1 files changed, 5 insertions, 67 deletions
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c
index a7f6146c4c..12eb90699e 100644
--- a/src/usr.bin/openssl/s_server.c
+++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.56 2023/03/06 14:32:06 tb Exp $ */
+/* $OpenBSD: s_server.c,v 1.57 2023/07/03 06:22:07 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -341,18 +341,6 @@ s_server_opt_protocol_version_dtls(void)
 }
 #endif
-#ifndef OPENSSL_NO_DTLS1
-static int
-s_server_opt_protocol_version_dtls1(void)
-{
-        cfg.meth = DTLS_server_method();
-        cfg.min_version = DTLS1_VERSION;
-        cfg.max_version = DTLS1_VERSION;
-        cfg.socket_type = SOCK_DGRAM;
-        return (0);
-}
-#endif
 #ifndef OPENSSL_NO_DTLS1_2
 static int
 s_server_opt_protocol_version_dtls1_2(void)
@@ -366,22 +354,6 @@ s_server_opt_protocol_version_dtls1_2(void)
 #endif
 static int
-s_server_opt_protocol_version_tls1(void)
-{
-        cfg.min_version = TLS1_VERSION;
-        cfg.max_version = TLS1_VERSION;
-        return (0);
-}
-static int
-s_server_opt_protocol_version_tls1_1(void)
-{
-        cfg.min_version = TLS1_1_VERSION;
-        cfg.max_version = TLS1_1_VERSION;
-        return (0);
-}
-static int
 s_server_opt_protocol_version_tls1_2(void)
 {
        cfg.min_version = TLS1_2_VERSION;
@@ -648,14 +620,6 @@ static const struct option s_server_options[] = {
                .opt.func = s_server_opt_protocol_version_dtls,
        },
 #endif
-#ifndef OPENSSL_NO_DTLS1
-        {
-                .name = "dtls1",
-                .desc = "Just use DTLSv1",
-                .type = OPTION_FUNC,
-                .opt.func = s_server_opt_protocol_version_dtls1,
-        },
-#endif
 #ifndef OPENSSL_NO_DTLS1_2
        {
                .name = "dtls1_2",
@@ -817,20 +781,6 @@ static const struct option s_server_options[] = {
                .value = SSL_OP_NO_SSLv3,
        },
        {
-                .name = "no_tls1",
-                .desc = "Just disable TLSv1",
-                .type = OPTION_VALUE_OR,
-                .opt.value = &cfg.off,
-                .value = SSL_OP_NO_TLSv1,
-        },
-        {
-                .name = "no_tls1_1",
-                .desc = "Just disable TLSv1.1",
-                .type = OPTION_VALUE_OR,
-                .opt.value = &cfg.off,
-                .value = SSL_OP_NO_TLSv1_1,
-        },
-        {
                .name = "no_tls1_2",
                .desc = "Just disable TLSv1.2",
                .type = OPTION_VALUE_OR,
@@ -935,18 +885,6 @@ static const struct option s_server_options[] = {
        },
 #endif
        {
-                .name = "tls1",
-                .desc = "Just talk TLSv1",
-                .type = OPTION_FUNC,
-                .opt.func = s_server_opt_protocol_version_tls1,
-        },
-        {
-                .name = "tls1_1",
-                .desc = "Just talk TLSv1.1",
-                .type = OPTION_FUNC,
-                .opt.func = s_server_opt_protocol_version_tls1_1,
-        },
-        {
                .name = "tls1_2",
                .desc = "Just talk TLSv1.2",
                .type = OPTION_FUNC,
@@ -1050,17 +988,17 @@ sv_usage(void)
            "    [-context id] [-crl_check] [-crl_check_all] [-crlf]\n"
            "    [-dcert file] [-dcertform der | pem] [-debug]\n"
