Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-2009

OpenSSL API has changed and now deprecates SSL_OP_NO_TLSv* used with SSL_CTX_set_options

Agile BoardAttach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • proton-c-0.26.0
    • None
    • proton-c
    • Fedora 29, OpenSSL 1.1.1 FIPS 11 Sep 2018

    Description

      The OpenSSL SSL_OP_NO_TLSvxxx options are deprecated for use in SSL_CTX_set_options().

      As of OpenSSL 1.1 way to specify TLS versions is through a min-version and max-version scheme - this is more code future proof.

      You can specify a minimum version and 0 for the maximum meaning the latest version.

      Proton's interface to this allows more than can be specified using the min/max API as you can specify each protocol individually.

      The proton code is also not future proof in that it "knows" about each TLS protocol individually in the code.

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            astitcher Andrew Stitcher
            chug Charles E. Rolke

            Dates

              Created:
              Updated:

              Slack

                Issue deployment