From: guenther Date: Wed, 16 Apr 2014 17:52:31 +0000 (+0000) Subject: SSLv3_client_method() doesn't support TLSv1.*; use SSLv23_client_method() X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=5279fcc4b30862a73335098bc14d51e49acce09a;p=openbsd SSLv3_client_method() doesn't support TLSv1.*; use SSLv23_client_method() the for anything where version negotiation would be useful. Also, constipate a couple formatting strings to make compilers and linkers happier. ok tedu@ --- diff --git a/lib/libssl/src/apps/ocsp.c b/lib/libssl/src/apps/ocsp.c index 1713467c084..e5edc3017d4 100644 --- a/lib/libssl/src/apps/ocsp.c +++ b/lib/libssl/src/apps/ocsp.c @@ -1257,7 +1257,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) { - char http_resp[] = + static const char http_resp[] = "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n" "Content-Length: %d\r\n\r\n"; if (!cbio) @@ -1383,7 +1383,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, if (use_ssl == 1) { BIO *sbio; - ctx = SSL_CTX_new(SSLv3_client_method()); + ctx = SSL_CTX_new(SSLv23_client_method()); if (ctx == NULL) { BIO_printf(err, "Error creating SSL context.\n"); diff --git a/lib/libssl/src/apps/s_time.c b/lib/libssl/src/apps/s_time.c index 1ec2a975c64..5f02e5fd036 100644 --- a/lib/libssl/src/apps/s_time.c +++ b/lib/libssl/src/apps/s_time.c @@ -160,7 +160,7 @@ static void s_time_init(void) */ static void s_time_usage(void) { - static char umsg[] = "\ + static const char umsg[] = "\ -time arg - max number of seconds to collect data, default %d\n\ -verify arg - turn on peer certificate verification, arg == depth\n\ -cert arg - certificate file to use, PEM format assumed\n\ @@ -332,7 +332,7 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - s_time_meth=SSLv3_client_method(); + s_time_meth=SSLv23_client_method(); /* parse the command line arguments */ if( parseArgs( argc, argv ) < 0 )