Packages to be dropped after openssl 1.1.1 rebuild

Adam Golebiowski adamg at
Wed Nov 14 18:35:58 CET 2018

On Wed, Nov 14, 2018 at 03:49:37PM +0100, Arkadiusz Miśkiewicz wrote:
> On 03/11/2018 11:11, Jan Rękorajski wrote:
> > The below packages will be removed from Th next week (~10th Nov) along
> > with any broken deps their removal will cause.
> Side note from bacula commit:
> "+    TLSv1_method() should not be used and SSLv23_method() should be
> +    preferred because the latter supports TLS1.0…1.2 while the former
> _only_
> +    tries TLS1.0."
> if that's true then some of our openssl patches should switch back from
> TLSv1_method to SSLv23_method

openssl docs [0] recommends TLS_method() instead of SSLv23_method() or

"TLS_method(), TLS_server_method(), TLS_client_method()

    These are the general-purpose version-flexible SSL/TLS methods. The
    actual protocol version used will be negotiated to the highest
    version mutually supported by the client and the server. The
    supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
    Applications should use these methods, and avoid the
    version-specific methods described below."



More information about the pld-devel-en mailing list