SecureSocket: disable SSL versions 2 and 3

There are known vulnerabilities in those. Everyone should be using TLS
by now.

src/kits/network/libnetapi/SecureSocket.cpp

@@ -95,6 +95,9 @@ BSecureSocket::Private::CreateContext()
 {
 	sContext = SSL_CTX_new(SSLv23_method());
 
+	// Disable legacy protocols. They have known vulnerabilities.
+	SSL_CTX_set_options(sContext, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+
 	// Setup certificate verification
 	BPath certificateStore;
 	find_directory(B_SYSTEM_DATA_DIRECTORY, &certificateStore);