On Wed, Nov 14, 2018 at 03:49:37PM +0100, Arkadiusz Miśkiewicz wrote: > On 03/11/2018 11:11, Jan Rękorajski wrote: > > The below packages will be removed from Th next week (~10th Nov) along > > with any broken deps their removal will cause. > > Side note from bacula commit: > > "+ TLSv1_method() should not be used and SSLv23_method() should be > + preferred because the latter supports TLS1.0…1.2 while the former > _only_ > + tries TLS1.0." > > if that's true then some of our openssl patches should switch back from > TLSv1_method to SSLv23_method
openssl docs [0] recommends TLS_method() instead of SSLv23_method() or TLSv1_method() "TLS_method(), TLS_server_method(), TLS_client_method() These are the general-purpose version-flexible SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Applications should use these methods, and avoid the version-specific methods described below." [0] https://www.openssl.org/docs/man1.1.0/ssl/TLS_method.html -- adamg _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en