On 29/06/16 01:03, Jeffrey Walton wrote: > On Mon, Jun 27, 2016 at 3:49 PM, Michael Wojcik > <Michael.Wojcik at microfocus.com> wrote: >> SSLv2 is no longer supported, and neither are the SSLv2_*_method calls. (And >> yes, this causes build problems when updating to newer OpenSSL builds; and >> while that causes some pain, it was the Right Thing to do.) >> >> As Rich said, don't use SSLv2. Don't use SSLv3. If you can help it, don't >> use anything older than TLSv1.2. > > The library should have unconditionally set OPENSSL_NO_SSL2 when it > yanked SSLv2 support. Iit was warned about use cases like this. > > When SSLv2 was re-added to return NULL because, it still omitted > OPENSSL_NO_SSL2. Huh? We do define it? >From my 1.0.2 opensslconf.h: #ifndef OPENSSL_NO_SSL2 # define OPENSSL_NO_SSL2 #endif Matt
