Bug 1234853
Summary: | fetchmail man page has confusing text for --sslproto | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Stephen Wadeley <swadeley> | ||||
Component: | fetchmail | Assignee: | Vitezslav Crhonek <vcrhonek> | ||||
Status: | CLOSED WONTFIX | QA Contact: | qe-baseos-daemons | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 6.6 | CC: | mprpic, tmraz | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | |||||||
: | 1273016 (view as bug list) | Environment: | |||||
Last Closed: | 2017-12-06 11:04:27 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Stephen Wadeley
2015-06-23 11:47:07 UTC
Unfortunately using 'sslproto tls1' disables support for TLSv1.1 and TLSv1.2. That is a problem. Created attachment 1084371 [details] proposed fix Fixing the man page isn't enough, see comment #1. There's no way to disable SSLv3 and not to disable TLSv1.1+ together. I backported recent upstream changes related to SSL and updated various parts of documentation (man page, README.SSL and NEWS). --sslproto with this patch will support: '', auto, ssl23, ssl2, ssl3, ssl3+, tls1, tls1+, tls1.1, tls1.1+, tls1.2 and tls1.2+. All except ssl23 are intuitive to use. (Empty value is used to disable SSL at all.) auto/ssl23 are default values, fetchmail will use TLSv1 protocol or better in that case (this means it's pretty well backwards compatible for most configurations, the only difference should be that SSLv3 is disabled by default and if it's really needed, ssl3 or ssl3+ should be passed to fetchmail in --sslproto). *** Bug 1269888 has been marked as a duplicate of this bug. *** Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. The official life cycle policy can be reviewed here: http://redhat.com/rhel/lifecycle This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL: https://access.redhat.com/ |