Commit 993d30fc authored by mikeytown2's avatar mikeytown2

Issue #2337071 by mikeytown2: Target the openssl versions that SNI are broken;...

Issue #2337071 by mikeytown2: Target the openssl versions that SNI are broken; use SNI if the openssl version is up to date.
parent 1ba261aa
......@@ -663,7 +663,10 @@ function httprl_set_socket($uri, &$options, $proxy_server, &$result) {
// Disable SNI support as this causes issues with old versions of OpenSSL.
// By default httprl doesn't validate the SSL certificate, so this is OK.
if (empty($options['context'])) {
$options['context'] = stream_context_create(array('ssl' => array('SNI_enabled' => FALSE)));
// Affected versions of openssl are 1.0.0i to 1.0.1b.
if (!defined('OPENSSL_VERSION_NUMBER') || (OPENSSL_VERSION_NUMBER >= 0x1000009f && OPENSSL_VERSION_NUMBER <= 0x1000102f)) {
$options['context'] = stream_context_create(array('ssl' => array('SNI_enabled' => FALSE)));
}
}
break;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment