When choosing a cipher, use the server's preferences instead of the client
preferences. When not set, the SSL server will always follow the clients
-preferences. When set, the SSLv3/TLSv1 server will choose following its
-own preferences. Because of the different protocol, for SSLv2 the server
-will send its list of preferences to the client and the client chooses.
+preferences. When set, the SSL/TLS server will choose following its
+own preferences.
=item SSL_OP_PKCS1_CHECK_1
...
+=item SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1
-=item SSL_OP_NO_SSLv2
-
-Do not use the SSLv2 protocol.
-
-=item SSL_OP_NO_SSLv3
-
-Do not use the SSLv3 protocol.
-
-=item SSL_OP_NO_TLSv1
-
-Do not use the TLSv1 protocol.
+Do not use the SSLv3 or TLSv1 protocol, respectively.
+You should avoid using those settings and instead use SSL_CTX_set_min_proto_version() and SSL_CTX_set_max_proto_version().
=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
described in RFC5746. This counters the prefix attack described in
CVE-2009-3555 and elsewhere.
-The deprecated and highly broken SSLv2 protocol does not support
-renegotiation at all: its use is B<strongly> discouraged.
-
This attack has far reaching consequences which application writers should be
aware of. In the description below an implementation supporting secure
renegotiation is referred to as I<patched>. A server not supporting secure
L<ssl(3)>, L<SSL_new(3)>, L<SSL_clear(3)>,
L<SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_min_proto_version(3)>,
L<dhparam(1)>
=head1 HISTORY