Page MenuHomeFreeBSD
Differential D24947

Remove support for SSLv3 from fetch(3)
ClosedPublic
Actions

Authored by jkim on May 21 2020, 9:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Apr 29, 6:21 AM
Unknown Object (File)
Thu, Apr 25, 1:20 PM
Unknown Object (File)
Thu, Apr 25, 1:20 PM
Unknown Object (File)
Mon, Apr 22, 9:30 AM
Unknown Object (File)
Mon, Apr 22, 9:17 AM
Unknown Object (File)
Sat, Apr 20, 12:03 PM
Unknown Object (File)
Dec 29 2023, 7:18 PM
Unknown Object (File)
Dec 20 2023, 7:56 AM
View All 34 Files
Subscribers
bjk
cem
imp

Details

Reviewers
des
cem
bjk
emaste
philip
Group Reviewers
manpages
Commits
rS368000: Remove support for SSLv3 from fetch(3).
Summary

We want to disable SSLv3 support from FreeBSD 13. Please see D24945.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jkim created this revision.May 21 2020, 9:44 PM
Herald added a reviewer: manpages. · View Herald TranscriptMay 21 2020, 9:44 PM
Herald added a subscriber: imp. · View Herald Transcript
jkim requested review of this revision.May 21 2020, 9:44 PM
Harbormaster completed remote builds in B31223: Diff 72094.May 21 2020, 9:44 PM
jkim mentioned this in D24945: Turn off SSLv3..May 21 2020, 9:45 PM
cem accepted this revision.May 21 2020, 9:48 PM
cem added a subscriber: cem.

Maybe TLS 1.0/1.1 should switch to being opt-in, like SSL2/3 before? Not a requirement for this change.

This revision is now accepted and ready to land.May 21 2020, 9:48 PM
bjk accepted this revision.May 21 2020, 9:54 PM
bjk added a subscriber: bjk.

I agree with Conrad (but it should be a separate review); TLS 1.0 and 1.1's days are numbered, and I should really get around to progressing https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-06

emaste accepted this revision.May 21 2020, 10:08 PM
philip accepted this revision.May 22 2020, 3:30 AM
Closed by commit rS368000: Remove support for SSLv3 from fetch(3). (authored by jkim). · Explain WhyNov 24 2020, 10:11 PM
This revision was automatically updated to reflect the committed changes.
jkim added a commit: rS368000: Remove support for SSLv3 from fetch(3)..

Revision Contents
Changeset List

PathSize
head/
lib/
libfetch/
4 lines
8 lines

Diff 79961

View Options

head/lib/libfetch/common.c

Loading...
View Options

head/lib/libfetch/fetch.3

Loading...