Merge remote-tracking branch 'origin/stable/10' into devel

1 files changed, 9 insertions, 1 deletions

diff --git a/secure/lib/libssl/man/SSL_CTX_set_options.3 b/secure/lib/libssl/man/SSL_CTX_set_options.3
index 47eda8d..7475736 100644
--- a/secure/lib/libssl/man/SSL_CTX_set_options.3
+++ b/secure/lib/libssl/man/SSL_CTX_set_options.3
@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SSL_CTX_set_options 3"
-.TH SSL_CTX_set_options 3 "2016-01-28" "1.0.1r" "OpenSSL"
+.TH SSL_CTX_set_options 3 "2016-03-01" "1.0.1s" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -298,12 +298,20 @@ browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
 .IP "SSL_OP_NO_SSLv2" 4
 .IX Item "SSL_OP_NO_SSLv2"
 Do not use the SSLv2 protocol.
+As of OpenSSL 1.0.1s the \fBSSL_OP_NO_SSLv2\fR option is set by default.
 .IP "SSL_OP_NO_SSLv3" 4
 .IX Item "SSL_OP_NO_SSLv3"
 Do not use the SSLv3 protocol.
+It is recommended that applications should set this option.
 .IP "SSL_OP_NO_TLSv1" 4
 .IX Item "SSL_OP_NO_TLSv1"
 Do not use the TLSv1 protocol.
+.IP "SSL_OP_NO_TLSv1_1" 4
+.IX Item "SSL_OP_NO_TLSv1_1"
+Do not use the TLSv1.1 protocol.
+.IP "SSL_OP_NO_TLSv1_2" 4
+.IX Item "SSL_OP_NO_TLSv1_2"
+Do not use the TLSv1.2 protocol.
 .IP "\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0" 4
 .IX Item "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"
 When performing renegotiation as a server, always start a new session