Remove SSLv2 support

The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago · 45f55f6a5b
parent 616f71e486
commit 45f55f6a5b
69 changed files with 229 additions and 5569 deletions
--- a/7
+++ b/7
@ -847,7 +847,6 @@ PROCESS_ARGS:
 				{
 				if ($1 eq "ssl")
 					{
-					$disabled{"ssl2"} = "option(ssl)";
 					$disabled{"ssl3"} = "option(ssl)";
 					}
 				elsif ($1 eq "tls")
@ -1062,12 +1061,6 @@ if (defined($disabled{"ec"}))
 	$disabled{"ecdh"} = "forced";
 	}

-# SSL 2.0 requires MD5 and RSA
-if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
-	{
-	$disabled{"ssl2"} = "forced";
-	}
-
 # SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
 if (defined($disabled{"md5"}) || defined($disabled{"sha"})
    || (defined($disabled{"rsa"})
--- a/INSTALL.VMS
+++ b/INSTALL.VMS
@ -134,7 +134,7 @@ Currently, the logical names supported are:
                        will not be implemented.  Supported algorithms to
                        do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
                        SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
-                        SSL2.  So, for example, having the logical name
+                        SSL3.  So, for example, having the logical name
                        OPENSSL_NO_RSA with the value YES means that the
                        LIBCRYPTO.OLB library will not contain an RSA
                        implementation.
--- a/Netware/do_tests.pl
+++ b/Netware/do_tests.pl
@ -270,22 +270,6 @@ sub ssl_tests
   print( OUT "\n========================================================\n");
   print( OUT "SSL TESTS:\n\n");

-   system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2:");
-   log_output("ssltest -ssl2", $outFile);
-
-   system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with server authentication:");
-   log_output("$ssltest -ssl2 -server_auth", $outFile);
-
-   system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with client authentication:");
-   log_output("$ssltest -ssl2 -client_auth", $outFile);
-
-   system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with both client and server authentication:");
-   log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
-
   system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3:");
   log_output("ssltest -ssl3", $outFile);
@ -318,26 +302,10 @@ sub ssl_tests
   log_desc("Testing sslv2/sslv3 with both client and server authentication:");
   log_output("$ssltest -server_auth -client_auth", $outFile);

-   system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 via BIO pair:");
-   log_output("ssltest -bio_pair -ssl2", $outFile);
-
   system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
   log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);

-   system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with server authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
-
-   system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with client authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
-
-   system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
-
   system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 via BIO pair:");
   log_output("ssltest -bio_pair -ssl3", $outFile);
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@ -73,7 +73,6 @@ static const char *ciphers_usage[]={
 "usage: ciphers args\n",
 " -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
 " -V          - even more verbose\n",
-" -ssl2       - SSL2 mode\n",
 " -ssl3       - SSL3 mode\n",
 " -tls1       - TLS1 mode\n",
 NULL
@ -130,10 +129,6 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-stdname") == 0)
 			stdname=verbose=1;
 #endif
-#ifndef OPENSSL_NO_SSL2
-		else if (strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3
 		else if (strcmp(*argv,"-ssl3") == 0)
 			meth=SSLv3_client_method();
@ -210,9 +205,7 @@ int MAIN(int argc, char **argv)
 				int id2 = (int)((id >> 8) & 0xffL);
 				int id3 = (int)(id & 0xffL);
 				
-				if ((id & 0xff000000L) == 0x02000000L)
-					BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
-				else if ((id & 0xff000000L) == 0x03000000L)
+				if ((id & 0xff000000L) == 0x03000000L)
 					BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
 				else
 					BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@ -621,8 +621,6 @@ static const char *ssl_version_str(int version)
 	{
 	switch (version)
 		{
-	case SSL2_VERSION:
-		return "SSL 2.0";
 	case SSL3_VERSION:
 		return "SSL 3.0";
 	case TLS1_VERSION:
@ -649,67 +647,6 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *

 	str_version = ssl_version_str(version);

