Removed support for SSLv3

SSLv3 can't be considered safe anymore so removing the support for it improves
MaxScale's security as a whole.

Documentation/Getting-Started/Configuration-Guide.md

@@ -629,12 +629,13 @@ A string giving a file path that identifies an existing readable file. The file
 #### `ssl_version`
 
 This parameter controls the level of encryption used. Accepted values are:
- * SSLv3
  * TLSv10
  * TLSv11
  * TLSv12
  * MAX   
 
+`MAX` is the maximum available TLS version which at the time of writing is TLSv1.2.
+
 #### `ssl_cert_verification_depth`
 
 The maximum length of the certificate authority chain that will be accepted. Legal values are positive integers. Note that if the client is to submit an SSL certificate, the `ssl_cert_verification_depth` parameter must not be 0. If no value is specified, the default is 9.

server/core/listener.c

@@ -80,11 +80,7 @@ listener_alloc(char *protocol, char *address, unsigned short port, char *authent
 int
 listener_set_ssl_version(SSL_LISTENER *ssl_listener, char* version)
 {
-    if (strcasecmp(version,"SSLV3") == 0)
+    if (strcasecmp(version,"TLSV10") == 0)
-    {
-        ssl_listener->ssl_method_type = SERVICE_SSLV3;
-    }
-    else if (strcasecmp(version,"TLSV10") == 0)
     {
         ssl_listener->ssl_method_type = SERVICE_TLS10;
     }
@@ -147,9 +143,6 @@ listener_init_SSL(SSL_LISTENER *ssl_listener)
     {
         switch(ssl_listener->ssl_method_type)
         {
-        case SERVICE_SSLV3:
-            ssl_listener->method = (SSL_METHOD*)SSLv3_server_method();
-            break;
         case SERVICE_TLS10:
             ssl_listener->method = (SSL_METHOD*)TLSv1_server_method();
             break;

server/include/gw_ssl.h

@@ -42,7 +42,6 @@ struct dcb;
 
 enum
 {
-    SERVICE_SSLV3,
     SERVICE_TLS10,
 #ifdef OPENSSL_1_0
     SERVICE_TLS11,