Feature #11524: Use TLS 1.2 to default version of OpenSSL - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Feature #11524

closed

Use TLS 1.2 to default version of OpenSSL

Added by hsbt (Hiroshi SHIBATA) over 8 years ago. Updated over 8 years ago.

Status:

Closed

Assignee:

Target version:

[ruby-core:<unknown>]

Description

OpenSSL on trunk still use SSL version 3 with default option. but SSLv3 have some vulnerability.

I propose to use TLS 1.2 with default on OpenSSL library.

see original proposal: https://github.com/ruby/ruby/pull/873

In other side, HTTP/2 must be required TLS 1.2 protocol. We should change it before http client
author put ctx.ssl_version = :TLSv1_2 every their code.

ref. https://http2.github.io/http2-spec/#TLSUsage

Actions

Copy link

Updated by zzak (zzak _) over 8 years ago

Assignee changed from hsbt (Hiroshi SHIBATA) to 7150

Actions

Copy link

Updated by zzak (zzak _) over 8 years ago

Status changed from Open to Closed

Applied in changeset r52082.

ext/openssl/lib/openssl/ssl.rb: Default to TLSv1.2 and drop TLS v1
Patch provided by @claudijd [Fixes GH-873] [Feature #11524]:
https://github.com/ruby/ruby/pull/873

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Feature #11524

Use TLS 1.2 to default version of OpenSSL

Updated by zzak (zzak _) over 8 years ago

Updated by zzak (zzak _) over 8 years ago