Commit 961d2ddb authored Nov 29, 2014 by Kurt Roeckx

Use the SSLv23 method by default



If SSLv2 and SSLv3 are both disabled we still support SSL/TLS.

Reviewed-by: Richard Levitte <levitte@openssl.org>

parent 8cfe08b4

apps/ocsp.c

+0 −9

Original line number	Diff line number	Diff line
		@@ -1449,16 +1449,7 @@ OCSP_RESPONSE process_responder(BIO err, OCSP_REQUEST *req,
		if (use_ssl == 1)
		{
		BIO *sbio;
		#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
		ctx = SSL_CTX_new(SSLv23_client_method());
		#elif !defined(OPENSSL_NO_SSL3)
		ctx = SSL_CTX_new(SSLv3_client_method());
		#elif !defined(OPENSSL_NO_SSL2)
		ctx = SSL_CTX_new(SSLv2_client_method());
		#else
		BIO_printf(err, "SSL is disabled\n");
		goto end;
		#endif
		if (ctx == NULL)
		{
		BIO_printf(err, "Error creating SSL context.\n");

apps/s_time.c

+0 −6

Original line number	Diff line number	Diff line
		@@ -349,13 +349,7 @@ int MAIN(int argc, char **argv)
		if (bio_err == NULL)
		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);

		#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
		s_time_meth=SSLv23_client_method();
		#elif !defined(OPENSSL_NO_SSL3)
		s_time_meth=SSLv3_client_method();
		#elif !defined(OPENSSL_NO_SSL2)
		s_time_meth=SSLv2_client_method();
		#endif

		/* parse the command line arguments */
		if( parseArgs( argc, argv ) < 0 )