Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Crypt::SSLeay considered deprecated #23

Closed
goetzk opened this issue Aug 30, 2018 · 1 comment
Closed

Crypt::SSLeay considered deprecated #23

goetzk opened this issue Aug 30, 2018 · 1 comment
Milestone

Comments

@goetzk
Copy link
Member

@goetzk goetzk commented Aug 30, 2018

Crypt::SSLeay's page has the following warning

At this point, Crypt::SSLeay is maintained to support existing software that already depends on it. However, it is possible that your software does not really depend on Crypt::SSLeay, only on the ability of LWP::UserAgent class to communicate with sites over SSL/TLS.

https://metacpan.org/pod/Crypt::SSLeay#DO-YOU-NEED-Crypt::SSLeay?

Might be worth trying to move to LWP::Protocol:https when updating the events code next.

@goetzk goetzk added this to the v2.2 milestone Sep 18, 2018
@goetzk
Copy link
Member Author

@goetzk goetzk commented Sep 18, 2018

There is also the issue of old RHEL (6) and similar systems - see #26 for my related lib curl branch.

goetzk added a commit to UniTasLibrary/DataCiteDoi that referenced this issue Sep 26, 2018
As reported in eprintsug#14, Crypt::SSLeay is no longer the recommended way of getting
HTTPS through LWP.

https://wiki.eprints.org/w/index.php?title=Installing_EPrints_on_RHEL/Fedora/CentOS&diff=prev&oldid=12408

This is also backed up by Crypt::SSLeay upstream who warn
```
At this point, Crypt::SSLeay is maintained to support existing software that
already depends on it. However, it is possible that your software does not
really depend on Crypt::SSLeay, only on the ability of LWP::UserAgent class to
communicate with sites over SSL/TLS.
```

https://metacpan.org/pod/Crypt::SSLeay#DO-YOU-NEED-Crypt::SSLeay?

Closes: eprintsug#14
Closes: eprintsug#23
goetzk added a commit that referenced this issue Sep 26, 2018
As reported in #14, Crypt::SSLeay is no longer the recommended way of getting
HTTPS through LWP.

https://wiki.eprints.org/w/index.php?title=Installing_EPrints_on_RHEL/Fedora/CentOS&diff=prev&oldid=12408

This is also backed up by Crypt::SSLeay upstream who warn
```
At this point, Crypt::SSLeay is maintained to support existing software that
already depends on it. However, it is possible that your software does not
really depend on Crypt::SSLeay, only on the ability of LWP::UserAgent class to
communicate with sites over SSL/TLS.
```

https://metacpan.org/pod/Crypt::SSLeay#DO-YOU-NEED-Crypt::SSLeay?

Closes: #14
Closes: #23
@goetzk goetzk closed this as completed Sep 26, 2018
@goetzk goetzk removed this from the v2.2 milestone Sep 26, 2018
@goetzk goetzk added this to the v2.1 milestone Sep 26, 2018
goetzk added a commit that referenced this issue Oct 4, 2018
Offer WWW::Curl as an option for API connections

The cause of this development was the age of LWP in RHEL6.10 can't handle SNI servers - used by DataCite for their API.

For more on the LWP age issue and curl updates which ensure it works see these issues.
libwww-perl/LWP-Protocol-https#17 LWP SNI fix from 6.07
curl/curl#700 - Curl updates in RHEL 6.7 and 6.8

This branch/change allows curl to be used opt in, defaulting to LWP, and should not change any existing behaviours (those breaking changes were in #23 and #33).

There are also some other changes which have come through as I've tried to keep various files (like configuration and README) in sync.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant