On Tue, Mar 14, 2017 at 08:18:27PM +0100, Pavlos Parissis wrote: > >> On Debian testing with openssl 1.1.0e, I get the following warnings when I > >> compile 1.7 and 1.8: > >> https://gist.githubusercontent.com/unixsurfer/9c42361822f23cfe36f3b2169133b551/raw/4665476fdfb2a94d287814a2c8a36215cbebb465/gistfile1.txt > > > > Yes these ones are known and for now we don't have any workaround. It > > seems openssl 1.1 wants us to drop support for older TLS versions, but > > we definitely can't do that so we'll have to live with the warnings :-/ > > I couldn't find a way to make them disappear. > > > > No worries, it compiles at the end and haproxy starts:-)
Ah that's how I test it before releasing... Just kidding, I don't verify that it starts :-) (...) > I fully understand the situation, I will compile 1.6 against openssl 1.0.2 > version > on my Debian testing box. I am not using 1.6 version at all, too old :-), but > I am > reshuffling code in haproxyadmin python lib and I want to make sure it > works with older versions of haproxy. OK cool! Just out of curiosity, are there some features of 1.7 that you've already got used to and that prevent you from using 1.6, or is this just a matter of staying on something modern ? Cheers, Willy
