fprintf(stderr," -srpuser user - SRP username to use\n");
fprintf(stderr," -srppass arg - password for 'user'\n");
#endif
-#ifndef OPENSSL_NO_SSL2
- fprintf(stderr," -ssl2 - use SSLv2\n");
-#endif
#ifndef OPENSSL_NO_SSL3_METHOD
fprintf(stderr," -ssl3 - use SSLv3\n");
#endif
int badop=0;
int bio_pair=0;
int force=0;
- int tls1=0,ssl2=0,ssl3=0,ret=1;
+ int tls1=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
struct app_verify_arg app_verify_arg =
tls1=1;
}
#endif
- else if (strcmp(*argv,"-ssl2") == 0)
- {
-#ifdef OPENSSL_NO_SSL2
- no_protocol = 1;
-#endif
- ssl2 = 1;
- }
else if (strcmp(*argv,"-tls1") == 0)
{
#ifdef OPENSSL_NO_TLS1
goto end;
}
- if (ssl2 + ssl3 + tls1 > 1)
+ if (ssl3 + tls1 > 1)
{
- fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
+ fprintf(stderr, "At most one of -ssl3, or -tls1 should "
"be requested.\n");
EXIT(1);
}
/*
- * Testing was requested for a compiled-out protocol (e.g. SSLv2).
+ * Testing was requested for a compiled-out protocol (e.g. SSLv3).
* Ideally, we would error out, but the generic test wrapper can't know
* when to expect failure. So we do nothing and return success.
*/
goto end;
}
- if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
+ if (!ssl3 && !tls1 && number > 1 && !reuse && !force)
{
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
- "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
+ "or add one of -ssl3, -tls1, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
}
#endif
-/* At this point, ssl2/ssl3/tls1 is only set if the protocol is available.
+/* At this point, ssl3/tls1 is only set if the protocol is available.
* (Otherwise we exit early.)
* However the compiler doesn't know this, so we ifdef. */
-#ifndef OPENSSL_NO_SSL2
- if (ssl2)
- meth=SSLv2_method();
- else
-#endif
#ifndef OPENSSL_NO_SSL3
if (ssl3)
meth=SSLv3_method();
if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
{
fprintf(stderr, "ERROR: got stuck\n");
- if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
- {
- fprintf(stderr, "This can happen for SSL2 because "
- "CLIENT-FINISHED and SERVER-VERIFY are written \n"
- "concurrently ...");
- if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
- && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
- {
- fprintf(stderr, " ok.\n");
- goto end;
- }
- }
fprintf(stderr, " ERROR.\n");
goto err;
}
const SSL_METHOD *meth;
const SSL_CIPHER *ci, *tci = NULL;
-#ifndef OPENSSL_NO_SSL2
- fprintf(stderr, "testing SSLv2 cipher list order: ");
- meth = SSLv2_method();
- while ((ci = meth->get_cipher(i++)) != NULL)
- {
- if (tci != NULL)
- if (ci->id >= tci->id)
- {
- fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
- return 0;
- }
- tci = ci;
- }
- fprintf(stderr, "ok\n");
-#endif
#ifndef OPENSSL_NO_SSL3
fprintf(stderr, "testing SSLv3 cipher list order: ");
meth = SSLv3_method();
projects / openssl.git / blobdiff