Disabling SSLv3 in NTK Plugin (Poodle vulnerability)

There has been a lot of attention in the media about the Poodle vulnerability in the SSL protocol. NTK Plugin supports both the SSLv2, SSLv3 and TLSv1 protocols. Disabling the unsafe protocols is easy. Just include the following in the option list when calling TCP Listen or TCP Open:

"ssl-method=TLSv1"

This will disable SSLv2 and SSLv3. This issue is most importantly for server sockets. Client sockets will negotiate with the server and negotiate on the protocol to use. If the server tells it only supports TLSv1, then that will be used.

In the upcoming 2.5.4 version we will make TLSv1 the default ssl-method for server sockets.