-	if (version == SSL2_VERSION)
-		{
-		str_details1 = "???";
-
-		if (len > 0)
-			{
-			switch (((const unsigned char*)buf)[0])
-				{
-				case 0:
-					str_details1 = ", ERROR:";
-					str_details2 = " ???";
-					if (len >= 3)
-						{
-						unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
-						
-						switch (err)
-							{
-						case 0x0001:
-							str_details2 = " NO-CIPHER-ERROR";
-							break;
-						case 0x0002:
-							str_details2 = " NO-CERTIFICATE-ERROR";
-							break;
-						case 0x0004:
-							str_details2 = " BAD-CERTIFICATE-ERROR";
-							break;
-						case 0x0006:
-							str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-							break;
-							}
-						}
-
-					break;
-				case 1:
-					str_details1 = ", CLIENT-HELLO";
-					break;
-				case 2:
-					str_details1 = ", CLIENT-MASTER-KEY";
-					break;
-				case 3:
-					str_details1 = ", CLIENT-FINISHED";
-					break;
-				case 4:
-					str_details1 = ", SERVER-HELLO";
-					break;
-				case 5:
-					str_details1 = ", SERVER-VERIFY";
-					break;
-				case 6:
-					str_details1 = ", SERVER-FINISHED";
-					break;
-				case 7:
-					str_details1 = ", REQUEST-CERTIFICATE";
-					break;
-				case 8:
-					str_details1 = ", CLIENT-CERTIFICATE";
-					break;
-				}
-			}
-		}
-
 	if (version == SSL3_VERSION ||
 	    version == TLS1_VERSION ||
 	    version == TLS1_1_VERSION ||
@ -1829,11 +1766,6 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx,
 	case SSL_SECOP_CURVE_CHECK:
 		nm = "Check Curve";
 		break;
-	case SSL_SECOP_SSL2_COMPAT:
-		BIO_puts(sdb->out, "SSLv2 compatible");
-		show_bits = 0;
-		nm = NULL;
-		break;
 	case SSL_SECOP_VERSION:
 		BIO_printf(sdb->out, "Version=%s", ssl_version_str(nid));
 		show_bits = 0;
--- a/apps/s_client.c
+++ b/apps/s_client.c
@ -335,7 +335,6 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -srp_moregroups   - Tolerate other than the known g N values.\n");
 	BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
 #endif
-	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 #ifndef OPENSSL_NO_SSL3_METHOD
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
 #endif
@ -345,9 +344,8 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");    
 	BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n");
 	BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
-	BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+	BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3 - turn off that protocol\n");
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
 	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
 	BIO_printf(bio_err,"                 command to see what is available\n");
 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
@ -912,10 +910,6 @@ static char *jpake_secret = NULL;
 			meth=TLSv1_client_method();
 			}
 #endif
-#ifndef OPENSSL_NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3_METHOD
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			meth=SSLv3_client_method();
@ -2198,14 +2192,12 @@ end:
 static void print_stuff(BIO *bio, SSL *s, int full)
 	{
 	X509 *peer=NULL;
-	char *p;
-	static const char *space="                ";
 	char buf[BUFSIZ];
 	STACK_OF(X509) *sk;
 	STACK_OF(X509_NAME) *sk2;
 	const SSL_CIPHER *c;
 	X509_NAME *xn;
-	int j,i;
+	int i;
 #ifndef OPENSSL_NO_COMP
 	const COMP_METHOD *comp, *expansion;
 #endif
@ -2267,34 +2259,6 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 			{
 			BIO_printf(bio,"---\nNo client certificate CA names sent\n");
 			}
-		p=SSL_get_shared_ciphers(s,buf,sizeof buf);
-		if (p != NULL)
-			{
-			/* This works only for SSL 2.  In later protocol
-			 * versions, the client does not know what other
-			 * ciphers (in addition to the one to be used
-			 * in the current connection) the server supports. */
-
-			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
-			j=i=0;
-			while (*p)
-				{
-				if (*p == ':')
-					{
-					BIO_write(bio,space,15-j%25);
-					i++;
-					j=0;
-					BIO_write(bio,((i%3)?" ":"\n"),1);
-					}
-				else
-					{
-					BIO_write(bio,p,1);
-					j++;
-					}
-				p++;
-				}
-			BIO_write(bio,"\n",1);
-			}

