[openssl-users] About no-ssl2
openssl-users at dukhovni.org
Wed Mar 16 22:39:55 UTC 2016
On Wed, Mar 16, 2016 at 11:32:28PM +0100, Michel wrote:
> IMHO, whether SSL2 is completly removed or disabled, I would have expected
> opensslconf.h to reflect the situation to applications.
In what release?
> But now, it just contains :
> #ifndef OPENSSL_NO_SSL3
> # define OPENSSL_NO_SSL3
> Was it really intended ?
OpenSSL 1.1.0 has no vestigial SSLv2 code, and so nothing to disable
with OPENSSL_NO_SSL2. The "OPENSSL_NO_..." macros specify disabled
features, not deleted code.
More information about the openssl-users