Issue #6607: Deprecate SSLv2 from API config - freeipa

freeipa

#6607 Deprecate SSLv2 from API config

Closed: Fixed None Opened 7 years ago by stlaz.

Currently, tls_version_min/max in api configuration allow for the following strings should the HTTPSConnection not fail with unknown protocol error:

ssl2
ssl3
tls1.0
tls1.1
tls1.2

Proposed solution:
Deprecate SSLv2, if user sets it, print warning about the deprecation and use the next SSL version.

mbasti commented 7 years ago

master:

ac6f573 Explicitly remove support of SSLv2/3

Metadata Update from @stlaz:
- Issue assigned to stlaz
- Issue set to the milestone: FreeIPA 4.5

7 years ago

Metadata

Assignee

stlaz

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 4.5

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#6607 Deprecate SSLv2 from API config Closed: Fixed None Opened 7 years ago by stlaz.

Metadata

#6607 Deprecate SSLv2 from API config

Closed: Fixed None Opened 7 years ago by stlaz.