polarssl: killing sslv3

Proposing we take a sharp axe to sslv3 in this PR. Reasons:

1) We want to do this with OpenSSL as soon as practical. PolarSSL works in a roughly similar way but is much less widely used, only having one Homebrew dependency (and even that is optional), which makes it a nice platform for testing.

2) PolarSSL has no mechanism to mitigate the SSLv3 POODLE mess in the manner OpenSSL has. That mechanism isn’t available to PolarSSL, and consequently upstream’s recommendation [here](https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-03-poodle-attack-on-ssl-v3) is just “feel free to kill sslv3 like this”.

3) If anything goes horribly wrong with this change, and I don’t think it will FWIW, it’s a 2 minute job to revert and rebuild to fix. That’s the kind of risk bracket I feel relatively comfortable jumping into for once.

0 files changed, 0 insertions, 0 deletions