Use the SSLv23 method by default

If SSLv2 and SSLv3 are both disabled we still support SSL/TLS. Reviewed-by: N Richard Levitte <levitte@openssl.org>

Use the SSLv23 method by default
If SSLv2 and SSLv3 are both disabled we still support SSL/TLS. Reviewed-by: N Richard Levitte <levitte@openssl.org>
961d2ddb · Kurt Roeckx · 8cfe08b4 · 961d2ddb · 961d2ddb
隐藏空白更改
内联并排

Showing with 0 addition and 15 deletion

apps/ocsp.c apps/ocsp.c +0 -9

apps/s_time.c apps/s_time.c +0 -6

未找到文件。
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1449,16 +1449,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
 	if (use_ssl == 1)
 		{
 		BIO *sbio;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 		ctx = SSL_CTX_new(SSLv23_client_method());
-#elif !defined(OPENSSL_NO_SSL3)
-		ctx = SSL_CTX_new(SSLv3_client_method());
-#elif !defined(OPENSSL_NO_SSL2)
-		ctx = SSL_CTX_new(SSLv2_client_method());
-#else
-		BIO_printf(err, "SSL is disabled\n");
-			goto end;
-#endif
 		if (ctx == NULL)
 			{
 			BIO_printf(err, "Error creating SSL context.\n");

--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -349,13 +349,7 @@ int MAIN(int argc, char **argv)
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	s_time_meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	s_time_meth=SSLv2_client_method();
-#endif
 	/* parse the command line arguments */
 	if( parseArgs( argc, argv ) < 0 )