 		ssl_print_sigalgs(bio, s);
 		ssl_print_tmp_key(bio, s);
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -508,7 +508,6 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -srpvfile file      - The verifier file for SRP\n");
 	BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
 #endif
-	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
 #ifndef OPENSSL_NO_SSL3_METHOD
 	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
 #endif
@ -520,7 +519,6 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -timeout      - Enable timeouts\n");
 	BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
 	BIO_printf(bio_err," -chain        - Read a certificate chain\n");
-	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
 	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
 	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
 	BIO_printf(bio_err," -no_tls1_1    - Just disable TLSv1.1\n");
@ -1406,13 +1404,6 @@ int MAIN(int argc, char *argv[])
 			{ www=2; }
 		else if	(strcmp(*argv,"-HTTP") == 0)
 			{ www=3; }
-#ifndef OPENSSL_NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			{
-			no_ecdhe=1;
-			meth=SSLv2_server_method();
-			}
-#endif
 #ifndef OPENSSL_NO_SSL3_METHOD
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			{ meth=SSLv3_server_method(); }
@ -1768,9 +1759,6 @@ bad:
 		if(strlen(session_id_prefix) >= 32)
 			BIO_printf(bio_err,
 "warning: id_prefix is too long, only one new session will be possible\n");
-		else if(strlen(session_id_prefix) >= 16)
-			BIO_printf(bio_err,
-"warning: id_prefix is too long if you use SSLv2\n");
 		if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id))
 			{
 			BIO_printf(bio_err,"error setting 'id_prefix'\n");
@ -1855,9 +1843,6 @@ bad:
 			if(strlen(session_id_prefix) >= 32)
 				BIO_printf(bio_err,
 					"warning: id_prefix is too long, only one new session will be possible\n");
-			else if(strlen(session_id_prefix) >= 16)
-				BIO_printf(bio_err,
-					"warning: id_prefix is too long if you use SSLv2\n");
 			if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id))
 				{
 				BIO_printf(bio_err,"error setting 'id_prefix'\n");
--- a/apps/s_time.c
+++ b/apps/s_time.c
@ -186,7 +186,6 @@ static void s_time_usage(void)
 	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
 #ifdef FIONBIO
 	printf("-nbio         - Run with non-blocking IO\n");
-	printf("-ssl2         - Just use SSLv2\n");
 	printf("-ssl3         - Just use SSLv3\n");
 	printf("-bugs         - Turn on SSL bug compatibility\n");
 	printf("-new          - Just time new connections\n");
@ -282,10 +281,6 @@ static int parseArgs(int argc, char **argv)
 		}
 	else if(strcmp(*argv,"-bugs") == 0)
 	    st_bugs=1;
-#ifndef OPENSSL_NO_SSL2
-	else if(strcmp(*argv,"-ssl2") == 0)
-	    s_time_meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3
 	else if(strcmp(*argv,"-ssl3") == 0)
 	    s_time_meth=SSLv3_client_method();
@ -430,8 +425,6 @@ int MAIN(int argc, char **argv)
 				ver='t';
 			else if (ver == SSL3_VERSION)
 				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
 			else
 				ver='*';
 			}
@ -523,8 +516,6 @@ next:
 				ver='t';
 			else if (ver == SSL3_VERSION)
 				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
 			else
 				ver='*';
 			}
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@ -51,7 +51,6 @@ F RSAREF_F_RSA_PRIVATE_DECRYPT
 F RSAREF_F_RSA_PRIVATE_ENCRYPT
 F RSAREF_F_RSA_PUBLIC_DECRYPT
 F RSAREF_F_RSA_PUBLIC_ENCRYPT
-#F SSL_F_CLIENT_CERTIFICATE

 R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		1010
 R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		1020
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@ -69,7 +69,6 @@ void OpenSSL_add_all_digests(void)
 #endif
 #ifndef OPENSSL_NO_MD5
 	EVP_add_digest(EVP_md5());
-	EVP_add_digest_alias(SN_md5,"ssl2-md5");
 	EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
--- a/crypto/threads/mttest.c
+++ b/crypto/threads/mttest.c
@ -217,8 +217,6 @@ int main(int argc, char *argv[])
 			cache_stats=1;
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			ssl_method=SSLv3_method();
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			ssl_method=SSLv2_method();
 		else if	(strcmp(*argv,"-CApath") == 0)
 			{
 			if (--argc < 1) goto bad;
--- a/demos/ssl/cli.cpp
+++ b/demos/ssl/cli.cpp
@ -38,7 +38,7 @@ void main ()
  SSL_METHOD *meth;

  SSLeay_add_ssl_algorithms();
-  meth = SSLv2_client_method();
+  meth = SSLv23_client_method();
  SSL_load_error_strings();
  ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);

--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@ -10,7 +10,6 @@ B<openssl> B<ciphers>
 [B<-s>]
 [B<-v>]
 [B<-V>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 [B<-stdname>]
@ -35,12 +34,9 @@ not used then ciphers excluded by the security level will still be listed.
 =item B<-v>

 Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+protocol version, key exchange,
 authentication, encryption and mac algorithms used along with any key size
 restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.

