generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New option no-ssl3-method which removes SSLv3_*method

Browse Source 
When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3
options for s_client/s_server/ssltest.

When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3
options.

We should document this somewhere, e.g. wiki, FAQ or manual page.
Reviewed-by: Emilia Käsper <emilia@openssl.org>

(cherry picked from commit 3881d8106d)
This commit is contained in:
Dr. Stephen Henson
2014-10-29 12:51:31 +00:00
parent 786370b1b0
commit 017a15cbd2
11 changed files with 42 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/s_server.c
View File

@@ -537,7 +537,9 @@ static void sv_usage(void)
BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
#endif
BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
#ifndef OPENSSL_NO_SSL3_METHOD
BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
#endif
BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n");
BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n");
BIO_printf(bio_err," -tls1 - Just talk TLSv1\n");
@@ -1400,7 +1402,7 @@ int MAIN(int argc, char *argv[])
else if (strcmp(*argv,"-ssl2") == 0)
{ meth=SSLv2_server_method(); }
#endif
#ifndef OPENSSL_NO_SSL3
#ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv,"-ssl3") == 0)
{ meth=SSLv3_server_method(); }
#endif