1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
From e76022e2f4abe48774b667ef4fc1ed83fa6afa51 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Thu, 13 Nov 2014 18:59:10 +0100
Subject: [PATCH] fix build with old openssl (RHEL-5)
---
classes/ssl_context.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/classes/ssl_context.c b/classes/ssl_context.c
index 6f71a08..345e68f 100644
--- a/classes/ssl_context.c
+++ b/classes/ssl_context.c
@@ -240,6 +240,7 @@ static inline void set_ssl_ctx_options(SSL_CTX *ctx, HashTable *ht TSRMLS_DC)
SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1);
}
break;
+#ifdef SSL_OP_NO_TLSv1_1
case PHP_EVENT_OPT_NO_TLSv1_1:
if (zval_is_true(*ppzval)) {
SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_1);
@@ -247,6 +248,8 @@ static inline void set_ssl_ctx_options(SSL_CTX *ctx, HashTable *ht TSRMLS_DC)
SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_1);
}
break;
+#endif
+#ifdef SSL_OP_NO_TLSv1_2
case PHP_EVENT_OPT_NO_TLSv1_2:
if (zval_is_true(*ppzval)) {
SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_2);
@@ -254,6 +257,7 @@ static inline void set_ssl_ctx_options(SSL_CTX *ctx, HashTable *ht TSRMLS_DC)
SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_2);
}
break;
+#endif
case PHP_EVENT_OPT_CIPHER_SERVER_PREFERENCE:
if (zval_is_true(*ppzval)) {
SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
@@ -342,16 +346,44 @@ static zend_always_inline SSL_METHOD *get_ssl_method(long in_method TSRMLS_DC)
method = (SSL_METHOD *) TLSv1_server_method();
break;
case PHP_EVENT_TLSv11_CLIENT_METHOD:
+#ifdef SSL_OP_NO_TLSv1_1
method = (SSL_METHOD *) TLSv1_1_client_method();
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
+ "TLSv1_1 support is not compiled into the "
+ "OpenSSL library PHP is linked against");
+ return NULL;
+#endif
break;
case PHP_EVENT_TLSv11_SERVER_METHOD:
+#ifdef SSL_OP_NO_TLSv1_1
method = (SSL_METHOD *) TLSv1_1_server_method();
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
+ "TLSv1_1 support is not compiled into the "
+ "OpenSSL library PHP is linked against");
+ return NULL;
+#endif
break;
case PHP_EVENT_TLSv12_CLIENT_METHOD:
+#ifdef SSL_OP_NO_TLSv1_2
method = (SSL_METHOD *) TLSv1_2_client_method();
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
+ "TLSv1_2 support is not compiled into the "
+ "OpenSSL library PHP is linked against");
+ return NULL;
+#endif
break;
case PHP_EVENT_TLSv12_SERVER_METHOD:
+#ifdef SSL_OP_NO_TLSv1_2
method = (SSL_METHOD *) TLSv1_2_server_method();
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
+ "TLSv1_2 support is not compiled into the "
+ "OpenSSL library PHP is linked against");
+ return NULL;
+#endif
break;
default:
return NULL;
--
2.1.1
|
