Add support for minimum and maximum protocol version

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Kurt Roeckx <kurt@roeckx.be> 2015-12-06 17:56:41 +0100
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-02 10:47:52 -0500
commit: 7946ab33cecce60afcc00afc8fc18f31f9e66bff (patch)
tree: fa178fbc42a649e87e201820cc11796dc3c7d6de /doc/ssl/SSL_CTX_set_options.pod
parent: 1e0784ff95cd69090e26e2205bfec6305038db56 (diff)
1 files changed, 4 insertions, 6 deletions
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
index cf137a5ed4..bf7f7fd318 100644
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@@ -153,13 +153,10 @@ own preferences.
 ...
 
 
-=item SSL_OP_NO_SSLv3
+=item SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1
 
-Do not use the SSLv3 protocol.
-
-=item SSL_OP_NO_TLSv1
-
-Do not use the TLSv1 protocol.
+Do not use the SSLv3 or TLSv1 protocol, respectively.
+You should avoid using those settings and instead use SSL_CTX_set_min_proto_version() and SSL_CTX_set_max_proto_version().
 
 =item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
 
@@ -269,6 +266,7 @@ secure renegotiation and 0 if it does not.
 
 L<ssl(3)>, L<SSL_new(3)>, L<SSL_clear(3)>,
 L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_min_proto_version(3)>,
 L<dhparam(1)>
 
 =head1 HISTORY
author	Kurt Roeckx <kurt@roeckx.be>	2015-12-06 17:56:41 +0100
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-02 10:47:52 -0500
commit	7946ab33cecce60afcc00afc8fc18f31f9e66bff (patch)
tree	fa178fbc42a649e87e201820cc11796dc3c7d6de /doc/ssl/SSL_CTX_set_options.pod
parent	1e0784ff95cd69090e26e2205bfec6305038db56 (diff)