summaryrefslogtreecommitdiffstats
path: root/ssl/s23_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/s23_clnt.c')
-rw-r--r--ssl/s23_clnt.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 6db98e92f5..067216b1a2 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -68,8 +68,10 @@ static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
+#ifndef NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
+#endif
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
@@ -307,7 +309,7 @@ static int ssl23_get_server_hello(SSL *s)
{
char buf[8];
unsigned char *p;
- int i,ch_len;
+ int i;
int n;
n=ssl23_read_bytes(s,7);
@@ -320,9 +322,14 @@ static int ssl23_get_server_hello(SSL *s)
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
+#ifdef NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
+ int ch_len;
if (s->options & SSL_OP_NO_SSLv2)
{
@@ -375,6 +382,7 @@ static int ssl23_get_server_hello(SSL *s)
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
+#endif
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-26 09:44:03 +0000