Bug 1519695 - Remove no longer available HTTPS protocols from ENGINE_HTTPS_PROTOCOLS option
Summary: Remove no longer available HTTPS protocols from ENGINE_HTTPS_PROTOCOLS option
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: Backend.Core
Version: 4.1.7.6
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ovirt-4.2.1
: 4.2.1
Assignee: Martin Perina
QA Contact: Martin Perina
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-12-01 08:21 UTC by Jiri Belka
Modified: 2018-02-12 11:53 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-12 11:53:56 UTC
oVirt Team: Infra
Embargoed:
rule-engine: ovirt-4.2+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 85214 0 master MERGED core: Remove no longer available SSLv3 and TLSv1 protocols 2017-12-14 08:00:13 UTC

Description Jiri Belka 2017-12-01 08:21:59 UTC 
Description of problem:

I suppose this line is obsole, we don't do SSLv3 at all IIUC:

# grep '^ENGINE.*PROTOCOLS=' /usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.conf 
ENGINE_HTTPS_PROTOCOLS=SSLv3,TLSv1,TLSv1.1,TLSv1.2


Version-Release number of selected component (if applicable):
ovirt-engine-backend-4.1.8.1-0.1.el7.noarch

How reproducible:
100%

Steps to Reproduce:
1. grep '^ENGINE.*PROTOCOLS=' /usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.conf
2.
3.

Actual results:
SSLv3 mentioned in the output

Expected results:
SSLv3 should not be there

Additional info:
Comment 1 Martin Perina 2017-12-04 08:54:48 UTC 
We have already disabled all protocols except TLSv1.1 and TLSv1.2 on Apache as a part of BZ1388456, so SSLv3 and TLSv1 defined in ENGINE_HTTPS_PROTOCOLS cannot be used anyway, but yeah, we should clean this up
Comment 2 Martin Perina 2017-12-08 15:16:46 UTC 
Adding CodeChange as this affects only development environment
Comment 3 Sandro Bonazzola 2018-02-12 11:53:56 UTC 
This bugzilla is included in oVirt 4.2.1 release, published on Feb 12th 2018.

Since the problem described in this bug report should be
resolved in oVirt 4.2.1 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.
Note You need to log in before you can comment on or make changes to this bug.