Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv

			meth=DTLSv1_2_client_method();

			socket_type=SOCK_DGRAM;

			}

		else if (strcmp(*argv,"-fallback_scsv") == 0)

			{

			fallback_scsv = 1;

			}

		else if (strcmp(*argv,"-timeout") == 0)

			enable_timeouts=1;

		else if (strcmp(*argv,"-mtu") == 0)

			socket_mtu = atol(*(++argv));

			}

#endif

		else if (strcmp(*argv,"-fallback_scsv") == 0)

			{

			fallback_scsv = 1;

			}

		else if	(strcmp(*argv,"-keyform") == 0)

			{

			if (--argc < 1) goto bad;

[B<-no_ssl2>]

[B<-no_ssl3>]

[B<-no_tls1>]

[B<-no_tls1_1>]

[B<-no_tls1_2>]

[B<-fallback_scsv>]

[B<-bugs>]

[B<-cipher cipherlist>]

[B<-serverpref>]

given as a hexadecimal number without leading 0x, for example -psk

1a2b3c4d.

=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>

=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>

these options disable the use of certain SSL or TLS protocols. By default

the initial handshake uses a method which should be compatible with all

servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.

Unfortunately there are a lot of ancient and broken servers in use which

Unfortunately there are still ancient and broken servers in use which

cannot handle this technique and will fail to connect. Some servers only

work if TLS is turned off with the B<-no_tls> option others will only

support SSL v2 and may need the B<-ssl2> option.

work if TLS is turned off.

=item B<-fallback_scsv>

Send TLS_FALLBACK_SCSV in the ClientHello.

=item B<-bugs>

save around 34k per idle SSL connection.

This flag has no effect on SSL v2 connections, or on DTLS connections.

=item SSL_MODE_FALLBACK_SCSV

Send TLS_FALLBACK_SCSV in the ClientHello.

To be set by applications that reconnect with a downgraded protocol

version; see draft-ietf-tls-downgrade-scsv-00 for details.

=back

=head1 RETURN VALUES