Remove SSLv2 support

The only support for SSLv2 left is receiving a SSLv2 compatible client hello. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Kurt Roeckx <kurt@roeckx.be> 2014-11-30 15:35:22 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2014-12-04 11:55:03 +0100
commit: 45f55f6a5bdcec411ef08a6f8aae41d5d3d234ad (patch)
tree: 56dba3e74061df914c5d4fa2faf89e7a24c6457c /doc/ssl/SSL_CTX_set_options.pod
parent: 616f71e486d693991b594439c884ec624b32c2d4 (diff)
1 files changed, 2 insertions, 9 deletions
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
index 65062ad68c..1594fb6eec 100644
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@@ -63,18 +63,11 @@ The following B<bug workaround> options are available:
 
 =item SSL_OP_MICROSOFT_SESS_ID_BUG
 
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
+As of OpenSSL 1.0.0 this option has no effect.
 
 =item SSL_OP_NETSCAPE_CHALLENGE_BUG
 
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
+As of OpenSSL 1.0.0 this option has no effect.
 
 =item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
author	Kurt Roeckx <kurt@roeckx.be>	2014-11-30 15:35:22 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2014-12-04 11:55:03 +0100
commit	45f55f6a5bdcec411ef08a6f8aae41d5d3d234ad (patch)
tree	56dba3e74061df914c5d4fa2faf89e7a24c6457c /doc/ssl/SSL_CTX_set_options.pod
parent	616f71e486d693991b594439c884ec624b32c2d4 (diff)