Excerpt from CHANGES:
Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via
the version-flexible SSLv23_method() will need to explicitly call
either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
or
SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
as appropriate. Even if either of those is used, or the application
explicitly uses the version-specific SSLv2_method() or its client and
server variants, SSLv2 ciphers vulnerable to exhaustive search key
recovery have been removed. Specifically, the SSLv2 40-bit EXPORT
ciphers, and SSLv2 56-bit DES are no longer available.
Approved by: re (marius, gjb), so (delphij)
86f5b30ace