Client side version negotiation rewrite

Continuing from the previous commit this changes the way we do client side
version negotiation. Similarly all of the s23* "up front" state machine code
has been avoided and again things now work much the same way as they already
did for DTLS, i.e. we just do most of the work in the
ssl3_get_server_hello() function.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

3 files changed, 3 insertions, 3 deletions

diff --git a/apps/ocsp.c b/apps/ocsp.c
index d52da18a5e..c71b0d6d2c 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1261,7 +1261,7 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
         BIO_set_conn_port(cbio, port);
     if (use_ssl == 1) {
         BIO *sbio;
-        ctx = SSL_CTX_new(SSLv23_client_method());
+        ctx = SSL_CTX_new(TLS_client_method());
         if (ctx == NULL) {
             BIO_printf(bio_err, "Error creating SSL context.\n");
             goto end;
diff --git a/apps/s_client.c b/apps/s_client.c
index ba411f2e11..339e4517db 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -636,7 +636,7 @@ int s_client_main(int argc, char **argv)
     SSL_CONF_CTX *cctx = NULL;
     STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
     STACK_OF(X509_CRL) *crls = NULL;
-    const SSL_METHOD *meth = SSLv23_client_method();
+    const SSL_METHOD *meth = TLS_client_method();
     char *CApath = NULL, *CAfile = NULL, *cbuf = NULL, *sbuf = NULL, *mbuf =
         NULL;
     char *cert_file = NULL, *key_file = NULL, *chain_file = NULL, *prog;
diff --git a/apps/s_time.c b/apps/s_time.c
index 5bca72ba72..74decd23bc 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -167,7 +167,7 @@ int s_time_main(int argc, char **argv)
     int exitNow = 0;            /* Set when it's time to exit main */
 #endif
 
-    meth = SSLv23_client_method();
+    meth = TLS_client_method();
     verify_depth = 0;
     verify_error = X509_V_OK;