-
Bug
-
Resolution: Fixed
-
Minor
-
3.2
-
MOODLE_32_STABLE
-
MOODLE_32_STABLE
-
MDL-57450-master -
In MDL-55404 we added checks for curl versions to detect situations where TLS 1.2 can't be used, which affects integrations with external services (as well as our own updates service).
Unfortunately it has come to light that the version sniffing is just not reliable at all, operating system vendors backport security patches to older versions - so in many cases we reporting a problem which is not a problem. False positives and the solution to self-compile or something like php will be causing more harm than good.
To solve this properly, we need to stop sniffing versions, and instead do a real test of TLS support - MDL-57262 is open about this.
But in the meantime, to prevent these false positves causing problems for people upgrading, we will remove the check from 3.2 environment requirements.
- has a non-specific relationship to
-
MDL-57262 Re-implement curl TLS check by checking functionality rather than sniffing versions
- Closed
- is a regression caused by
-
MDL-56917 Environment checks for TLS can trigger a false positive
- Closed
- will help resolve
-
MDL-56806 Add environment checks for TLS that missed stables in MDL-55404
- Closed