diff options
Diffstat (limited to 'ssl/ssltest.c')
| -rw-r--r-- | ssl/ssltest.c | 56 |
1 files changed, 7 insertions, 49 deletions
diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 4f2f477a04..05f75aab12 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -773,9 +773,6 @@ static void sv_usage(void) fprintf(stderr," -srpuser user - SRP username to use\n"); fprintf(stderr," -srppass arg - password for 'user'\n"); #endif -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr," -ssl2 - use SSLv2\n"); -#endif #ifndef OPENSSL_NO_SSL3_METHOD fprintf(stderr," -ssl3 - use SSLv3\n"); #endif @@ -981,7 +978,7 @@ int main(int argc, char *argv[]) int badop=0; int bio_pair=0; int force=0; - int tls1=0,ssl2=0,ssl3=0,ret=1; + int tls1=0,ssl3=0,ret=1; int client_auth=0; int server_auth=0,i; struct app_verify_arg app_verify_arg = @@ -1164,13 +1161,6 @@ int main(int argc, char *argv[]) tls1=1; } #endif - else if (strcmp(*argv,"-ssl2") == 0) - { -#ifdef OPENSSL_NO_SSL2 - no_protocol = 1; -#endif - ssl2 = 1; - } else if (strcmp(*argv,"-tls1") == 0) { #ifdef OPENSSL_NO_TLS1 @@ -1398,15 +1388,15 @@ bad: goto end; } - if (ssl2 + ssl3 + tls1 > 1) + if (ssl3 + tls1 > 1) { - fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " + fprintf(stderr, "At most one of -ssl3, or -tls1 should " "be requested.\n"); EXIT(1); } /* - * Testing was requested for a compiled-out protocol (e.g. SSLv2). + * Testing was requested for a compiled-out protocol (e.g. SSLv3). * Ideally, we would error out, but the generic test wrapper can't know * when to expect failure. So we do nothing and return success. */ @@ -1418,11 +1408,11 @@ bad: goto end; } - if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) + if (!ssl3 && !tls1 && number > 1 && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl2, -ssl3, -tls1, -reuse\n" + "or add one of -ssl3, -tls1, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } @@ -1496,14 +1486,9 @@ bad: } #endif -/* At this point, ssl2/ssl3/tls1 is only set if the protocol is available. +/* At this point, ssl3/tls1 is only set if the protocol is available. * (Otherwise we exit early.) * However the compiler doesn't know this, so we ifdef. */ -#ifndef OPENSSL_NO_SSL2 - if (ssl2) - meth=SSLv2_method(); - else -#endif #ifndef OPENSSL_NO_SSL3 if (ssl3) meth=SSLv3_method(); @@ -2252,18 +2237,6 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { fprintf(stderr, "ERROR: got stuck\n"); - if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) - { - fprintf(stderr, "This can happen for SSL2 because " - "CLIENT-FINISHED and SERVER-VERIFY are written \n" - "concurrently ..."); - if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 - && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) - { - fprintf(stderr, " ok.\n"); - goto end; - } - } fprintf(stderr, " ERROR.\n"); goto err; } @@ -3347,21 +3320,6 @@ static int do_test_cipherlist(void) const SSL_METHOD *meth; const SSL_CIPHER *ci, *tci = NULL; -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr, "testing SSLv2 cipher list order: "); - meth = SSLv2_method(); - while ((ci = meth->get_cipher(i++)) != NULL) - { - if (tci != NULL) - if (ci->id >= tci->id) - { - fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); - return 0; - } - tci = ci; - } - fprintf(stderr, "ok\n"); -#endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, "testing SSLv3 cipher list order: "); meth = SSLv3_method(); |