[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ NEWS ext/openssl/xp_ssl.c

Mon, 13 Dec 2010 00:30:15 -0800 

aharvey                                  Mon, 13 Dec 2010 08:29:44 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=306335

Log:
MFH: implement FR #53447 (Cannot disable SessionTicket extension for servers
that do not support it). Includes Tony's subsequent commit to fix a segfault.

Bug: http://bugs.php.net/53447 (Suspended) Cannot disable SessionTicket 
extension for servers that do not support it
      
Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2010-12-13 07:54:58 UTC (rev 306334)
+++ php/php-src/branches/PHP_5_3/NEWS   2010-12-13 08:29:44 UTC (rev 306335)
@@ -27,6 +27,11 @@
   . Fixed bug #53425 (mysqli_real_connect() ignores client flags when built to
     call libmysql). (Kalle, tre-php-net at crushedhat dot com)

+- OpenSSL extension:
+  . Implemented FR #53447 (Cannot disable SessionTicket extension for servers
+    that do not support it) by adding a no_ticket SSL context option. (Adam,
+    Tony)
+
 - PDO Oracle driver:
   . Fixed bug #39199 (Cannot load Lob data with more than 4000 bytes on
     ORACLE 10). (spatar at mail dot nnov dot ru)

Modified: php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c   2010-12-13 07:54:58 UTC 
(rev 306334)
+++ php/php-src/branches/PHP_5_3/ext/openssl/xp_ssl.c   2010-12-13 08:29:44 UTC 
(rev 306335)
@@ -369,6 +369,18 @@

        SSL_CTX_set_options(sslsock->ctx, SSL_OP_ALL);

+#if OPENSSL_VERSION_NUMBER >= 0x0090806fL
+       {
+               zval **val;
+
+               if (stream->context && SUCCESS == php_stream_context_get_option(
+                                       stream->context, "ssl", "no_ticket", 
&val) &&
+                               zval_is_true(*val)) {
+                       SSL_CTX_set_options(sslsock->ctx, SSL_OP_NO_TICKET);
+               }
+       }
+#endif
+
        sslsock->ssl_handle = php_SSL_new_from_context(sslsock->ctx, stream 
TSRMLS_CC);
        if (sslsock->ssl_handle == NULL) {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to create 
an SSL handle");


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to