>
> I would propose making a constant for default value. This way if your
> code wants to use that option is a generic way, there is a value to fall
> back on, and you don't need to keep around a long string that can be
> mis-copied, etc.
>
A constant for the default value doesn't make much sense
On Sat, Nov 26, 2016 at 3:49 PM, Niklas Keller wrote:
> Morning Internals,
>
> I plan to distrust SHA-1 certificates by default in PHP 7.2. All major
> browsers will no longer trust SHA-1 certificates starting already
> 2017-01-01.
>
> Unfortunately, PHP doesn't even provide a way yet to limit th
On Sun, Nov 27, 2016 at 1:06 PM, Jakub Zelenka wrote:
>
>
> On Sat, Nov 26, 2016 at 3:49 PM, Niklas Keller wrote:
>
>> Morning Internals,
>>
>> I plan to distrust SHA-1 certificates by default in PHP 7.2. All major
>> browsers will no longer trust SHA-1 certificates starting already
>> 2017-01-0
2016-11-27 14:09 GMT+01:00 Jakub Zelenka :
>
>
> On Sun, Nov 27, 2016 at 1:06 PM, Jakub Zelenka wrote:
>
>>
>>
>> On Sat, Nov 26, 2016 at 3:49 PM, Niklas Keller wrote:
>>
>>> Morning Internals,
>>>
>>> I plan to distrust SHA-1 certificates by default in PHP 7.2. All major
>>> browsers will no lo
On Sun, Nov 27, 2016 at 2:22 PM, Niklas Keller wrote:
>
>
> 2016-11-27 14:09 GMT+01:00 Jakub Zelenka :
>
>>
>>
>> On Sun, Nov 27, 2016 at 1:06 PM, Jakub Zelenka wrote:
>>
>>>
>>>
>>> On Sat, Nov 26, 2016 at 3:49 PM, Niklas Keller wrote:
>>>
Morning Internals,
I plan to distrust S
>
> > SSL_CTX_set1_sigalgs is anyway only supported starting in OpenSSL 1.0.2,
> > so we need a custom verify callback for older OpenSSL versions. In our
> own
> > verify callback we can use a blacklist instead of the suggested whitelist
> > by default.
> >
> >
> No need to add support for 1.0.1 as
On Sun, Nov 27, 2016 at 3:17 PM, Niklas Keller wrote:
> > SSL_CTX_set1_sigalgs is anyway only supported starting in OpenSSL 1.0.2,
>> > so we need a custom verify callback for older OpenSSL versions. In our
>> own
>> > verify callback we can use a blacklist instead of the suggested
>> whitelist
>
>
> Well it depends if it requires feature available only in the later version
>> of OpenSSL which would be the case for the currently proposed version of
>> the RFC that would make use of SSL_CTX_set1_sigalgs_list macro. I don't
>> think that we should parse the string of allowed sig algs and re-
Jakub Zelenka in php.internals (Sun, 27 Nov 2016 19:37:50 +):
>On Sun, Nov 27, 2016 at 3:17 PM, Niklas Keller wrote:
>> That may be true, but we only raised the minimum requirement for newer
>> versions of PHP. If this is going to be backported for PHP 5.6 / 7.0 / 7.1,
>> we have to support th
Jakub Zelenka in php.internals (Sun, 27 Nov 2016 19:37:50 +):
>At the time the PHP 7.2 is out, there will be much bigger usage of OpenSSL
>1.1 and the users on lower version could still disable it manually.
I sure hope so. What concerns me is that there is no movement at all to
add OpenSSL 1.1
Hi!
Is there somebody around who knows what happens with configuration of
mailer in php.net domain? I get my mails sent to @php.net addresses
bouncing for months now, I get this every time I try it:
550 5.7.1 Please change the topic, and retry
Needless to say, it's useless to have @php.net maili
Hi!
I've noticed that recently there is a real lot of random failures on
Travis CI. E.g. this build:
https://travis-ci.org/php/php-src/builds/179298649
two tests fail: ext/sysvsem/tests/nowait.phpt and
sapi/cli/tests/php_cli_server_017.phpt
Im different builds different random tests fail. Did we
On 11/24/2016 07:07 PM, Ferenc Kovacs wrote:
Hello everyone,
PHP 5.6.29 RC1 was just released and can be downloaded from:
The diffs from 5.6.28 are found in :
./NEWS
./Zend/tests/debug_info-error-resource.phpt
./configure
./configure.in
./ext/date/lib/timezonedb.h
./ext/opcache/Optimizer/zend
13 matches
Mail list logo
