diff options
author | Daniel Lowrey <rdlowrey@php.net> | 2014-08-25 19:35:01 +0200 |
---|---|---|
committer | Daniel Lowrey <rdlowrey@php.net> | 2014-08-25 19:35:01 +0200 |
commit | cc487e6cdfbb3f96868cfb7372315be769edd096 (patch) | |
tree | ecdc034a24948c373ac871349b8f463343d7acd6 | |
parent | 0cf2dbdf58645b52cb6582b1b2571c5cd9e9e6b3 (diff) | |
parent | 546a32e2b3e73f6e812c2a61fe8de6fbdc1def58 (diff) | |
download | php-git-cc487e6cdfbb3f96868cfb7372315be769edd096.tar.gz |
Merge branch 'PHP-5.6'
* PHP-5.6:
Bug #67850: Build when OpenSSL compiled without SSLv3 support
-rw-r--r-- | ext/openssl/xp_ssl.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index 06810cdbd8..099fdd0d81 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -891,7 +891,13 @@ static const SSL_METHOD *php_select_crypto_method(php_int_t method_value, int is return NULL; #endif } else if (method_value == STREAM_CRYPTO_METHOD_SSLv3) { +#ifndef OPENSSL_NO_SSL3 return is_client ? SSLv3_client_method() : SSLv3_server_method(); +#else + php_error_docref(NULL TSRMLS_CC, E_WARNING, + "SSLv3 support is not compiled into the OpenSSL library PHP is linked against"); + return NULL; +#endif } else if (method_value == STREAM_CRYPTO_METHOD_TLSv1_0) { return is_client ? TLSv1_client_method() : TLSv1_server_method(); } else if (method_value == STREAM_CRYPTO_METHOD_TLSv1_1) { @@ -2262,8 +2268,13 @@ php_stream *php_openssl_ssl_socket_factory(const char *proto, size_t protolen, sslsock->method = STREAM_CRYPTO_METHOD_SSLv2_CLIENT; #endif } else if (strncmp(proto, "sslv3", protolen) == 0) { +#ifdef OPENSSL_NO_SSL3 + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv3 support is not compiled into the OpenSSL library PHP is linked against"); + return NULL; +#else sslsock->enable_on_connect = 1; sslsock->method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT; +#endif } else if (strncmp(proto, "tls", protolen) == 0) { sslsock->enable_on_connect = 1; sslsock->method = get_crypto_method(context, STREAM_CRYPTO_METHOD_TLS_CLIENT); |