Bug 1491691
| Summary: | rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1 | ||
|---|---|---|---|
| Product: | [Community] GlusterFS | Reporter: | Kaleb KEITHLEY <kkeithle> |
| Component: | rpc | Assignee: | bugs <bugs> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.10 | CC: | bugs |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | glusterfs-3.10.6 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1491025 | Environment: | |
| Last Closed: | 2017-10-06 17:11:53 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1491025 | ||
| Bug Blocks: | 1480863, 1491690 | ||
|
Description
Kaleb KEITHLEY
2017-09-14 12:23:53 UTC
REVIEW: https://review.gluster.org/18285 (rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1) posted (#1) for review on release-3.10 by Kaleb KEITHLEY (kkeithle) COMMIT: https://review.gluster.org/18285 committed in release-3.10 by Shyamsundar Ranganathan (srangana) ------ commit b221e51609f558d96652679943326e940d52e2db Author: Kaleb S. KEITHLEY <kkeithle> Date: Tue Sep 12 15:34:15 2017 -0400 rpc: TLSv1_2_method() is deprecated in OpenSSL-1.1 Fedora 26 has OpenSSL-1.1. Compile-time warnings indicate that TLSv1_2_method() is now deprecated. As per the SSL man page: TLS_method(), TLS_server_method(), TLS_client_method() These are the general-purpose version-flexible SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Applications should use these methods, and avoid the version- specific methods described below. ... TLSv1_2_method(), ... ... Note that OpenSSL-1.1 is the version of OpenSSL; Fedora 25 and RHEL 7.3 and other distributions (still) have OpenSSL-1.0. TLS versions are orthogonal to the OpenSSL version. TLS_method() is the new — in OpenSSL-1.1 — version flexible function intended to replace the TLSv1_2_method() function in OpenSSL-1.0 and the older (?), insecure TLSv23_method(). (OpenSSL-1.0 does not have TLS_method()) master: https://review.gluster.org/18268 master BZ: 1491025 release-3.12: https://review.gluster.org/18284 release-3.12 BZ: 1491690 Change-Id: I190363ccffe7c25606ea2cf30a6b9ff1ec186057 BUG: 1491691 Signed-off-by: Kaleb S. KEITHLEY <kkeithle> Reviewed-on: https://review.gluster.org/18285 Smoke: Gluster Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.10.6, please open a new bug report. glusterfs-3.10.6 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://lists.gluster.org/pipermail/announce/2017-October/000084.html [2] https://www.gluster.org/pipermail/gluster-users/ |