[openssl-dev] [PATCH] Do not offer options like -ssl2, -tls1, -dtls if they are not compiled in

Fri Mar 4 01:07:29 UTC 2016

They were showed in the help, but providing them failed with an
“unknown option” error, and showed the help which listed it
as a valid option.

---

Patch against the stable 1.0.2 branch.

 apps/s_client.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/apps/s_client.c b/apps/s_client.c
index 0c1102b..f68c581 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -376,16 +376,22 @@ static void sc_usage(void)
                " -srp_strength int - minimal length in bits for N
(default %d).\n",
                SRP_MINIMAL_N);
 #endif
+#ifndef OPENSSL_NO_SSL2
     BIO_printf(bio_err, " -ssl2         - just use SSLv2\n");
+#endif
 #ifndef OPENSSL_NO_SSL3_METHOD
     BIO_printf(bio_err, " -ssl3         - just use SSLv3\n");
 #endif
+#ifndef OPENSSL_NO_TLS1
     BIO_printf(bio_err, " -tls1_2       - just use TLSv1.2\n");
     BIO_printf(bio_err, " -tls1_1       - just use TLSv1.1\n");
     BIO_printf(bio_err, " -tls1         - just use TLSv1\n");
+#endif
+#ifndef OPENSSL_NO_DTLS1
     BIO_printf(bio_err, " -dtls1        - just use DTLSv1\n");
-    BIO_printf(bio_err, " -fallback_scsv - send TLS_FALLBACK_SCSV\n");
     BIO_printf(bio_err, " -mtu          - set the link layer MTU\n");
+#endif
+    BIO_printf(bio_err, " -fallback_scsv - send TLS_FALLBACK_SCSV\n");
     BIO_printf(bio_err,
                " -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 -
turn off that protocol\n");
     BIO_printf(bio_err,
-- 
2.7.2
