1 files changed, 4 insertions, 31 deletions

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f45b6dd6d3..5543defa47 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
 
 	sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
 		&(ctx->cipher_list_by_id),
-		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ctx->cert);
+		SSL_DEFAULT_CIPHER_LIST, ctx->cert);
 	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
 		{
 		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@@ -488,17 +488,6 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
 	r.ssl_version = ssl->version;
 	r.session_id_length = id_len;
 	memcpy(r.session_id, id, id_len);
-	/* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
-	 * callback is calling us to check the uniqueness of a shorter ID, it
-	 * must be compared as a padded-out ID because that is what it will be
-	 * converted to when the callback has finished choosing it. */
-	if((r.ssl_version == SSL2_VERSION) &&
-			(id_len < SSL2_SSL_SESSION_ID_LENGTH))
-		{
-		memset(r.session_id + id_len, 0,
-			SSL2_SSL_SESSION_ID_LENGTH - id_len);
-		r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-		}
 
 	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
 	p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
@@ -1943,7 +1932,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 /*	ret->cipher=NULL;*/
 /*	ret->s2->challenge=NULL;
 	ret->master_key=NULL;
-	ret->key_arg=NULL;
 	ret->s2->conn_id=NULL; */
 
 	ret->info_callback=NULL;
@@ -1977,7 +1965,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
 	ssl_create_cipher_list(ret->method,
 		&ret->cipher_list,&ret->cipher_list_by_id,
-		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ret->cert);
+		SSL_DEFAULT_CIPHER_LIST, ret->cert);
 	if (ret->cipher_list == NULL
 	    || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
 		{
@@ -1989,11 +1977,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	if (!ret->param)
 		goto err;
 
-	if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
-		{
-		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
-		goto err2;
-		}
 	if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
@@ -2780,17 +2763,9 @@ int SSL_get_error(const SSL *s,int i)
 
 	if (i == 0)
 		{
-		if (s->version == SSL2_VERSION)
-			{
-			/* assume it is the socket being closed */
+		if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+			(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
 			return(SSL_ERROR_ZERO_RETURN);
-			}
-		else
-			{
-			if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-				(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
-				return(SSL_ERROR_ZERO_RETURN);
-			}
 		}
 	return(SSL_ERROR_SYSCALL);
 	}
@@ -2874,8 +2849,6 @@ const char *SSL_get_version(const SSL *s)
 		return("TLSv1");
 	else if (s->version == SSL3_VERSION)
 		return("SSLv3");
-	else if (s->version == SSL2_VERSION)
-		return("SSLv2");
 	else
 		return("unknown");
 	}