remove ssl2 support even more completely.

in the process, always include ssl3 and tls1, we don't need config options for them. when the time comes to expire ssl3, it will be with an ax. checked by miod
author: tedu <> 2014-04-15 21:47:56 +0000
committer: tedu <> 2014-04-15 21:47:56 +0000
commit: d29691e0c778ae0a3a5eb74acbb053caacdee990 (patch)
tree: e9ca306a8d286d0b62f82cb4b82cffd7dfbb0e70 /src/lib/libssl/src/ssl/ssltest.c
parent: 0fccfaa49773dea8f4e6d9930d774dd2a44b33db (diff)
download: openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.gz
openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.bz2
openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.zip
1 files changed, 0 insertions, 39 deletions
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index ea236df44d..771c50a3e1 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -324,15 +324,8 @@ sv_usage(void)
        fprintf(stderr, " -srpuser user  - SRP username to use\n");
        fprintf(stderr, " -srppass arg   - password for 'user'\n");
 #endif
-#ifndef OPENSSL_NO_SSL2
-        fprintf(stderr, " -ssl2         - use SSLv2\n");
-#endif
-#ifndef OPENSSL_NO_SSL3
        fprintf(stderr, " -ssl3         - use SSLv3\n");
-#endif
-#ifndef OPENSSL_NO_TLS1
        fprintf(stderr, " -tls1         - use TLSv1\n");
-#endif
        fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
        fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
        fprintf(stderr, " -cert arg     - Server certificate file\n");
@@ -778,27 +771,12 @@ bad:
        }
 #endif
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-        if (ssl2)
-                meth = SSLv2_method();
-        else if (tls1)
-                meth = TLSv1_method();
-        else if (ssl3)
-                meth = SSLv3_method();
-        else
-                meth = SSLv23_method();
-#else
-#ifdef OPENSSL_NO_SSL2
        if (tls1)
                meth = TLSv1_method();
        else if (ssl3)
                meth = SSLv3_method();
        else
                meth = SSLv23_method();
-#else
-        meth = SSLv2_method();
-#endif
-#endif
        c_ctx = SSL_CTX_new(meth);
        s_ctx = SSL_CTX_new(meth);
@@ -2325,20 +2303,6 @@ do_test_cipherlist(void)
        const SSL_METHOD *meth;
        const SSL_CIPHER *ci, *tci = NULL;
-#ifndef OPENSSL_NO_SSL2
-        fprintf(stderr, "testing SSLv2 cipher list order: ");
-        meth = SSLv2_method();
-        while ((ci = meth->get_cipher(i++)) != NULL) {
-                if (tci != NULL)
-                        if (ci->id >= tci->id) {
-                        fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
-                        return 0;
-                }
-                tci = ci;
-        }
-        fprintf(stderr, "ok\n");
-#endif
-#ifndef OPENSSL_NO_SSL3
        fprintf(stderr, "testing SSLv3 cipher list order: ");
        meth = SSLv3_method();
        tci = NULL;
@@ -2351,8 +2315,6 @@ do_test_cipherlist(void)
                tci = ci;
        }
        fprintf(stderr, "ok\n");
-#endif
-#ifndef OPENSSL_NO_TLS1
        fprintf(stderr, "testing TLSv1 cipher list order: ");
        meth = TLSv1_method();
        tci = NULL;
@@ -2365,7 +2327,6 @@ do_test_cipherlist(void)
                tci = ci;
        }
        fprintf(stderr, "ok\n");
-#endif
        return 1;
 }
author	tedu <>	2014-04-15 21:47:56 +0000
committer	tedu <>	2014-04-15 21:47:56 +0000
commit	d29691e0c778ae0a3a5eb74acbb053caacdee990 (patch)
tree	e9ca306a8d286d0b62f82cb4b82cffd7dfbb0e70 /src/lib/libssl/src/ssl/ssltest.c
parent	0fccfaa49773dea8f4e6d9930d774dd2a44b33db (diff)
