X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fssltest.c;h=81292591d63c9b8f74d6a53e7f2f2143e63107ef;hb=77ff1f3b8bfaa348956c5096a2b829f2e767b4f1;hp=4f2f477a043d23871283cca5e306f544206abb5e;hpb=3881d8106df732fc433d30446625dfa2396da42d;p=openssl.git diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 4f2f477a04..81292591d6 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -375,7 +375,8 @@ static const char *alpn_server; static const char *alpn_expected; static unsigned char *alpn_selected; -/* next_protos_parse parses a comma separated list of strings into a string +/*- + * next_protos_parse parses a comma separated list of strings into a string * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. * outlen: (output) set to the length of the resulting buffer on success. * err: (maybe NULL) on failure, an error message line is written to this BIO. @@ -545,7 +546,8 @@ static int verify_serverinfo() return 0; } -/* Four test cases for custom extensions: +/*- + * Four test cases for custom extensions: * 0 - no ClientHello extension or ServerHello response * 1 - ClientHello with "abc", no response * 2 - ClientHello with "abc", empty response @@ -773,9 +775,6 @@ static void sv_usage(void) fprintf(stderr," -srpuser user - SRP username to use\n"); fprintf(stderr," -srppass arg - password for 'user'\n"); #endif -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr," -ssl2 - use SSLv2\n"); -#endif #ifndef OPENSSL_NO_SSL3_METHOD fprintf(stderr," -ssl3 - use SSLv3\n"); #endif @@ -981,7 +980,7 @@ int main(int argc, char *argv[]) int badop=0; int bio_pair=0; int force=0; - int tls1=0,ssl2=0,ssl3=0,ret=1; + int tls1=0,ssl3=0,ret=1; int client_auth=0; int server_auth=0,i; struct app_verify_arg app_verify_arg = @@ -1164,13 +1163,6 @@ int main(int argc, char *argv[]) tls1=1; } #endif - else if (strcmp(*argv,"-ssl2") == 0) - { -#ifdef OPENSSL_NO_SSL2 - no_protocol = 1; -#endif - ssl2 = 1; - } else if (strcmp(*argv,"-tls1") == 0) { #ifdef OPENSSL_NO_TLS1 @@ -1398,15 +1390,15 @@ bad: goto end; } - if (ssl2 + ssl3 + tls1 > 1) + if (ssl3 + tls1 > 1) { - fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " + fprintf(stderr, "At most one of -ssl3, or -tls1 should " "be requested.\n"); EXIT(1); } /* - * Testing was requested for a compiled-out protocol (e.g. SSLv2). + * Testing was requested for a compiled-out protocol (e.g. SSLv3). * Ideally, we would error out, but the generic test wrapper can't know * when to expect failure. So we do nothing and return success. */ @@ -1418,11 +1410,11 @@ bad: goto end; } - if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) + if (!ssl3 && !tls1 && number > 1 && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl2, -ssl3, -tls1, -reuse\n" + "or add one of -ssl3, -tls1, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } @@ -1496,14 +1488,9 @@ bad: } #endif -/* At this point, ssl2/ssl3/tls1 is only set if the protocol is available. +/* At this point, ssl3/tls1 is only set if the protocol is available. * (Otherwise we exit early.) * However the compiler doesn't know this, so we ifdef. */ -#ifndef OPENSSL_NO_SSL2 - if (ssl2) - meth=SSLv2_method(); - else -#endif #ifndef OPENSSL_NO_SSL3 if (ssl3) meth=SSLv3_method(); @@ -1867,8 +1854,6 @@ bad: (double)s_time/CLOCKS_PER_SEC, (double)c_time/CLOCKS_PER_SEC); #else - /* "`CLOCKS_PER_SEC' undeclared (first use this function)" - * -- cc on NeXTstep/OpenStep */ BIO_printf(bio_stdout, "Approximate total server time: %6.2f units\n" "Approximate total client time: %6.2f units\n", @@ -1941,7 +1926,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, do { - /* c_ssl_bio: SSL filter BIO + /*- + * c_ssl_bio: SSL filter BIO * * client: pseudo-I/O for SSL library * @@ -2252,18 +2238,6 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { fprintf(stderr, "ERROR: got stuck\n"); - if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) - { - fprintf(stderr, "This can happen for SSL2 because " - "CLIENT-FINISHED and SERVER-VERIFY are written \n" - "concurrently ..."); - if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 - && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) - { - fprintf(stderr, " ok.\n"); - goto end; - } - } fprintf(stderr, " ERROR.\n"); goto err; } @@ -2401,7 +2375,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) if (SSL_in_init(s_ssl)) printf("server waiting in SSL_accept - %s\n", SSL_state_string_long(s_ssl)); -/* else if (s_write) +/*- + else if (s_write) printf("server:SSL_write()\n"); else printf("server:SSL_read()\n"); */ @@ -2412,7 +2387,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) if (SSL_in_init(c_ssl)) printf("client waiting in SSL_connect - %s\n", SSL_state_string_long(c_ssl)); -/* else if (c_write) +/*- + else if (c_write) printf("client:SSL_write()\n"); else printf("client:SSL_read()\n"); */ @@ -2825,11 +2801,12 @@ static void process_proxy_debug(int indent, const char *format, ...) vfprintf(stderr, my_format, args); va_end(args); } -/* Priority levels: - 0 [!]var, () - 1 & ^ - 2 | -*/ +/*- + * Priority levels: + * 0 [!]var, () + * 1 & ^ + * 2 | + */ static int process_proxy_cond_adders(unsigned int letters[26], const char *cond, const char **cond_end, int *pos, int indent); static int process_proxy_cond_val(unsigned int letters[26], @@ -3181,7 +3158,8 @@ static void free_tmp_rsa(void) #endif #ifndef OPENSSL_NO_DH -/* These DH parameters have been generated as follows: +/*- + * These DH parameters have been generated as follows: * $ openssl dhparam -C -noout 512 * $ openssl dhparam -C -noout 1024 * $ openssl dhparam -C -noout -dsaparam 1024 @@ -3347,21 +3325,6 @@ static int do_test_cipherlist(void) const SSL_METHOD *meth; const SSL_CIPHER *ci, *tci = NULL; -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr, "testing SSLv2 cipher list order: "); - meth = SSLv2_method(); - while ((ci = meth->get_cipher(i++)) != NULL) - { - if (tci != NULL) - if (ci->id >= tci->id) - { - fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); - return 0; - } - tci = ci; - } - fprintf(stderr, "ok\n"); -#endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, "testing SSLv3 cipher list order: "); meth = SSLv3_method();