libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anthony Shaw (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (LIBCLOUD-856) Libcloud is unable to use TLSv1.1 and TLSv1.2
Date Wed, 18 Jan 2017 04:34:26 GMT

     [ https://issues.apache.org/jira/browse/LIBCLOUD-856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Anthony Shaw resolved LIBCLOUD-856.
-----------------------------------
    Resolution: Fixed

fixed in v2.0.0

> Libcloud is unable to use TLSv1.1 and TLSv1.2
> ---------------------------------------------
>
>                 Key: LIBCLOUD-856
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-856
>             Project: Libcloud
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 0.15.1
>            Reporter: Allard Hoeve
>              Labels: security
>
> Our OpenStack provider today decided that they'd only support TLSv1.1 and up. Sadly,
current libcloud's selection of protocols seems to be fixed on TLSv1 only (httplib_ssl.py
line 295).
> I'd like to discuss ways to make this configurable, or better yet, have libcloud autodiscover
the protocol.
> One way to do this is to provide a way of configuring the connection parameters in the
drivers, or else in the top-level connection classes. If you want to use something newer than
TLSv1, you would then have to subclass (for example) the OpenStack_1_1_Connection and add
connection_parameters or something on them. These would then contain TLS parameters from the
python ssl package.
> Any other ideas?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message