download	openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.gz openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.bz2 openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.zip

diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c index ea236df44d..771c50a3e1 100644 --- a/src/lib/libssl/src/ssl/ssltest.c +++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -324,15 +324,8 @@ sv_usage(void)
324	fprintf(stderr, " -srpuser user - SRP username to use\n");	324	fprintf(stderr, " -srpuser user - SRP username to use\n");
325	fprintf(stderr, " -srppass arg - password for 'user'\n");	325	fprintf(stderr, " -srppass arg - password for 'user'\n");
326	#endif	326	#endif
327	#ifndef OPENSSL_NO_SSL2
328	fprintf(stderr, " -ssl2 - use SSLv2\n");
329	#endif
330	#ifndef OPENSSL_NO_SSL3
331	fprintf(stderr, " -ssl3 - use SSLv3\n");	327	fprintf(stderr, " -ssl3 - use SSLv3\n");
332	#endif
333	#ifndef OPENSSL_NO_TLS1
334	fprintf(stderr, " -tls1 - use TLSv1\n");	328	fprintf(stderr, " -tls1 - use TLSv1\n");
335	#endif
336	fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");	329	fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
337	fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");	330	fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
338	fprintf(stderr, " -cert arg - Server certificate file\n");	331	fprintf(stderr, " -cert arg - Server certificate file\n");
@@ -778,27 +771,12 @@ bad:
778	}	771	}
779	#endif	772	#endif
780		773
781	#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
782	if (ssl2)
783	meth = SSLv2_method();
784	else if (tls1)
785	meth = TLSv1_method();
786	else if (ssl3)
787	meth = SSLv3_method();
788	else
789	meth = SSLv23_method();
790	#else
791	#ifdef OPENSSL_NO_SSL2
792	if (tls1)	774	if (tls1)
793	meth = TLSv1_method();	775	meth = TLSv1_method();
794	else if (ssl3)	776	else if (ssl3)
795	meth = SSLv3_method();	777	meth = SSLv3_method();
796	else	778	else
797	meth = SSLv23_method();	779	meth = SSLv23_method();
798	#else
799	meth = SSLv2_method();
800	#endif
801	#endif
802		780
803	c_ctx = SSL_CTX_new(meth);	781	c_ctx = SSL_CTX_new(meth);
804	s_ctx = SSL_CTX_new(meth);	782	s_ctx = SSL_CTX_new(meth);
@@ -2325,20 +2303,6 @@ do_test_cipherlist(void)
2325	const SSL_METHOD *meth;	2303	const SSL_METHOD *meth;
2326	const SSL_CIPHER ci, tci = NULL;	2304	const SSL_CIPHER ci, tci = NULL;
2327		2305
2328	#ifndef OPENSSL_NO_SSL2
2329	fprintf(stderr, "testing SSLv2 cipher list order: ");
2330	meth = SSLv2_method();
2331	while ((ci = meth->get_cipher(i++)) != NULL) {
2332	if (tci != NULL)
2333	if (ci->id >= tci->id) {
2334	fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2335	return 0;
2336	}
2337	tci = ci;
2338	}
2339	fprintf(stderr, "ok\n");
2340	#endif
2341	#ifndef OPENSSL_NO_SSL3
2342	fprintf(stderr, "testing SSLv3 cipher list order: ");	2306	fprintf(stderr, "testing SSLv3 cipher list order: ");
2343	meth = SSLv3_method();	2307	meth = SSLv3_method();
2344	tci = NULL;	2308	tci = NULL;
@@ -2351,8 +2315,6 @@ do_test_cipherlist(void)
2351	tci = ci;	2315	tci = ci;
2352	}	2316	}
2353	fprintf(stderr, "ok\n");	2317	fprintf(stderr, "ok\n");
2354	#endif
2355	#ifndef OPENSSL_NO_TLS1
2356	fprintf(stderr, "testing TLSv1 cipher list order: ");	2318	fprintf(stderr, "testing TLSv1 cipher list order: ");
2357	meth = TLSv1_method();	2319	meth = TLSv1_method();
2358	tci = NULL;	2320	tci = NULL;
@@ -2365,7 +2327,6 @@ do_test_cipherlist(void)
2365	tci = ci;	2327	tci = ci;
2366	}	2328	}
2367	fprintf(stderr, "ok\n");	2329	fprintf(stderr, "ok\n");
2368	#endif
2369		2330
2370	return 1;	2331	return 1;
2371	}	2332	}