> > After reading related discussion on openssl-users , I'm not so
> sure if
> > we should be doing that at all...
> > Especially I agree with this bit:
> > "Making your code more complex is a far higher risk than a
> > certificate forgery based on a collision attack on SHA-1. "
> > The only thing, that makes sense IMHO would be adding support for
> > setting
> > security level only for OpenSSL 1.1.
> > 
> > http://openssl.6102.n7.nabble.com/Rejecting-SHA-1-certificates-
> > td71439.html <http://openssl.6102.n7.nabble.com/Rejecting-SHA-1-
> > certificates-td71439.html>
> > Same here actually. While it's trivial to implement with OpenSSL 1.1,
> it's non-
> > trivial before, because there's no API to get the trusted chain AFAIK,
> so we
> > would indeed have to do this inside verify_callback.
> Thanks for the responses and for the discussion link. With that, the
> situation is simplified a lot. This allows for a better conceived patch and
> there's obviously no strong reason to touch the stable branches.
@Jakub: Do we want to expose "auth_level" then in case PHP is linked
against OpenSSL 1.1.0+?