 =item B<-V>

@ -50,10 +46,6 @@ Like B<-v>, but include cipher suite codes in output (hex format).

 only include SSL v3 ciphers.

-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
 =item B<-tls1>

 only include TLS v1 ciphers.
@ -259,9 +251,9 @@ keys.
 ciphers suites using FORTEZZA key exchange, authentication, encryption or all
 FORTEZZA algorithms. Not implemented.

-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>

-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note:
 there are no ciphersuites specific to TLS v1.1.

 =item B<AES128>, B<AES256>, B<AES>
@ -605,17 +597,6 @@ Note: these ciphers can also be used in SSL v3.
 TLS_PSK_WITH_AES_128_CBC_SHA              PSK-AES128-CBC-SHA
 TLS_PSK_WITH_AES_256_CBC_SHA              PSK-AES256-CBC-SHA

-=head2 Deprecated SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
-
-
 =head1 NOTES

 Some compiled versions of OpenSSL may not include all the ciphers
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@ -58,10 +58,8 @@ B<openssl> B<s_client>
 [B<-ign_eof>]
 [B<-no_ign_eof>]
 [B<-quiet>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
-[B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_tls1_1>]
@ -248,11 +246,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.

-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>

 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.

 Unfortunately there are still ancient and broken servers in use which
 cannot handle this technique and will fail to connect. Some servers only
@ -279,10 +277,6 @@ the server determines which cipher suite is used it should take the first
 supported cipher in the list sent by the client. See the B<ciphers>
 command for more information.

-=item B<-serverpref>
-
-use the server's cipher preferences; only used for SSLV2.
-
 =item B<-starttls protocol>

 send the protocol-specific message(s) to switch to TLS for communication.
@ -373,8 +367,8 @@ would typically be used (https uses port 443). If the connection succeeds
 then an HTTP command can be given such as "GET /" to retrieve a web page.

 If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
+nothing obvious like no client certificate then the B<-bugs>,
+B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1> options can be tried
 in case it is a buggy server. In particular you should play with these
 options B<before> submitting a bug report to an OpenSSL mailing list.

@ -396,10 +390,6 @@ on the command line is no guarantee that the certificate works.
 If there are problems verifying a server certificate then the
 B<-showcerts> option can be used to show the whole chain.

-Since the SSLv23 client hello cannot include compression methods or extensions
-these will only be supported if its use is disabled, for example by using the
-B<-no_sslv2> option.
-
 The B<s_client> utility is a test tool and is designed to continue the
 handshake after any certificate verification errors. As a result it will
 accept any certificate chain (trusted or not) sent by the peer. None test
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@ -64,10 +64,8 @@ B<openssl> B<s_server>
 [B<-serverpref>]
 [B<-quiet>]
 [B<-no_tmp_rsa>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
-[B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_dhe>]
@ -279,11 +277,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.

-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
+=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1>

 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.

 =item B<-bugs>

--- a/doc/apps/s_time.pod
+++ b/doc/apps/s_time.pod
@ -19,7 +19,6 @@ B<openssl> B<s_time>
 [B<-verify depth>]
 [B<-nbio>]
 [B<-time seconds>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-bugs>]
 [B<-cipher cipherlist>]
@ -92,18 +91,17 @@ specified, they are both on by default and executed in sequence.

 turns on non-blocking I/O.

-=item B<-ssl2>, B<-ssl3>
+=item B<-ssl3>

 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.
 The timing program is not as rich in options to turn protocols on and off as
 the L<s_client(1)|s_client(1)> program and may not connect to all servers.

 Unfortunately there are a lot of ancient and broken servers in use which
 cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-ssl3> option; others
-will only support SSL v2 and may need the B<-ssl2> option.
+work if TLS is turned off with the B<-ssl3> option.

 =item B<-bugs>

@ -137,7 +135,7 @@ which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
 for details.

