Dump everything before TLSv1

All versions of SSL are deprecated and have major security issues. Just
kill the whole thing. If you want to deliberately expose yourself to
POODLE, you can do it on your own time.

basis/io/sockets/secure/openssl/openssl.factor

@@ -13,9 +13,6 @@ IN: io.sockets.secure.openssl
 
 GENERIC: ssl-method ( symbol -- method )
 
-M: SSLv2  ssl-method drop SSLv2_client_method ;
-M: SSLv23 ssl-method drop SSLv23_method ;
-M: SSLv3  ssl-method drop SSLv3_method ;
 M: TLSv1  ssl-method drop TLSv1_method ;
 
 TUPLE: openssl-context < secure-context aliens sessions ;

basis/io/sockets/secure/secure-docs.factor

@@ -4,20 +4,6 @@ IN: io.sockets.secure
 HELP: secure-socket-timeout
 { $var-description "Timeout for operations not associated with a constructed port instance, such as SSL handshake and shutdown. Represented as a " { $link duration } "." } ;
 
-HELP: SSLv2
-{ $description "Possible value for the " { $snippet "method" } " slot of a " { $link secure-config } "."
-$nl
-"Note that the SSLv2 protocol is vulnerable to truncation attacks and its use is discouraged (" { $url "http://www.gnu.org/software/gnutls/manual/html_node/On-SSL-2-and-older-protocols.html" } ")." } ;
-
-HELP: SSLv3
-{ $description "Possible value for the " { $snippet "method" } " slot of a " { $link secure-config } "."
-$nl
-"SSLv3 is widely used, however it is being supersceded by TLSv1." } ;
-
-HELP: SSLv23
-{ $description "Possible value for the " { $snippet "method" } " slot of a " { $link secure-config } "."
-$nl
-"This value indicates that either SSLv2 or SSLv3 is acceptable." } ;
 
 HELP: TLSv1
 { $description "Possible value for the " { $snippet "method" } " slot of a " { $link secure-config } "."
@@ -27,12 +13,9 @@ $nl
 ARTICLE: "ssl-methods" "SSL/TLS methods"
 "The " { $snippet "method" } " slot of a " { $link secure-config } " can be set to one of the following values:"
 { $subsections
-    SSLv2
-    SSLv23
-    SSLv3
     TLSv1
 }
-"The default value is " { $link SSLv23 } "." ;
+"The default value is " { $link TLSv1 } "." ;
 
 HELP: secure-config
 { $class-description "Instances represent secure socket configurations." } ;
@@ -121,7 +104,7 @@ $nl
 { $subsections accept-secure-handshake } ;
 
 HELP: premature-close
-{ $error-description "Thrown if an SSL connection is closed without the proper " { $snippet "close_notify" } " sequence. This error is never reported for " { $link SSLv2 } " connections because there is no distinction between expected and unexpected connection closure in that case." } ;
+{ $error-description "Thrown if an SSL connection is closed without the proper " { $snippet "close_notify" } " sequence." } ;
 
 HELP: certificate-verify-error
 { $error-description "Thrown if certificate verification failed. The " { $snippet "result" } " slot contains an object identifying the low-level error that occurred." } ;

basis/io/sockets/secure/secure.factor

@@ -17,7 +17,7 @@ HOOK: ssl-certificate-verification-supported? secure-socket-backend ( -- ? )
 M: object ssl-supported? f ;
 M: object ssl-certificate-verification-supported? f ;
 
-SINGLETONS: SSLv2 SSLv23 SSLv3 TLSv1 ;
+SINGLETONS: TLSv1 ;
 
 TUPLE: secure-config
 method
@@ -30,7 +30,7 @@ ephemeral-key-bits ;
 
 : <secure-config> ( -- config )
     secure-config new
-        SSLv23 >>method
+        TLSv1 >>method
         1024 >>ephemeral-key-bits
         ssl-certificate-verification-supported? >>verify ;
 

basis/openssl/libssl/libssl-tests.factor

@@ -23,7 +23,7 @@ IN: openssl.libssl.tests
     swap SSL_CTRL_OPTIONS 0 f SSL_CTX_ctrl bitand 0 > ;
 
 : new-ctx ( -- ctx )
-    SSLv23_client_method SSL_CTX_new ;
+    TLSv1_client_method SSL_CTX_new ;
 
 : new-ssl ( -- ssl )
     new-ctx SSL_new ;