            "    [-dhparam file] [-dkey file] [-dkeyform der | pem]\n"
-            "    [-dpass arg] [-dtls] [-dtls1] [-dtls1_2] [-groups list] [-HTTP]\n"
+            "    [-dpass arg] [-dtls] [-dtls1_2] [-groups list] [-HTTP]\n"
            "    [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n"
            "    [-keyform der | pem] [-keymatexport label]\n"
            "    [-keymatexportlen len] [-msg] [-mtu mtu] [-naccept num]\n"
            "    [-named_curve arg] [-nbio] [-nbio_test] [-no_cache]\n"
-            "    [-no_dhe] [-no_ecdhe] [-no_ticket] [-no_tls1]\n"
+            "    [-no_dhe] [-no_ecdhe] [-no_ticket] \n"
-            "    [-no_tls1_1] [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"
+            "    [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"
            "    [-nocert] [-pass arg] [-quiet] [-servername name]\n"
            "    [-servername_fatal] [-serverpref] [-state] [-status]\n"
            "    [-status_timeout nsec] [-status_url url]\n"
-            "    [-status_verbose] [-timeout] [-tls1] [-tls1_1]\n"
+            "    [-status_verbose] [-timeout] \n"
            "    [-tls1_2] [-tls1_3] [-tlsextdebug] [-use_srtp profiles]\n"
            "    [-Verify depth] [-verify depth] [-verify_return_error]\n"
            "    [-WWW] [-www]\n");

diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index a7f6146c4c..12eb90699e 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s_server.c,v 1.56 2023/03/06 14:32:06 tb Exp $ */	1	/* $OpenBSD: s_server.c,v 1.57 2023/07/03 06:22:07 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -341,18 +341,6 @@ s_server_opt_protocol_version_dtls(void)
341	}	341	}
342	#endif	342	#endif
343		343
344	#ifndef OPENSSL_NO_DTLS1
345	static int
346	s_server_opt_protocol_version_dtls1(void)
347	{
348	cfg.meth = DTLS_server_method();
349	cfg.min_version = DTLS1_VERSION;
350	cfg.max_version = DTLS1_VERSION;
351	cfg.socket_type = SOCK_DGRAM;
352	return (0);
353	}
354	#endif
355
356	#ifndef OPENSSL_NO_DTLS1_2	344	#ifndef OPENSSL_NO_DTLS1_2
357	static int	345	static int
358	s_server_opt_protocol_version_dtls1_2(void)	346	s_server_opt_protocol_version_dtls1_2(void)
@@ -366,22 +354,6 @@ s_server_opt_protocol_version_dtls1_2(void)
366	#endif	354	#endif
367		355
368	static int	356	static int
369	s_server_opt_protocol_version_tls1(void)
370	{
371	cfg.min_version = TLS1_VERSION;
372	cfg.max_version = TLS1_VERSION;
373	return (0);
374	}
375
376	static int
377	s_server_opt_protocol_version_tls1_1(void)
378	{
379	cfg.min_version = TLS1_1_VERSION;
380	cfg.max_version = TLS1_1_VERSION;
381	return (0);
382	}
383
384	static int
385	s_server_opt_protocol_version_tls1_2(void)	357	s_server_opt_protocol_version_tls1_2(void)
386	{	358	{
387	cfg.min_version = TLS1_2_VERSION;	359	cfg.min_version = TLS1_2_VERSION;
@@ -648,14 +620,6 @@ static const struct option s_server_options[] = {
648	.opt.func = s_server_opt_protocol_version_dtls,	620	.opt.func = s_server_opt_protocol_version_dtls,
649	},	621	},
650	#endif	622	#endif
651	#ifndef OPENSSL_NO_DTLS1
652	{
653	.name = "dtls1",
654	.desc = "Just use DTLSv1",
655	.type = OPTION_FUNC,
656	.opt.func = s_server_opt_protocol_version_dtls1,
657	},
658	#endif
659	#ifndef OPENSSL_NO_DTLS1_2	623	#ifndef OPENSSL_NO_DTLS1_2