 If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+nothing obvious like no client certificate then the B<-bugs> and
 B<-ssl3> options can be tried
 in case it is a buggy server. In particular you should play with these
 options B<before> submitting a bug report to an OpenSSL mailing list.
--- a/doc/apps/sess_id.pod
+++ b/doc/apps/sess_id.pod
@ -92,7 +92,7 @@ Theses are described below in more detail.

 =item B<Protocol>

-this is the protocol in use TLSv1, SSLv3 or SSLv2.
+this is the protocol in use TLSv1.2, TLSv1.1, TLSv1 or SSLv3.

 =item B<Cipher>

@ -111,10 +111,6 @@ the session ID context in hex format.

 this is the SSL session master key.

-=item B<Key-Arg>
-
-the key argument, this is only used in SSL v2.
-
 =item B<Start Time>

 this is the session start time represented as an integer in standard Unix format.
--- a/doc/ssl/SSL_CIPHER_get_name.pod
+++ b/doc/ssl/SSL_CIPHER_get_name.pod
@ -25,7 +25,7 @@ chosen algorithm. If B<cipher> is NULL, 0 is returned.

 SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
 version that first defined the cipher.
-This is currently B<SSLv2> or B<TLSv1/SSLv3>.
+This is currently B<TLSv1/SSLv3>.
 In some cases it should possibly return "TLSv1.2" but does not;
 use SSL_CIPHER_description() instead.
 If B<cipher> is NULL, "(NONE)" is returned.
@ -56,7 +56,7 @@ Textual representation of the cipher name.

 =item <protocol version>

-Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
+Protocol version: B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
 flagged with SSLv3. No new ciphers were added by TLSv1.1.

 =item Kx=<key exchange>
--- a/doc/ssl/SSL_CONF_cmd.pod
+++ b/doc/ssl/SSL_CONF_cmd.pod
@ -109,10 +109,10 @@ Attempts to use the file B<value> as the set of temporary DH parameters for
 the appropriate context. This option is only supported if certificate
 operations are permitted.

-=item B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>

-Disables protocol support for SSLv2, SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 
-by setting the corresponding options B<SSL_OP_NO_SSL2>, B<SSL_OP_NO_SSL3>,
+Disables protocol support for SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 
+by setting the corresponding options B<SSL_OP_NO_SSL3>,
 B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively.

 =item B<-bugs>
@ -259,7 +259,7 @@ The supported versions of the SSL or TLS protocol.
 The B<value> argument is a comma separated list of supported protocols to
 enable or disable. If an protocol is preceded by B<-> that version is disabled.
 All versions are enabled by default, though applications may choose to
-explicitly disable some. Currently supported protocol values are B<SSLv2>,
+explicitly disable some. Currently supported protocol values are 
 B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers
 to all supported versions.

@ -435,4 +435,7 @@ L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>

 SSL_CONF_cmd() was first added to OpenSSL 1.0.2

+B<SSL_OP_NO_SSL2> doesn't have effect anymore since 1.1.0 but the define is kept
+for backward compatibility.
+
 =cut
--- a/doc/ssl/SSL_CTX_new.pod
+++ b/doc/ssl/SSL_CTX_new.pod
@ -2,7 +2,7 @@

 =head1 NAME

-SSL_CTX_new, SSLv2_method, SSLv2_server_method, SSLv2_client_method, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions
+SSL_CTX_new, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions

 =head1 SYNOPSIS

@ -23,14 +23,6 @@ client only type. B<method> can be of the following types:

 =over 4

-=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand
-the SSLv2 protocol. A client will send out SSLv2 client hello messages
-and will also indicate that it only understand SSLv2. A server will only
-understand SSLv2 client hello messages. The SSLv2 protocol is deprecated 
-and very broken: its use is B<strongly> discouraged.
-
 =item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)

 A TLS/SSL connection established with these methods will only understand the
@ -62,33 +54,25 @@ SSLv3 client hello messages.

 =item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)

-A TLS/SSL connection established with these methods may understand the SSLv2,
+A TLS/SSL connection established with these methods may understand the
 SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.

-If the cipher list does not contain any SSLv2 ciphersuites (the default
-cipher list does not) or extensions are required (for example server name)
+If extensions are required (for example server name)
 a client will send out TLSv1 client hello messages including extensions and
 will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
 fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
 protocols. This is the best choice when compatibility is a concern.

