Fix TLS setting to use TLS 1.x (support TLS 1.1/1.2)

[ralish]

When we run using "--tls" (default) we create the SSL context with a TLSv1__method(), however, this only supports TLS 1.0 connections. In contrast, when we run with "--ssl" we use a SSLv23__method() which allows all supported protocols. We block SSL 2.0 by passing in the SSL_OP_NO_SSLv2 flag in SSL_CTX_set_options. This results in the somewhat counterintuitive situation where the supported protocols are:

• --tls: TLS 1.0
• --ssl: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2

This patch fixes the handling of "--tls" so that it supports TLS 1.x while ensuring SSL 3.0 is blocked (SSL 2.0 is always blocked).

This all assumes an OpenSSL library capable of supports newer TLS versions, otherwise, the above change will have no effect on stud's behaviour (ie. --ssl supports SSL 3.0/TLS 1.0, --tls supports TLS 1.0).

[PaulMcMillan]

This change also provides a reasonable solution to the recently released POODLE vulnerability.

http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html

[ralish]

Closing PR as project is no longer maintained.