diff options
| author | Andrey Hristov <andrey@php.net> | 2015-11-16 12:38:25 +0100 |
|---|---|---|
| committer | Andrey Hristov <andrey@php.net> | 2015-11-16 12:38:25 +0100 |
| commit | 822400ef3b807f0a73b4c0879cdf4a802bf7e4fe (patch) | |
| tree | 9564c948b85e02af06ab974dc4845df3c3b48423 | |
| parent | 25439e939e8d6a86bcc1654221460851b43271d5 (diff) | |
| download | php-git-822400ef3b807f0a73b4c0879cdf4a802bf7e4fe.tar.gz | |
News for fixed bug #68344
| -rw-r--r-- | NEWS | 5 | ||||
| -rw-r--r-- | ext/mysqlnd/mysqlnd_net.c | 4 |
2 files changed, 9 insertions, 0 deletions
@@ -17,6 +17,11 @@ PHP NEWS . Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l). (Laruence) +- Mysqlnd: + . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate + validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT + connection flag. (Andrey) + - OCI8: . Fixed bug #68298 (OCI int overflow) (Senthil). diff --git a/ext/mysqlnd/mysqlnd_net.c b/ext/mysqlnd/mysqlnd_net.c index 3e8d0993fa..2231e1db2c 100644 --- a/ext/mysqlnd/mysqlnd_net.c +++ b/ext/mysqlnd/mysqlnd_net.c @@ -965,6 +965,10 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net TSRMLS_DC) ZVAL_BOOL(&verify_peer_zval, verify); php_stream_context_set_option(context, "ssl", "verify_peer", &verify_peer_zval); php_stream_context_set_option(context, "ssl", "verify_peer_name", &verify_peer_zval); + if (net->data->options.ssl_verify_peer == MYSQLND_SSL_PEER_DONT_VERIFY) { + ZVAL_TRUE(&verify_peer_zval); + php_stream_context_set_option(context, "ssl", "allow_self_signed", &verify_peer_zval); + } } php_stream_context_set(net_stream, context); |