-If any SSLv2 ciphersuites are included in the cipher list and no extensions
-are required then SSLv2 compatible client hellos will be used by clients and
-SSLv2 will be accepted by servers. This is B<not> recommended due to the
-insecurity of SSLv2 and the limited nature of the SSLv2 client hello
-prohibiting the use of extensions.
-
 =back

-The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
+The list of protocols available can later be limited using the
 SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
 options of the SSL_CTX_set_options() or SSL_set_options() functions.
 Using these options it is possible to choose e.g. SSLv23_server_method() and
 be able to negotiate with all possible clients, but to only allow newer
 protocols like TLSv1, TLSv1.1 or TLS v1.2.

-Applications which never want to support SSLv2 (even is the cipher string
-is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
+Applications which never want to support SSLv3 can set SSL_OP_NO_SSLv3.

 SSL_CTX_new() initializes the list of ciphers, the session cache setting,
 the callbacks, the keys and certificates and the options to its default
@ -111,6 +95,11 @@ The return value points to an allocated SSL_CTX object.

 =back

+=head1 HISTORY
+
+SSLv2_method, SSLv2_server_method and SSLv2_client_method where removed in
+OpenSSL 1.1.0.
+
 =head1 SEE ALSO

 L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
--- a/doc/ssl/SSL_CTX_set_cipher_list.pod
+++ b/doc/ssl/SSL_CTX_set_cipher_list.pod
@ -54,10 +54,6 @@ of 512 bits and the server is not configured to use temporary RSA
 keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
 and the handshake will fail.

-If the cipher list does not contain any SSLv2 cipher suites (this is the
-default) then SSLv2 is effectively disabled and neither clients nor servers
-will attempt to use SSLv2.
-
 =head1 RETURN VALUES

 SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
--- a/doc/ssl/SSL_CTX_set_generate_session_id.pod
+++ b/doc/ssl/SSL_CTX_set_generate_session_id.pod
@ -32,9 +32,8 @@ of the parent context of B<ssl>.

 When a new session is established between client and server, the server
 generates a session id. The session id is an arbitrary sequence of bytes.
-The length of the session id is 16 bytes for SSLv2 sessions and between
-1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical
-but must be unique for the server. Additionally, the session id is
+The length of the session id is between 1 and 32 bytes.  The session id is not
+security critical but must be unique for the server. Additionally, the session id is
 transmitted in the clear when reusing the session so it must not contain
 sensitive information.

@ -51,21 +50,14 @@ The callback is only allowed to generate a shorter id and reduce B<id_len>;
 the callback B<must never> increase B<id_len> or write to the location
 B<id> exceeding the given limit.

-If a SSLv2 session id is generated and B<id_len> is reduced, it will be
-restored after the callback has finished and the session id will be padded
-with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions.
-The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> function
-to check, whether the session is of type SSLv2.
-
 The location B<id> is filled with 0x00 before the callback is called, so the
 callback may only fill part of the possible length and leave B<id_len>
 untouched while maintaining reproducibility.

 Since the sessions must be distinguished, session ids must be unique.
 Without the callback a random number is used, so that the probability
-of generating the same session id is extremely small (2^128 possible ids
-for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the
-uniqueness of the generated session id, the callback must call
+of generating the same session id is extremely small (2^256 for SSLv3/TLSv1).
+In order to assure the uniqueness of the generated session id, the callback must call
 SSL_has_matching_session_id() and generate another id if a conflict occurs.
 If an id conflict is not resolved, the handshake will fail.
 If the application codes e.g. a unique host id, a unique process number, and
@ -85,10 +77,6 @@ Collisions can also occur when using an external session cache, since
 the external cache is not tested with SSL_has_matching_session_id()
 and the same race condition applies.

-When calling SSL_has_matching_session_id() for an SSLv2 session with
-reduced B<id_len>, the match operation will be performed using the
-fixed length required and with a 0x00 padded id.
-
 The callback must return 0 if it cannot generate a session id for whatever
 reason and return 1 on success.

@ -104,12 +92,6 @@ server id given, and will fill the rest with pseudo random bytes:
                              unsigned int *id_len)
      {
      unsigned int count = 0;
-      const char *version;
-
-      version = SSL_get_version(ssl);
-      if (!strcmp(version, "SSLv2"))
-	  /* we must not change id_len */;
-
      do      {
              RAND_pseudo_bytes(id, *id_len);
              /* Prefix the session_id with the required prefix. NB: If our
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@ -63,18 +63,11 @@ The following B<bug workaround> options are available:

 =item SSL_OP_MICROSOFT_SESS_ID_BUG

-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
+As of OpenSSL 1.0.0 this option has no effect.

