Fix bug #28096 - stream_socket_accept() on an SSL server socket doesn't

enable SSL on the accepted socket. - Add cipher list context option - Add helpful hint about why SSL server socket fails with mysterious error (eg: you need an SSL certificate for most ciphers).
author: Wez Furlong <wez@php.net> 2004-04-21 23:02:06 +0000
committer: Wez Furlong <wez@php.net> 2004-04-21 23:02:06 +0000
commit: e9920ede1fc54e2b1cfd99a2cfb4528a5e79d005 (patch)
tree: 60b06ff44f6f717ffafc132b2fc14f04e5febcf3 /ext/openssl/openssl.c
parent: 375b5df63d3e57520ddb1d08fea2dbe8ec50d59f (diff)
download: php-git-e9920ede1fc54e2b1cfd99a2cfb4528a5e79d005.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 996cd17bae..002fd47748 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3206,6 +3206,7 @@ SSL *php_SSL_new_from_context(SSL_CTX *ctx, php_stream *stream TSRMLS_DC)
 	char *cafile = NULL;
 	char *capath = NULL;
 	char *certfile = NULL;
+	char *cipherlist = NULL;
 	int ok = 1;
 
 
@@ -3240,6 +3241,12 @@ SSL *php_SSL_new_from_context(SSL_CTX *ctx, php_stream *stream TSRMLS_DC)
 		SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
 	}
 
+	GET_VER_OPT_STRING("ciphers", cipherlist);
+	if (!cipherlist) {
+		cipherlist = "DEFAULT";
+	}
+	SSL_CTX_set_cipher_list(ctx, cipherlist);
+
 	GET_VER_OPT_STRING("local_cert", certfile);
 	if (certfile) {
 		X509 *cert = NULL;
author	Wez Furlong <wez@php.net>	2004-04-21 23:02:06 +0000
committer	Wez Furlong <wez@php.net>	2004-04-21 23:02:06 +0000
commit	e9920ede1fc54e2b1cfd99a2cfb4528a5e79d005 (patch)
tree	60b06ff44f6f717ffafc132b2fc14f04e5febcf3 /ext/openssl/openssl.c
parent	375b5df63d3e57520ddb1d08fea2dbe8ec50d59f (diff)
download	php-git-e9920ede1fc54e2b1cfd99a2cfb4528a5e79d005.tar.gz