Update ssl_min_version to accept "all" and reject "SSLv2"

doc-jp/README.SSL

@@ -28,7 +28,7 @@ SSL サポートについて
         5: TLSv1.1, 6: TLSv1.2, 7: TLSv1.3)
         (デフォルトは2, 3, t, 5).
     ssl_min_version
-        最小のSSLバージョン, OpenSSL 1.1以上で有効(TLSv1.0, TLSv1.1,
+        最小のSSLバージョン, OpenSSL 1.1以上で有効(all, TLSv1.0, TLSv1.1,
         TLSv1.2, TLSv1.3のいずれか) (デフォルトは<NULL>).
     ssl_ciphers
         TLSv1.2以下用のSSL暗号(例: DEFAULT:@SECLEVEL=2) (デフォルトは

rc.c

@@ -206,7 +206,7 @@ static int OptionEncode = FALSE;
 #endif				/* USE_SSL_VERIFY */
 #define CMT_SSL_FORBID_METHOD N_("List of forbidden SSL methods (2: SSLv2, 3: SSLv3, t: TLSv1.0, 5: TLSv1.1, 6: TLSv1.2, 7: TLSv1.3)")
 #ifdef SSL_CTX_set_min_proto_version
-#define CMT_SSL_MIN_VERSION N_("Minimum SSL version (TLSv1.0, TLSv1.1, TLSv1.2, or TLSv1.3)")
+#define CMT_SSL_MIN_VERSION N_("Minimum SSL version (all, TLSv1.0, TLSv1.1, TLSv1.2, or TLSv1.3)")
 #endif
 #define CMT_SSL_CIPHER N_("SSL ciphers for TLSv1.2 and below (e.g. DEFAULT:@SECLEVEL=2)")
 #endif				/* USE_SSL */

url.c

@@ -297,6 +297,10 @@ init_PRNG()
 static int
 str_to_ssl_version(const char *name)
 {
+    if(!strcasecmp(name, "all"))
+	return 0;
+    if(!strcasecmp(name, "none"))
+	return 0;
 #ifdef TLS1_3_VERSION
     if (!strcasecmp(name, "TLSv1.3"))
 	return TLS1_3_VERSION;
@@ -317,11 +321,7 @@ str_to_ssl_version(const char *name)
 	return SSL3_VERSION;
     if (!strcasecmp(name, "SSLv3"))
 	return SSL3_VERSION;
-    if (!strcasecmp(name, "SSLv2.0"))
-	return SSL2_VERSION;
-    if (!strcasecmp(name, "SSLv2"))
-	return SSL2_VERSION;
-    return 0;
+    return -1;
 }
 #endif				/* SSL_CTX_set_min_proto_version */
 
@@ -372,7 +372,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
 	if (ssl_min_version && *ssl_min_version != '\0') {
 	    int sslver;
 	    sslver = str_to_ssl_version(ssl_min_version);
-	    if (sslver <= 0
+	    if (sslver < 0
 		|| !SSL_CTX_set_min_proto_version(ssl_ctx, sslver)) {
 		free_ssl_ctx();
 		goto eend;