aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'socket.c')
-rw-r--r--socket.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/socket.c b/socket.c
index 26e37de8..f513d9ff 100644
--- a/socket.c
+++ b/socket.c
@@ -899,14 +899,16 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
/* Make sure a connection referring to an older context is not left */
_ssl_context[sock] = NULL;
if(myproto) {
- if(!strcasecmp("ssl3",myproto)) {
+ if(!strcasecmp("ssl2",myproto)) {
+ _ctx[sock] = SSL_CTX_new(SSLv2_client_method());
+ } else if(!strcasecmp("ssl3",myproto)) {
_ctx[sock] = SSL_CTX_new(SSLv3_client_method());
} else if(!strcasecmp("tls1",myproto)) {
_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
} else if (!strcasecmp("ssl23",myproto)) {
myproto = NULL;
} else {
- fprintf(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSL23).\n"), myproto);
+ fprintf(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto);
myproto = NULL;
}
}
@@ -918,7 +920,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
return(-1);
}
- SSL_CTX_set_options(_ctx[sock], SSL_OP_ALL | SSL_OP_NO_SSLv2);
+ SSL_CTX_set_options(_ctx[sock], SSL_OP_ALL);
if (certck) {
SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback);