summaryrefslogtreecommitdiff
path: root/ext/openssl/xp_ssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/xp_ssl.c')
-rw-r--r--ext/openssl/xp_ssl.c63
1 files changed, 61 insertions, 2 deletions
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index 1ac8a0220e..2e7f0cdc3f 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -346,6 +346,24 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
sslsock->is_client = 1;
method = TLSv1_client_method();
break;
+ case STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT:
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->is_client = 1;
+ method = TLSv1_1_client_method();
+ break;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.1 support is not compiled into the OpenSSL library PHP is linked against");
+ return -1;
+#endif
+ case STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT:
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->is_client = 1;
+ method = TLSv1_2_client_method();
+ break;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.2 support is not compiled into the OpenSSL library PHP is linked against");
+ return -1;
+#endif
case STREAM_CRYPTO_METHOD_SSLv23_SERVER:
sslsock->is_client = 0;
method = SSLv23_server_method();
@@ -367,6 +385,24 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
sslsock->is_client = 0;
method = TLSv1_server_method();
break;
+ case STREAM_CRYPTO_METHOD_TLSv1_1_SERVER:
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->is_client = 0;
+ method = TLSv1_1_server_method();
+ break;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.1 support is not compiled into the OpenSSL library PHP is linked against");
+ return -1;
+#endif
+ case STREAM_CRYPTO_METHOD_TLSv1_2_SERVER:
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->is_client = 0;
+ method = TLSv1_2_server_method();
+ break;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.2 support is not compiled into the OpenSSL library PHP is linked against");
+ return -1;
+#endif
default:
return -1;
@@ -667,6 +703,12 @@ static inline int php_openssl_tcp_sockop_accept(php_stream *stream, php_openssl_
case STREAM_CRYPTO_METHOD_TLS_CLIENT:
sock->method = STREAM_CRYPTO_METHOD_TLS_SERVER;
break;
+ case STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT:
+ sock->method = STREAM_CRYPTO_METHOD_TLSv1_1_SERVER;
+ break;
+ case STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT:
+ sock->method = STREAM_CRYPTO_METHOD_TLSv1_2_SERVER;
+ break;
default:
break;
}
@@ -867,6 +909,8 @@ static int get_crypto_method(php_stream_context *ctx) {
case STREAM_CRYPTO_METHOD_SSLv3_CLIENT:
case STREAM_CRYPTO_METHOD_SSLv23_CLIENT:
case STREAM_CRYPTO_METHOD_TLS_CLIENT:
+ case STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT:
+ case STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT:
return crypto_method;
}
@@ -877,7 +921,6 @@ static int get_crypto_method(php_stream_context *ctx) {
}
static char * get_sni(php_stream_context *ctx, const char *resourcename, size_t resourcenamelen, int is_persistent TSRMLS_DC) {
-
php_url *url;
if (ctx) {
@@ -982,8 +1025,24 @@ php_stream *php_openssl_ssl_socket_factory(const char *proto, size_t protolen,
} else if (strncmp(proto, "tls", protolen) == 0) {
sslsock->enable_on_connect = 1;
sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+ } else if (strncmp(proto, "tlsv1.1", protolen) == 0) {
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->enable_on_connect = 1;
+ sslsock->method = STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.1 support is not compiled into the OpenSSL library PHP is linked against");
+ return NULL;
+#endif
+ } else if (strncmp(proto, "tlsv1.2", protolen) == 0) {
+#if OPENSSL_VERSION_NUMBER >= 0x10001001L
+ sslsock->enable_on_connect = 1;
+ sslsock->method = STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+#else
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "TLSv1.2 support is not compiled into the OpenSSL library PHP is linked against");
+ return NULL;
+#endif
}
-
+
return stream;
}
View Lorry Controller Status