p5-Protocol-HTTP2 icon indicating copy to clipboard operation
p5-Protocol-HTTP2 copied to clipboard

Published 20 hours ago verified publisher icon vlet

Do not hardcode tlsv1 which is deprecated and disabled in some systems

Open ogayot opened this issue 2 years ago • 2 comments

The PH2 test-suite hardcodes the use of tlsv1 (i.e., TLSv1.0) which has been deprecated (alongside TLSv1.1 since 2021 - see RFC 8996).

Using the value tlsv1_2 would be fine (tlsv1_3 is not a supported value yet) but leaving it up to the system to decide seems simpler to maintain.

This fixes https://github.com/vlet/p5-Protocol-HTTP2/issues/15

The first patch makes it easier to see what the error actually is - if a disabled TLS version is being used:

-t/09_client_server_tcp.t .. 
+t/09_client_server_tcp.t .. connection error: error:0A0C0103:SSL routines::internal error: Protocol error

ogayot avatar Jul 28 '23 10:07 ogayot

I now realize that there is another PR that addresses the issue: https://github.com/vlet/p5-Protocol-HTTP2/pull/14 with a slightly different approach. I'm not sure which implementation is better.

ogayot avatar Jul 28 '23 12:07 ogayot

I think your approach with not specifying a TLS method is better.

ppisar avatar Aug 08 '23 08:08 ppisar