diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-10-29 12:51:31 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-11-19 22:54:30 +0000 |
commit | 017a15cbd290a6fd008f19d1873071f36a624b1b (patch) | |
tree | 3f788ea0d890eb3a13b9c973064cf544cc50d7ad /apps | |
parent | 786370b1b09b919d9306f27336e13783e4fe3fd0 (diff) |
New option no-ssl3-method which removes SSLv3_*method
When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3
options for s_client/s_server/ssltest.
When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3
options.
We should document this somewhere, e.g. wiki, FAQ or manual page.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 3881d8106df732fc433d30446625dfa2396da42d)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_client.c | 4 | ||||
-rw-r--r-- | apps/s_server.c | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 151d9dcaa2..a19c829bf0 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -338,7 +338,9 @@ static void sc_usage(void) BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); #endif BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); +#ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); +#endif BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); @@ -899,7 +901,7 @@ static char *jpake_secret = NULL; else if (strcmp(*argv,"-ssl2") == 0) meth=SSLv2_client_method(); #endif -#ifndef OPENSSL_NO_SSL3 +#ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); #endif diff --git a/apps/s_server.c b/apps/s_server.c index e0ec5fa700..a2004b065b 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -537,7 +537,9 @@ static void sv_usage(void) BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); #endif BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); +#ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); +#endif BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); @@ -1400,7 +1402,7 @@ int MAIN(int argc, char *argv[]) else if (strcmp(*argv,"-ssl2") == 0) { meth=SSLv2_server_method(); } #endif -#ifndef OPENSSL_NO_SSL3 +#ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) { meth=SSLv3_server_method(); } #endif |