Description: disable SSLv2 support
 Disable use of SSLv2 functions when they are not supported by OpenSSL itself
 (e.g. in OpenSSL >= 1.0 in Debian).
Author: Julien Cristau <jcristau@debian.org>
Bug-Debian: http://bugs.debian.org/622018
Forwarded: no
Last-Update: 2012-04-22

--- a/sslcls.c
+++ b/sslcls.c
@@ -35,6 +35,7 @@
    return result;
 }
 
+#ifndef OPENSSL_NO_SSL2
 SSL_METHOD *sycSSLv2_client_method(void) {
    SSL_METHOD *result;
    Debug("SSLv2_client_method()");
@@ -50,6 +51,7 @@
    Debug1("SSLv2_server_method() -> %p", result);
    return result;
 }
+#endif
 
 SSL_METHOD *sycSSLv3_client_method(void) {
    SSL_METHOD *result;
--- a/xio-openssl.c
+++ b/xio-openssl.c
@@ -798,9 +798,12 @@
 
    if (!server) {
       if (me_str != 0) {
+#ifndef OPENSSL_NO_SSL2
 	 if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
 	    method = sycSSLv2_client_method();
-	 } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
+	 } else
+#endif
+	 if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
 	    method = sycSSLv3_client_method();
 	 } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
 		    !strcasecmp(me_str, "SSL")) {
@@ -817,9 +820,12 @@
       }
    } else /* server */ {
       if (me_str != 0) {
+#ifndef OPENSSL_NO_SSL2
 	 if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
 	    method = sycSSLv2_server_method();
-	 } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
+	 } else
+#endif
+	 if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
 	    method = sycSSLv3_server_method();
 	 } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
 		    !strcasecmp(me_str, "SSL")) {
--- a/sslcls.h
+++ b/sslcls.h
@@ -10,8 +10,10 @@
 
 void sycSSL_load_error_strings(void);
 int sycSSL_library_init(void);
+#ifndef OPENSSL_NO_SSL2
 SSL_METHOD *sycSSLv2_client_method(void);
 SSL_METHOD *sycSSLv2_server_method(void);
+#endif
 SSL_METHOD *sycSSLv3_client_method(void);
 SSL_METHOD *sycSSLv3_server_method(void);
 SSL_METHOD *sycSSLv23_client_method(void);
