From 5004c22c25af92358eaab4ac515686d096a0f84c Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Sat, 29 Nov 2014 16:17:54 +0100
Subject: [PATCH] Use the SSLv23 method by default

If SSLv2 and SSLv3 are both disabled we still support SSL/TLS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 apps/ocsp.c   | 9 ---------
 apps/s_time.c | 6 ------
 2 files changed, 15 deletions(-)

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 3beec781e4..8883afc956 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1399,16 +1399,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
 	if (use_ssl == 1)
 		{
 		BIO *sbio;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 		ctx = SSL_CTX_new(SSLv23_client_method());
-#elif !defined(OPENSSL_NO_SSL3)
-		ctx = SSL_CTX_new(SSLv3_client_method());
-#elif !defined(OPENSSL_NO_SSL2)
-		ctx = SSL_CTX_new(SSLv2_client_method());
-#else
-		BIO_printf(err, "SSL is disabled\n");
-			goto end;
-#endif
 		if (ctx == NULL)
 			{
 			BIO_printf(err, "Error creating SSL context.\n");
diff --git a/apps/s_time.c b/apps/s_time.c
index b823c33c58..81dad53243 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -349,13 +349,7 @@ int MAIN(int argc, char **argv)
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	s_time_meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	s_time_meth=SSLv2_client_method();
-#endif
 
 	/* parse the command line arguments */
 	if( parseArgs( argc, argv ) < 0 )
-- 
2.25.1