From d2136e5ad08308aa6d424573054b6f3092eeadc7 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 12 Mar 2016 23:26:25 +0000
Subject: [PATCH] Force-clear SSL_OP_NO_SSLv2 flag (required for 1.0.2g and
 later to allow SSLv2)

---
 nsock/src/nsock_ssl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nsock/src/nsock_ssl.c b/nsock/src/nsock_ssl.c
index 76e48a302..ca4062f77 100644
--- a/nsock/src/nsock_ssl.c
+++ b/nsock/src/nsock_ssl.c
@@ -132,6 +132,7 @@ nsock_ssl_ctx nsock_pool_ssl_init(nsock_pool ms_pool, int flags) {
    * SSL_OP_NO_SSLv2 disables the less-secure SSLv2 while allowing us to use the
    * SSLv2-compatible SSLv23_client_method. */
   SSL_CTX_set_verify(ms->sslctx, SSL_VERIFY_NONE, NULL);
+  SSL_CTX_clear_options(ms->sslctx, SSL_OP_NO_SSLv2);
   SSL_CTX_set_options(ms->sslctx, flags & NSOCK_SSL_MAX_SPEED ?
                                   SSL_OP_ALL : SSL_OP_ALL|SSL_OP_NO_SSLv2);