From d30b6a85b28d75aa4b8e721afe17abd8885f5ad2 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Thu, 17 Mar 2016 15:15:30 +0100
Subject: [PATCH] force SSL_OP_NO_SSLv2

---
 ext/openssl/xp_ssl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index c381e3dd37..edc1c17ab3 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -991,6 +991,9 @@ static int php_get_crypto_method_ctx_flags(int method_flags) /* {{{ */
 {
 	int ssl_ctx_options = SSL_OP_ALL;
 
+#ifdef SSL_OP_NO_SSLv2
+	ssl_ctx_options |= SSL_OP_NO_SSLv2;
+#endif
 #ifdef HAVE_SSL3
 	if (!(method_flags & STREAM_CRYPTO_METHOD_SSLv3)) {
 		ssl_ctx_options |= SSL_OP_NO_SSLv3;
-- 
2.50.1