diff options
| author | Daniel Lowrey <rdlowrey@php.net> | 2015-03-05 20:48:47 -0700 |
|---|---|---|
| committer | Daniel Lowrey <rdlowrey@php.net> | 2015-03-05 21:09:39 -0700 |
| commit | 10bc5fd4c4c8e1dd57bd911b086e9872a56300a0 (patch) | |
| tree | c37962db1a2b76cc720976a1fc02b9aa1f6c2085 /ext/pcre/php_pcre.c | |
| parent | e7df9d710cfb6bbb059ab673bb5851515b2a3aa9 (diff) | |
| download | php-git-10bc5fd4c4c8e1dd57bd911b086e9872a56300a0.tar.gz | |
Fixed bug (#69195 Inconsistent stream crypto values across versions)
PHP 5.6.0 altered the semantics of the following constants:
- STREAM_CRYPTO_METHOD_SSLv23_CLIENT
- STREAM_CRYPTO_METHOD_SSLv23_SERVER
- STREAM_CRYPTO_METHOD_TLS_CLIENT
- STREAM_CRYPTO_METHOD_TLS_SERVER
Instead of representing the SSLv23_*() handshake methods the v23
constants were changed to allow only SSLv2 or SSLv3 connections.
Likewise, the TLS methods were modified from using only the TLSv1
handshake to allowing TLS1,1.1, and 1.2. This created a situation
in which users upgrading from previous versions faced a potential
security degradation if they did not update code to use different
constants. In the interest of compatibility across PHP versions
the original semantics have been restored with the following
caveat:
**IMPORTANT**
The SSLv23 client/server methods will no longer negotiate the use
of the insecure SSLv2 or SSLv3 protocols by default. Users wishing
to allow these protocols must explicitly add them to the method
bitmask via the appropriate flags.
Diffstat (limited to 'ext/pcre/php_pcre.c')
0 files changed, 0 insertions, 0 deletions