commit 1cb16249931abc36edda3b00d14d365172053071
Author: Arkadiusz MiĆkiewicz <[email protected]>
Date: Thu Jan 20 18:03:49 2022 +0100
rel 28; Use TLS instead of SSL where possible.
openssl.patch | 38 ++++++++++++++++++++++++++++++++++++++
php.spec | 2 +-
2 files changed, 39 insertions(+), 1 deletion(-)
---
diff --git a/php.spec b/php.spec
index 7a9e218..b254e75 100644
--- a/php.spec
+++ b/php.spec
@@ -140,7 +140,7 @@ ERROR: You need to select at least one Apache SAPI to build
shared modules.
%undefine with_filter
%endif
-%define rel 27
+%define rel 28
%define orgname php
%define ver_suffix 55
%define php_suffix %{!?with_default_php:%{ver_suffix}}
diff --git a/openssl.patch b/openssl.patch
index 0428aa2..4d610ba 100644
--- a/openssl.patch
+++ b/openssl.patch
@@ -971,3 +971,41 @@ diff -ur php-5.5.38.org/ext/openssl/openssl.c
php-5.5.38/ext/openssl/openssl.c
REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING,
CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING",
RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
+--- php-5.5.38.org/ext/openssl/xp_ssl.c 2016-07-20 10:41:48.000000000
+0200
++++ php-5.5.38/ext/openssl/xp_ssl.c 2022-01-20 17:50:46.176594447 +0100
+@@ -473,7 +473,7 @@ static inline int php_openssl_setup_cryp
+ #endif
+ case STREAM_CRYPTO_METHOD_TLS_CLIENT:
+ sslsock->is_client = 1;
+- method = TLSv1_client_method();
++ method = TLS_client_method();
+ break;
+ case STREAM_CRYPTO_METHOD_SSLv23_SERVER:
+ sslsock->is_client = 0;
+@@ -499,7 +499,7 @@ static inline int php_openssl_setup_cryp
+ #endif
+ case STREAM_CRYPTO_METHOD_TLS_SERVER:
+ sslsock->is_client = 0;
+- method = TLSv1_server_method();
++ method = TLS_server_method();
+ break;
+ default:
+ return -1;
+@@ -1076,7 +1076,7 @@ php_stream *php_openssl_ssl_socket_facto
+
+ if (strncmp(proto, "ssl", protolen) == 0) {
+ sslsock->enable_on_connect = 1;
+- sslsock->method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT;
++ sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+ } else if (strncmp(proto, "sslv2", protolen) == 0) {
+ #ifdef OPENSSL_NO_SSL2
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv2 support is
not compiled into the OpenSSL library PHP is linked against");
+@@ -1087,7 +1087,7 @@ php_stream *php_openssl_ssl_socket_facto
+ #endif
+ } else if (strncmp(proto, "sslv3", protolen) == 0) {
+ sslsock->enable_on_connect = 1;
+- sslsock->method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT;
++ sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+ } else if (strncmp(proto, "tls", protolen) == 0) {
+ sslsock->enable_on_connect = 1;
+ sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/1cb16249931abc36edda3b00d14d365172053071
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
