[packages/php/PHP_5_5] rel 28; Use TLS instead of SSL where possible.

arekm arekm at pld-linux.org
Thu Jan 20 18:04:25 CET 2022 

commit 1cb16249931abc36edda3b00d14d365172053071
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Jan 20 18:03:49 2022 +0100

    rel 28; Use TLS instead of SSL where possible.

 openssl.patch | 38 ++++++++++++++++++++++++++++++++++++++
 php.spec      |  2 +-
 2 files changed, 39 insertions(+), 1 deletion(-)
---
diff --git a/php.spec b/php.spec
index 7a9e218..b254e75 100644
--- a/php.spec
+++ b/php.spec
@@ -140,7 +140,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules.
 %undefine	with_filter
 %endif
 
-%define		rel	27
+%define		rel	28
 %define		orgname	php
 %define		ver_suffix 55
 %define		php_suffix %{!?with_default_php:%{ver_suffix}}
diff --git a/openssl.patch b/openssl.patch
index 0428aa2..4d610ba 100644
--- a/openssl.patch
+++ b/openssl.patch
@@ -971,3 +971,41 @@ diff -ur php-5.5.38.org/ext/openssl/openssl.c php-5.5.38/ext/openssl/openssl.c
  	REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT);
  	REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
  
+--- php-5.5.38.org/ext/openssl/xp_ssl.c	2016-07-20 10:41:48.000000000 +0200
++++ php-5.5.38/ext/openssl/xp_ssl.c	2022-01-20 17:50:46.176594447 +0100
+@@ -473,7 +473,7 @@ static inline int php_openssl_setup_cryp
+ #endif
+ 		case STREAM_CRYPTO_METHOD_TLS_CLIENT:
+ 			sslsock->is_client = 1;
+-			method = TLSv1_client_method();
++			method = TLS_client_method();
+ 			break;
+ 		case STREAM_CRYPTO_METHOD_SSLv23_SERVER:
+ 			sslsock->is_client = 0;
+@@ -499,7 +499,7 @@ static inline int php_openssl_setup_cryp
+ #endif
+ 		case STREAM_CRYPTO_METHOD_TLS_SERVER:
+ 			sslsock->is_client = 0;
+-			method = TLSv1_server_method();
++			method = TLS_server_method();
+ 			break;
+ 		default:
+ 			return -1;
+@@ -1076,7 +1076,7 @@ php_stream *php_openssl_ssl_socket_facto
+ 	
+ 	if (strncmp(proto, "ssl", protolen) == 0) {
+ 		sslsock->enable_on_connect = 1;
+-		sslsock->method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT;
++		sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+ 	} else if (strncmp(proto, "sslv2", protolen) == 0) {
+ #ifdef OPENSSL_NO_SSL2
+ 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv2 support is not compiled into the OpenSSL library PHP is linked against");
+@@ -1087,7 +1087,7 @@ php_stream *php_openssl_ssl_socket_facto
+ #endif
+ 	} else if (strncmp(proto, "sslv3", protolen) == 0) {
+ 		sslsock->enable_on_connect = 1;
+-		sslsock->method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT;
++		sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+ 	} else if (strncmp(proto, "tls", protolen) == 0) {
+ 		sslsock->enable_on_connect = 1;
+ 		sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/1cb16249931abc36edda3b00d14d365172053071

More information about the pld-cvs-commit mailing list