If I understand correctly it is now impossible for the openssl(1)
tool to open an SSLv2 or SSLv3 session with the host.
We can also switch SSLv23_client_method to TLS_client_method to
set a good example.
ok?
Index: s_time.c
===================================================================
RCS file: /cvs/src/usr.bin/openssl/s_time.c,v
retrieving revision 1.30
diff -u -p -r1.30 s_time.c
--- s_time.c 28 Aug 2018 02:14:22 -0000 1.30
+++ s_time.c 28 Aug 2018 02:21:25 -0000
@@ -242,7 +242,7 @@ s_time_main(int argc, char **argv)
}
}
- s_time_meth = SSLv23_client_method();
+ s_time_meth = TLS_client_method();
verify_depth = 0;
@@ -435,10 +435,6 @@ benchmark(int reuse_session)
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver = 't';
- else if (ver == SSL3_VERSION)
- ver = '3';
- else if (ver == SSL2_VERSION)
- ver = '2';
else
ver = '*';
}
