diff options
| author | Andrey Hristov <andrey@php.net> | 2015-11-16 12:39:04 +0100 |
|---|---|---|
| committer | Andrey Hristov <andrey@php.net> | 2015-11-16 12:39:04 +0100 |
| commit | 96406f08424b44772f91bf1b88ff7bde9bfd5b91 (patch) | |
| tree | a82c851081074a6093386d3dd756028b6bdea6a6 | |
| parent | 9134f9e98f6ccf8ed91cd1271fee7855062c07ff (diff) | |
| parent | 822400ef3b807f0a73b4c0879cdf4a802bf7e4fe (diff) | |
| download | php-git-96406f08424b44772f91bf1b88ff7bde9bfd5b91.tar.gz | |
Merge branch 'PHP-5.6' into PHP-7.0
| -rw-r--r-- | NEWS | 5 | ||||
| -rw-r--r-- | ext/mysqlnd/mysqlnd_net.c | 4 |
2 files changed, 9 insertions, 0 deletions
@@ -43,6 +43,11 @@ PHP NEWS . Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can cause segfaults). (Aharvey, Laruence) +- Mysqlnd: + . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate + validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT + connection flag. (Andrey) + - OCI8: . Fixed bug #68298 (OCI int overflow) (Senthil). diff --git a/ext/mysqlnd/mysqlnd_net.c b/ext/mysqlnd/mysqlnd_net.c index ccac6ad1fc..952af3d09c 100644 --- a/ext/mysqlnd/mysqlnd_net.c +++ b/ext/mysqlnd/mysqlnd_net.c @@ -978,6 +978,10 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net) ZVAL_BOOL(&verify_peer_zval, verify); php_stream_context_set_option(context, "ssl", "verify_peer", &verify_peer_zval); php_stream_context_set_option(context, "ssl", "verify_peer_name", &verify_peer_zval); + if (net->data->options.ssl_verify_peer == MYSQLND_SSL_PEER_DONT_VERIFY) { + ZVAL_TRUE(&verify_peer_zval); + php_stream_context_set_option(context, "ssl", "allow_self_signed", &verify_peer_zval); + } } #if PHP_API_VERSION >= 20131106 php_stream_context_set(net_stream, context); |