_opts([K | Rest], Options) when is_atom(K) ->
+	case lists:member(K, Options) of
+		true -> merge_opts(Rest, Options);
+		false -> merge_opts(Rest, [K | Options])
+	end;
+merge_opts([_ | Rest], Options) ->
+	merge_opts(Rest, Options).
+