Make no-ssl2 work including on Win32 builds.

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 907e305259ae352b8e34576ebb360201e713a692..99146041091087eb2757c316b773be8fc3725c88 100644 (file)
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -412,9 +412,6 @@ long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
        return(0);
        }
 
-IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
-                                   ssl_cipher_id);
-
 /* This function needs to check if the ciphers required are actually
  * available */
 const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 893eb6ece39d23a1f0747010fc7e8e1bb7b7811c..e8d03bf914972b2e59f836ecd060bed45a6fe6fa 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1595,9 +1595,11 @@ const char *SSL_get_version(const SSL *s);
 /* This sets the 'default' SSL version that SSL_new() will create */
 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
 
+#ifndef OPENSSL_NO_SSL2
 const SSL_METHOD *SSLv2_method(void);          /* SSLv2 */
 const SSL_METHOD *SSLv2_server_method(void);   /* SSLv2 */
 const SSL_METHOD *SSLv2_client_method(void);   /* SSLv2 */
+#endif
 
 const SSL_METHOD *SSLv3_method(void);          /* SSLv3 */
 const SSL_METHOD *SSLv3_server_method(void);   /* SSLv3 */

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 17fc536636715b85d0e4d879211786ac416f577a..24cd4268e4033989900e7de140937ede528097ed 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2986,3 +2986,6 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
 
 IMPLEMENT_STACK_OF(SSL_CIPHER)
 IMPLEMENT_STACK_OF(SSL_COMP)
+IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
+                                   ssl_cipher_id);
+

diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 0ed7cb4ac8cbadd0158ed62219f198a5226c456e..6b052fa31ca85d68e495f7434475c85093cdb09f 100755 (executable)
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -736,8 +736,8 @@ sub var_add
        @a=grep(!/^e_camellia$/,@a) if $no_camellia;
        @a=grep(!/^e_seed$/,@a) if $no_seed;
 
-       @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
-       @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+       #@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+       #@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
 
        @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
 

diff --git a/util/mkdef.pl b/util/mkdef.pl
index 96aa51af2effe10669c6c52e56697460162c79aa..29a5b9657159401c1098c639a51aa95ec848ef3b 100755 (executable)
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -103,6 +103,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                         "CMS",
                         # CryptoAPI Engine
                         "CAPIENG",
+                        # SSL v2
+                        "SSL2",
                         # JPAKE
                         "JPAKE",
                         # Deprecated functions
@@ -125,7 +127,7 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
 my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
 my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
 my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake;
+my $no_jpake; my $no_ssl2;
 
 my $zlib;
 
@@ -213,6 +215,7 @@ foreach (@ARGV, split(/ /, $options))
        elsif (/^no-rfc3779$/)  { $no_rfc3779=1; }
        elsif (/^no-tlsext$/)   { $no_tlsext=1; }
        elsif (/^no-cms$/)      { $no_cms=1; }
+       elsif (/^no-ssl2$/)     { $no_ssl2=1; }
        elsif (/^no-capieng$/)  { $no_capieng=1; }
        elsif (/^no-jpake$/)    { $no_jpake=1; }
        }
@@ -1145,6 +1148,7 @@ sub is_valid
                        if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
                        if ($keyword eq "PSK" && $no_psk) { return 0; }
                        if ($keyword eq "CMS" && $no_cms) { return 0; }
+                       if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
                        if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
                        if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
                        if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }