Enable openssl legacy #161
Conversation
|
@xoxys is this the way to achieve this? Or is there a different way it should be done? |
|
IMO, we should not use Ubuntu 22 for anything related to oc10. We add more and more hacks and workarounds to get it working somehow (PHP, OpenSSL, etc.). Sticking to Ubuntu 20.04 as long as possible, especially for the production containers However, if the legacy stuff is really required, yes I guess that's the way to go even if I have not tested/verified it. |
|
Don't know the details, but is it really a good idea to tell people to use the legacy mode instead of fixing the code to support a modern OpenSSL version? |
|
We have the https://doc.owncloud.com/server/next/admin_manual/installation/system_requirements.html#officially-supported-environments lists Ubuntu 20.04 and 22.04 - so if 22.04 is not to be supported, that would need to be discussed. |
There was a problem hiding this comment.
Ok for me. But shouldn't the CI fail as expected as long as the encryption app is not fixed properly? The legacy mode might be a workaround for existing deployments, but it's still just a workaround and not a proper fix. However, don't want to block you, feel free to merge.
|
As there are no plans to fix it, using the legacy mode is the only way. |
Ubuntu 22.04 has openssl v3. openssl v3 disables various legacy encryption methods. For the current oC10 encryption app, we need those legacy encryption methods to be available.
This PR provides an
etc/ssl/opensssl.cnfthat has the legacy encryption methods enabled.Ref: owncloud/core#40745 tries to run core CI with Ubuntu 22.04 docker.
Related core issue owncloud/core#40071
Documentation about how production Ubuntu 22.04 systems enable the legacy encryption methods: https://doc.owncloud.com/server/10.12/admin_manual/installation/manual_installation/manual_installation_prerequisites.html#openssl-version