As reported in issue 1172, socat 1.7.3 changed the list of protocol version names for TLS 1.0 from "TLS", "TLS1", "TLSv1" to ["TLS1" and "TLS1.0"].
socat 1.7.3 was released in January 2015 and is used in Debian Jessie and later; and Ubuntu Wily (15.10) and later. https://github.com/craSH/socat/commit/d430147bc60c Update Ganeti to use "TLS1" which is compatible with both, and works all the way back to at least socat 1.6.0.0. Thanks to jardleex for the patch. Signed-off-by: Brian Foley <[email protected]> --- lib/impexpd/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/impexpd/__init__.py b/lib/impexpd/__init__.py index f40db31..6c49b93 100644 --- a/lib/impexpd/__init__.py +++ b/lib/impexpd/__init__.py @@ -88,7 +88,7 @@ BUFSIZE = 1024 * 1024 # Common options for socat SOCAT_TCP_OPTS = ["keepalive", "keepidle=60", "keepintvl=10", "keepcnt=5"] -SOCAT_OPENSSL_OPTS = ["verify=1", "method=TLSv1", +SOCAT_OPENSSL_OPTS = ["verify=1", "method=TLS1", "cipher=%s" % constants.OPENSSL_CIPHERS] if constants.SOCAT_USE_COMPRESS: -- 2.8.0.rc3.226.g39d4020
