diff options
| author | Adam Harvey <aharvey@php.net> | 2010-12-13 08:29:44 +0000 |
|---|---|---|
| committer | Adam Harvey <aharvey@php.net> | 2010-12-13 08:29:44 +0000 |
| commit | e87fbccfd81a0589122fd50d82237353c65d91d2 (patch) | |
| tree | 70ffc646235d91c87c823c0667ab889b16f8c914 /ext/openssl | |
| parent | 75de05cead837e3ee3aa346ba3467f9f6697ad4a (diff) | |
| download | php-git-e87fbccfd81a0589122fd50d82237353c65d91d2.tar.gz | |
MFH: implement FR #53447 (Cannot disable SessionTicket extension for servers
that do not support it). Includes Tony's subsequent commit to fix a segfault.
Diffstat (limited to 'ext/openssl')
| -rw-r--r-- | ext/openssl/xp_ssl.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index 930aa1f430..d827c519f9 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -369,6 +369,18 @@ static inline int php_openssl_setup_crypto(php_stream *stream, SSL_CTX_set_options(sslsock->ctx, SSL_OP_ALL); +#if OPENSSL_VERSION_NUMBER >= 0x0090806fL + { + zval **val; + + if (stream->context && SUCCESS == php_stream_context_get_option( + stream->context, "ssl", "no_ticket", &val) && + zval_is_true(*val)) { + SSL_CTX_set_options(sslsock->ctx, SSL_OP_NO_TICKET); + } + } +#endif + sslsock->ssl_handle = php_SSL_new_from_context(sslsock->ctx, stream TSRMLS_CC); if (sslsock->ssl_handle == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to create an SSL handle"); |