[Bugs] [Bug 1491691] New: rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1
bugzilla at redhat.com
bugzilla at redhat.com
Thu Sep 14 12:23:53 UTC 2017
https://bugzilla.redhat.com/show_bug.cgi?id=1491691
Bug ID: 1491691
Summary: rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1
Product: GlusterFS
Version: 3.10
Component: rpc
Assignee: bugs at gluster.org
Reporter: kkeithle at redhat.com
CC: bugs at gluster.org
Depends On: 1491025
Blocks: 1491690
+++ This bug was initially created as a clone of Bug #1491025 +++
Description of problem:
Fedora 26 has OpenSSL-1.1. Compile-time warnings indicate that TLSv1_2_method()
is now deprecated. As per the SSL man page:
TLS_method(), TLS_server_method(), TLS_client_method()
These are the general-purpose version-flexible SSL/TLS methods. The actual
protocol version used will be negotiated to the highest version mutually
supported by the client and the server. The supported protocols are SSLv3,
TLSv1, TLSv1.1 and TLSv1.2. Applications should use these methods, and avoid
the version-specific methods described below.
...
TLSv1_2_method(), ...
...
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
--- Additional comment from Worker Ant on 2017-09-12 15:37:16 EDT ---
REVIEW: https://review.gluster.org/18268 (rpc: TLSv1_2_method() is deprecated
in OpenSSL-1.1) posted (#1) for review on master by Kaleb KEITHLEY
(kkeithle at redhat.com)
--- Additional comment from Worker Ant on 2017-09-13 08:12:37 EDT ---
REVIEW: https://review.gluster.org/18268 (rpc: TLSv1_2_method() is deprecated
in OpenSSL-1.1) posted (#2) for review on master by Kaleb KEITHLEY
(kkeithle at redhat.com)
--- Additional comment from Worker Ant on 2017-09-13 14:22:52 EDT ---
COMMIT: https://review.gluster.org/18268 committed in master by Jeff Darcy
(jeff at pl.atyp.us)
------
commit 0643510e9852059b465e99f4ea255a3d3aeb9e86
Author: Kaleb S. KEITHLEY <kkeithle at redhat.com>
Date: Tue Sep 12 15:34:15 2017 -0400
rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1
Fedora 26 has OpenSSL-1.1. Compile-time warnings indicate
that TLSv1_2_method() is now deprecated. As per the SSL man page:
TLS_method(), TLS_server_method(), TLS_client_method()
These are the general-purpose version-flexible SSL/TLS methods.
The actual protocol version used will be negotiated to the highest
version mutually supported by the client and the server. The
supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
Applications should use these methods, and avoid the version-
specific methods described below.
...
TLSv1_2_method(), ...
...
Note that OpenSSL-1.1 is the version of OpenSSL; Fedora 25 and RHEL 7.3
and other distributions (still) have OpenSSL-1.0.
TLS versions are orthogonal to the OpenSSL version. TLS_method() is the
new — in OpenSSL-1.1 — version flexible function intended to replace the
TLSv1_2_method() function in OpenSSL-1.0 and the older (?), insecure
TLSv23_method(). (OpenSSL-1.0 does not have TLS_method())
Change-Id: I190363ccffe7c25606ea2cf30a6b9ff1ec186057
BUG: 1491025
Signed-off-by: Kaleb S. KEITHLEY <kkeithle at redhat.com>
Reviewed-on: https://review.gluster.org/18268
Reviewed-by: Emmanuel Dreyfus <manu at netbsd.org>
Smoke: Gluster Build System <jenkins at build.gluster.org>
Reviewed-by: Niels de Vos <ndevos at redhat.com>
CentOS-regression: Gluster Build System <jenkins at build.gluster.org>
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1491025
[Bug 1491025] rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1
https://bugzilla.redhat.com/show_bug.cgi?id=1491690
[Bug 1491690] rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list