660	{	624	{
661	.name = "dtls1_2",	625	.name = "dtls1_2",
@@ -817,20 +781,6 @@ static const struct option s_server_options[] = {
817	.value = SSL_OP_NO_SSLv3,	781	.value = SSL_OP_NO_SSLv3,
818	},	782	},
819	{	783	{
820	.name = "no_tls1",
821	.desc = "Just disable TLSv1",
822	.type = OPTION_VALUE_OR,
823	.opt.value = &cfg.off,
824	.value = SSL_OP_NO_TLSv1,
825	},
826	{
827	.name = "no_tls1_1",
828	.desc = "Just disable TLSv1.1",
829	.type = OPTION_VALUE_OR,
830	.opt.value = &cfg.off,
831	.value = SSL_OP_NO_TLSv1_1,
832	},
833	{
834	.name = "no_tls1_2",	784	.name = "no_tls1_2",
835	.desc = "Just disable TLSv1.2",	785	.desc = "Just disable TLSv1.2",
836	.type = OPTION_VALUE_OR,	786	.type = OPTION_VALUE_OR,
@@ -935,18 +885,6 @@ static const struct option s_server_options[] = {
935	},	885	},
936	#endif	886	#endif
937	{	887	{
938	.name = "tls1",
939	.desc = "Just talk TLSv1",
940	.type = OPTION_FUNC,
941	.opt.func = s_server_opt_protocol_version_tls1,
942	},
943	{
944	.name = "tls1_1",
945	.desc = "Just talk TLSv1.1",
946	.type = OPTION_FUNC,
947	.opt.func = s_server_opt_protocol_version_tls1_1,
948	},
949	{
950	.name = "tls1_2",	888	.name = "tls1_2",
951	.desc = "Just talk TLSv1.2",	889	.desc = "Just talk TLSv1.2",
952	.type = OPTION_FUNC,	890	.type = OPTION_FUNC,
@@ -1050,17 +988,17 @@ sv_usage(void)
1050	" [-context id] [-crl_check] [-crl_check_all] [-crlf]\n"	988	" [-context id] [-crl_check] [-crl_check_all] [-crlf]\n"
1051	" [-dcert file] [-dcertform der \| pem] [-debug]\n"	989	" [-dcert file] [-dcertform der \| pem] [-debug]\n"
1052	" [-dhparam file] [-dkey file] [-dkeyform der \| pem]\n"	990	" [-dhparam file] [-dkey file] [-dkeyform der \| pem]\n"
1053	" [-dpass arg] [-dtls] [-dtls1] [-dtls1_2] [-groups list] [-HTTP]\n"	991	" [-dpass arg] [-dtls] [-dtls1_2] [-groups list] [-HTTP]\n"
1054	" [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n"	992	" [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n"
1055	" [-keyform der \| pem] [-keymatexport label]\n"	993	" [-keyform der \| pem] [-keymatexport label]\n"
1056	" [-keymatexportlen len] [-msg] [-mtu mtu] [-naccept num]\n"	994	" [-keymatexportlen len] [-msg] [-mtu mtu] [-naccept num]\n"
1057	" [-named_curve arg] [-nbio] [-nbio_test] [-no_cache]\n"	995	" [-named_curve arg] [-nbio] [-nbio_test] [-no_cache]\n"
1058	" [-no_dhe] [-no_ecdhe] [-no_ticket] [-no_tls1]\n"	996	" [-no_dhe] [-no_ecdhe] [-no_ticket] \n"
1059	" [-no_tls1_1] [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"	997	" [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"
1060	" [-nocert] [-pass arg] [-quiet] [-servername name]\n"	998	" [-nocert] [-pass arg] [-quiet] [-servername name]\n"
1061	" [-servername_fatal] [-serverpref] [-state] [-status]\n"	999	" [-servername_fatal] [-serverpref] [-state] [-status]\n"
1062	" [-status_timeout nsec] [-status_url url]\n"	1000	" [-status_timeout nsec] [-status_url url]\n"
1063	" [-status_verbose] [-timeout] [-tls1] [-tls1_1]\n"	1001	" [-status_verbose] [-timeout] \n"
1064	" [-tls1_2] [-tls1_3] [-tlsextdebug] [-use_srtp profiles]\n"	1002	" [-tls1_2] [-tls1_3] [-tlsextdebug] [-use_srtp profiles]\n"
1065	" [-Verify depth] [-verify depth] [-verify_return_error]\n"	1003	" [-Verify depth] [-verify depth] [-verify_return_error]\n"
1066	" [-WWW] [-www]\n");	1004	" [-WWW] [-www]\n");