generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use the SSLv23 method by default

Browse Source 
If SSLv2 and SSLv3 are both disabled we still support SSL/TLS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Kurt Roeckx 2014-11-29 16:17:54 +01:00
parent 6a7a4a4e19
commit e9f47de1f0
2 changed files with 0 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/ocsp.c
View File

@ -1448,16 +1448,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
if (use_ssl == 1) if (use_ssl == 1)
{ {
BIO *sbio; BIO *sbio;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv23_client_method()); ctx = SSL_CTX_new(SSLv23_client_method());
#elif !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv3_client_method());
#elif !defined(OPENSSL_NO_SSL2)
ctx = SSL_CTX_new(SSLv2_client_method());
#else
BIO_printf(err, "SSL is disabled\n");
goto end;
#endif
if (ctx == NULL) if (ctx == NULL)
{ {
BIO_printf(err, "Error creating SSL context.\n"); BIO_printf(err, "Error creating SSL context.\n");

6
apps/s_time.c
View File

@ -349,13 +349,7 @@ int MAIN(int argc, char **argv)
if (bio_err == NULL) if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
s_time_meth=SSLv23_client_method(); s_time_meth=SSLv23_client_method();
#elif !defined(OPENSSL_NO_SSL3)
s_time_meth=SSLv3_client_method();
#elif !defined(OPENSSL_NO_SSL2)
s_time_meth=SSLv2_client_method();
#endif
/* parse the command line arguments */ /* parse the command line arguments */
if( parseArgs( argc, argv ) < 0 ) if( parseArgs( argc, argv ) < 0 )