Suppress CT callback as appropriate

[openssl.git] / test / ssltest_old.c

diff --git a/test/ssltest_old.c b/test/ssltest_old.c
index 8018b3bd161992f188adfe680a271d632e0d02d5..e3f8d774cb9d60484a98c92883996bab111f4dbe 100644 (file)
--- a/test/ssltest_old.c
+++ b/test/ssltest_old.c
@@ -1113,7 +1113,7 @@ int main(int argc, char *argv[])
      * Disable CT validation by default, because it will interfere with
      * anything using custom extension handlers to deal with SCT extensions.
      */
-    ct_validation_cb ct_validation = NULL;
+    int ct_validation = 0;
 #endif
     SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
     STACK_OF(OPENSSL_STRING) *conf_args = NULL;
@@ -1300,13 +1300,10 @@ int main(int argc, char *argv[])
         }
 #ifndef OPENSSL_NO_CT
         else if (strcmp(*argv, "-noct") == 0) {
-            ct_validation = NULL;
+            ct_validation = 0;
         }
-        else if (strcmp(*argv, "-requestct") == 0) {
-            ct_validation = CT_verify_no_bad_scts;
-        }
-        else if (strcmp(*argv, "-requirect") == 0) {
-            ct_validation = CT_verify_at_least_one_good_sct;
+        else if (strcmp(*argv, "-ct") == 0) {
+            ct_validation = 1;
         }
 #endif
 #ifndef OPENSSL_NO_COMP
@@ -1633,7 +1630,8 @@ int main(int argc, char *argv[])
     }
 
 #ifndef OPENSSL_NO_CT
-    if (!SSL_CTX_set_ct_validation_callback(c_ctx, ct_validation, NULL)) {
+    if (ct_validation &&
+        !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) {
         ERR_print_errors(bio_err);
         goto end;
     }