[Bugs] [Bug 1491691] rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1

bugzilla at redhat.com bugzilla at redhat.com
Thu Sep 14 14:22:46 UTC 2017 

https://bugzilla.redhat.com/show_bug.cgi?id=1491691



--- Comment #2 from Worker Ant <bugzilla-bot at gluster.org> ---
COMMIT: https://review.gluster.org/18285 committed in release-3.10 by
Shyamsundar Ranganathan (srangana at redhat.com) 
------
commit b221e51609f558d96652679943326e940d52e2db
Author: Kaleb S. KEITHLEY <kkeithle at redhat.com>
Date:   Tue Sep 12 15:34:15 2017 -0400

    rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1

    Fedora 26 has OpenSSL-1.1. Compile-time warnings indicate
    that TLSv1_2_method() is now deprecated. As per the SSL man page:

      TLS_method(), TLS_server_method(), TLS_client_method()
        These are the general-purpose version-flexible SSL/TLS methods.
        The actual protocol version used will be negotiated to the highest
        version mutually supported by the client and the server. The
        supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
        Applications should use these methods, and avoid the version-
        specific methods described below.
      ...
      TLSv1_2_method(), ...
      ...

    Note that OpenSSL-1.1 is the version of OpenSSL; Fedora 25 and RHEL 7.3
    and other distributions (still) have OpenSSL-1.0.

    TLS versions are orthogonal to the OpenSSL version.  TLS_method() is the
    new — in OpenSSL-1.1 — version flexible function intended to replace the
    TLSv1_2_method() function in OpenSSL-1.0 and the older (?), insecure
    TLSv23_method(). (OpenSSL-1.0 does not have TLS_method())

    master: https://review.gluster.org/18268
    master BZ: 1491025
    release-3.12: https://review.gluster.org/18284
    release-3.12 BZ: 1491690

    Change-Id: I190363ccffe7c25606ea2cf30a6b9ff1ec186057
    BUG: 1491691
    Signed-off-by: Kaleb S. KEITHLEY <kkeithle at redhat.com>
    Reviewed-on: https://review.gluster.org/18285
    Smoke: Gluster Build System <jenkins at build.gluster.org>
    CentOS-regression: Gluster Build System <jenkins at build.gluster.org>

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list