 =item SSL_OP_NETSCAPE_CHALLENGE_BUG

-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
+As of OpenSSL 1.0.0 this option has no effect.

 =item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

--- a/doc/ssl/SSL_get_default_timeout.pod
+++ b/doc/ssl/SSL_get_default_timeout.pod
@ -24,7 +24,7 @@ L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default
 timeout for the protocol will be used.

 SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
-for all currently supported protocols (SSLv2, SSLv3, and TLSv1).
+for all currently supported protocols.

 =head1 RETURN VALUES

--- a/doc/ssl/SSL_get_version.pod
+++ b/doc/ssl/SSL_get_version.pod
@ -21,10 +21,6 @@ The following strings can be returned:

 =over 4

-=item SSLv2
-
-The connection uses the SSLv2 protocol.
-
 =item SSLv3

 The connection uses the SSLv3 protocol.
--- a/doc/ssl/SSL_new.pod
+++ b/doc/ssl/SSL_new.pod
@ -14,7 +14,7 @@ SSL_new - create a new SSL structure for a connection

 SSL_new() creates a new B<SSL> structure which is needed to hold the
 data for a TLS/SSL connection. The new structure inherits the settings
-of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1),
+of the underlying context B<ctx>: connection method,
 options, verification settings, timeout settings.

 =head1 RETURN VALUES
--- a/doc/ssl/SSL_shutdown.pod
+++ b/doc/ssl/SSL_shutdown.pod
@ -60,9 +60,7 @@ SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call.

 It is therefore recommended, to check the return value of SSL_shutdown()
 and call SSL_shutdown() again, if the bidirectional shutdown is not yet
-complete (return value of the first call is 0). As the shutdown is not
-specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
-the first call.
+complete (return value of the first call is 0).

 The behaviour of SSL_shutdown() additionally depends on the underlying BIO. 

--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@ -45,8 +45,8 @@ structures:
 =item B<SSL_METHOD> (SSL Method)

 That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
+methods/functions which implement the various protocol versions (SSLv3
+TLSv1, ...). It's needed to create an B<SSL_CTX>.

 =item B<SSL_CIPHER> (SSL Cipher)

@ -105,8 +105,8 @@ it's already included by ssl.h>.

 =item B<ssl23.h>

-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
+That's the sub header file dealing with the combined use of different
+protocol version.
 I<Usually you don't have to include it explicitly because
 it's already included by ssl.h>.

@ -130,18 +130,6 @@ protocol methods defined in B<SSL_METHOD> structures.

 =over 4

-=item const SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
 =item const SSL_METHOD *B<SSLv3_client_method>(void);

 Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
@ -189,7 +177,7 @@ I<alg_bits>) and the bits which are actually used (the return value).
 =item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);

 Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
+strings defined by the I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
 definitions in the header files.

 =item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
@ -758,5 +746,8 @@ L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>

 The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2

+B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
+in OpenSSL 1.1.0.
+
 =cut

--- a/makevms.com
+++ b/makevms.com
@ -300,7 +300,6 @@ $ CONFIG_LOGICALS := AES,-
 		     SHA512,-
 		     SOCK,-
 		     SRP,-
-		     SSL2,-
 		     SSL_INTERN,-
 		     STACK,-
 		     STATIC_ENGINE,-
@ -330,10 +329,8 @@ $! algos part.
 $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
 			  DES/MDC2;-
 			  EC/ECDSA,ECDH;-
-			  MD5/SSL2,SSL3,TLS1;-
+			  MD5/SSL3,TLS1;-
 			  SHA/SSL3,TLS1;-
-			  RSA/SSL2;-
-			  RSA,DSA/SSL2;-
 			  DH/SSL3,TLS1;-
 			  TLS1/TLSEXT;-
 			  EC/GOST;-
--- a/ms/test.bat
+++ b/ms/test.bat
@ -77,22 +77,6 @@ if errorlevel 1 goto done

 set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss

-echo test sslv2
-ssltest -ssl2
-if errorlevel 1 goto done
-
-echo test sslv2 with server authentication
-%SSL_TEST% -ssl2 -server_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication
-%SSL_TEST% -ssl2 -client_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication
-%SSL_TEST% -ssl2 -server_auth -client_auth
-if errorlevel 1 goto done
-
 echo test sslv3
 ssltest -ssl3
 if errorlevel 1 goto done
@ -125,26 +109,10 @@ echo test sslv2/sslv3 with both client and server authentication
 %SSL_TEST% -server_auth -client_auth
 if errorlevel 1 goto done

