Comment 3 for bug 1020632

After staring at the utter crap OpenSSL docs for a while, it turns out that, almost regardless of what you're trying to interoperate with, the correct method to use is SSL.SSLv23_METHOD. TLSv1_2_METHOD means TLS 1.2 *only*. Similarly, TLSv1_METHOD means TLS 1.0 *only* (in particular, TLSv1_METHOD disallows TLSv1.2).

If you use SSL.SSLv23_METHOD and set SSL.OP_NO_SSLv2 (and optionally SSL.OP_NO_SSLv3) then you get reasonable results, including the availability of GCM ciphers.