On Tue, Sep 18, 2018 at 1:56 PM Ruediger Pluem <rpl...@apache.org> wrote:
> > > You'll likely see issues testing against OpenSSL 1.1.1 until the > TLSv1.3 > > merge is integrated for 2.4.x, yeah, I wouldn't worry about that. > > > > > > But I think this is worth highlighting in our Announcement, that we would > > strongly caution users to build 2.4.35 against OpenSSL 1.1.0. (And we > > Don't we see this issues with OpenSSL 1.1.0 as well? > Not that I'm aware of, these weren't changed in 1.1.0. Have been using it for over a year without such issues. This is all the side effect of the 1.1.0 -> 1.1.1 default auth callback behavior change, IIUC. > > could tease the forthcoming 2.4 release as building against 1.1.1/TLS > 1.3.) > > > > Thoughts? > > Makes sense. >