Client side version negotiation rewrite Continuing from the previous commit this changes the way we do client side version negotiation. Similarly all of the s23* "up front" state machine code has been avoided and again things now work much the same way as they already did for DTLS, i.e. we just do most of the work in the ssl3_get_server_hello() function. Reviewed-by: Kurt Roeckx <kurt@openssl.org>

commit: 13c9bb3ecec5f847b4c5295249e039d386e2d10e [log] [tgz]
author: Matt Caswell <matt@openssl.org> Tue Mar 31 00:18:31 2015 +0100
committer: Matt Caswell <matt@openssl.org> Sat May 16 09:20:31 2015 +0100
tree: 8a3c816a718d72049d44dc24b6c2239fe954eab0
parent: 32ec41539b5b23bc42503589fcc5be65d648d1f5 [diff] [blame]
diff --git a/apps/ocsp.c b/apps/ocsp.c
index d52da18..c71b0d6 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c

@@ -1261,7 +1261,7 @@
         BIO_set_conn_port(cbio, port);
     if (use_ssl == 1) {
         BIO *sbio;
-        ctx = SSL_CTX_new(SSLv23_client_method());
+        ctx = SSL_CTX_new(TLS_client_method());
         if (ctx == NULL) {
             BIO_printf(bio_err, "Error creating SSL context.\n");
             goto end;
commit	13c9bb3ecec5f847b4c5295249e039d386e2d10e	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Tue Mar 31 00:18:31 2015 +0100
committer	Matt Caswell <matt@openssl.org>	Sat May 16 09:20:31 2015 +0100
tree	8a3c816a718d72049d44dc24b6c2239fe954eab0
parent	32ec41539b5b23bc42503589fcc5be65d648d1f5 [diff] [blame]