-echo test sslv2 via BIO pair
-ssltest -bio_pair -ssl2
-if errorlevel 1 goto done
-
 echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
 ssltest -bio_pair -dhe1024dsa -v
 if errorlevel 1 goto done

-echo test sslv2 with server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -client_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth
-if errorlevel 1 goto done
-
 echo test sslv3 via BIO pair
 ssltest -bio_pair -ssl3
 if errorlevel 1 goto done
--- a/ms/testce.bat
+++ b/ms/testce.bat
@ -123,22 +123,6 @@ cecopy ssltest.exe CE:\OpenSSL
 cecopy ..\apps\server.pem CE:\OpenSSL
 cecopy ..\apps\client.pem CE:\OpenSSL

-echo test sslv2
-cerun CE:\OpenSSL\ssltest -ssl2
-if errorlevel 1 goto done
-
-echo test sslv2 with server authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
 echo test sslv3
 cerun CE:\OpenSSL\ssltest -ssl3
 if errorlevel 1 goto done
@ -171,26 +155,10 @@ echo test sslv2/sslv3 with both client and server authentication
 cerun CE:\OpenSSL\ssltest -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
 if errorlevel 1 goto done

-echo test sslv2 via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2
-if errorlevel 1 goto done
-
 echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
 cerun CE:\OpenSSL\ssltest -bio_pair -dhe1024dsa -v
 if errorlevel 1 goto done

-echo test sslv2 with server authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
 echo test sslv3 via BIO pair
 cerun CE:\OpenSSL\ssltest -bio_pair -ssl3
 if errorlevel 1 goto done
--- a/ssl/Makefile
+++ b/ssl/Makefile
@ -21,7 +21,6 @@ APPS=
 LIB=$(TOP)/libssl.a
 SHARED_LIB= libssl$(SHLIB_EXT)
 LIBSRC=	\
-	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
 	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
 	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
 	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c t1_ext.c \
@ -32,7 +31,6 @@ LIBSRC=	\
 	ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
 	bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
 LIBOBJ= \
-	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
 	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
 	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
 	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o t1_ext.o \
@ -386,126 +384,6 @@ s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
 s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
 s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
 s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
-s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
-s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
-s2_enc.o: ssl_locl.h
-s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
-s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
-s2_meth.o: ssl_locl.h
-s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
-s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
 s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
 s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
 s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@ -121,10 +121,6 @@ static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
 static const SSL_METHOD *ssl23_get_client_method(int ver)
 	{
-#ifndef OPENSSL_NO_SSL2
-	if (ver == SSL2_VERSION)
-		return(SSLv2_client_method());
-#endif
 #ifndef OPENSSL_NO_SSL3
 	if (ver == SSL3_VERSION)
 		return(SSLv3_client_method());
@ -256,24 +252,6 @@ end:
 	return(ret);
 	}

-static int ssl23_no_ssl2_ciphers(SSL *s)
-	{
-	SSL_CIPHER *cipher;
-	STACK_OF(SSL_CIPHER) *ciphers;
-	int i;
-	ssl_set_client_disabled(s);
-	ciphers = SSL_get_ciphers(s);
-	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
-		{
-		cipher = sk_SSL_CIPHER_value(ciphers, i);
-		if (ssl_cipher_disabled(s, cipher, SSL_SECOP_CIPHER_SUPPORTED))
-			continue;
-		if (cipher->algorithm_ssl == SSL_SSLV2)
-			return 0;
-		}
-	return 1;
-	}
-
 /* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
 * on failure, 1 on success. */
 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
@ -300,9 +278,8 @@ static int ssl23_client_hello(SSL *s)
 	{
 	unsigned char *buf;
 	unsigned char *p,*d;
-	int i,ch_len;
+	int i;
 	unsigned long l;
-	int ssl2_compat;
 	int version = 0, version_major, version_minor;
 	int al = 0;
 #ifndef OPENSSL_NO_COMP
@ -312,13 +289,6 @@ static int ssl23_client_hello(SSL *s)
 	int ret;
 	unsigned long mask, options = s->options;