On Fri, Mar 31, 2017 at 07:01:14AM -0500, Joseph Lorenzini wrote:> Hi Yong, > > Gluster uses the openssl library, which supports SSL 3.0 and TLS versions > 1.0,1.1,1.2. I actually don't know if its dynamically linked against the > openssl library nor what version of the openssl lib gluster has been tested > with. That is important info to know that is currently undocumented.It is dynamically linked and the version that is used is the openssl version that is provided by the distribution where the different glusterfs packages are built. Niels -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: not available URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20170331/7d11d1fc/attachment.sig>
So how can I know the default ssl protocol currently using between server and client? (gluster3.10.0 on ubuntu16.04) Yong Zhang On 2017-03-31 20:56 , Niels de Vos Wrote: On Fri, Mar 31, 2017 at 07:01:14AM -0500, Joseph Lorenzini wrote:> Hi Yong, > > Gluster uses the openssl library, which supports SSL 3.0 and TLS versions > 1.0,1.1,1.2. I actually don't know if its dynamically linked against the > openssl library nor what version of the openssl lib gluster has been tested > with. That is important info to know that is currently undocumented.It is dynamically linked and the version that is used is the openssl version that is provided by the distribution where the different glusterfs packages are built. Niels -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20170331/0250428f/attachment.html>
Try OpenSSL s_client connect to a volumes brick port. Note you can controll the allowed ssl versions by setting a gluster vol option. Joe On Fri, Mar 31, 2017 at 8:33 AM Darren Zhang <hiscal at 126.com> wrote: So how can I know the default ssl protocol currently using between server and client? (gluster3.10.0 on ubuntu16.04) Yong Zhang On 2017-03-31 20:56 , Niels de Vos <ndevos at redhat.com> Wrote: On Fri, Mar 31, 2017 at 07:01:14AM -0500, Joseph Lorenzini wrote:> Hi Yong, > > Gluster uses the openssl library, which supports SSL 3.0 and TLS versions > 1.0,1.1,1.2. I actually don't know if its dynamically linked against the > openssl library nor what version of the openssl lib gluster has beentested> with. That is important info to know that is currently undocumented.It is dynamically linked and the version that is used is the openssl version that is provided by the distribution where the different glusterfs packages are built. Niels -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20170401/49cf096a/attachment.html>