Running the openssl binary configured with no-ssl2: $ openssl version OpenSSL 1.0.1i 6 Aug 2014 $ openssl s_client -ssl2 2>&1 | fgrep ssl2 unknown option -ssl2 -ssl2 - just use SSLv2 -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
That is, -ssl2 is an unknown option, still it's documented in the usage block after the error message. It's compiled out at 913 #ifndef OPENSSL_NO_SSL2 914 else if (strcmp(*argv,"-ssl2") == 0) 915 meth=SSLv2_client_method(); 916 #endif but similar conditions should be applied around 338 BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); as well. Same for the other protocols. It's a rather misleading documentation bug, please consider fixing it. -- Thanks, Feri. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
