This reverts commit 13acb7ec65.
With the added capability to negotiate application layer protocols
via the TLS ALPN extension userland needs a method to access the
negotiated protocol on a given stream. The reverted commit added
a new stream_socket_crypto_info() function for this purpose.
This original approach was discarded in favor of using the
already-existing stream_get_meta_data() API which specifically
exists for just such purposes and requires the addition of no new
functions.
PHP 5.6.0 altered the semantics of the following constants:
- STREAM_CRYPTO_METHOD_SSLv23_CLIENT
- STREAM_CRYPTO_METHOD_SSLv23_SERVER
- STREAM_CRYPTO_METHOD_TLS_CLIENT
- STREAM_CRYPTO_METHOD_TLS_SERVER
Instead of representing the SSLv23_*() handshake methods the v23
constants were changed to allow only SSLv2 or SSLv3 connections.
Likewise, the TLS methods were modified from using only the TLSv1
handshake to allowing TLS1,1.1, and 1.2. This created a situation
in which users upgrading from previous versions faced a potential
security degradation if they did not update code to use different
constants. In the interest of compatibility across PHP versions
the original semantics have been restored with the following
caveat:
**IMPORTANT**
The SSLv23 client/server methods will no longer negotiate the use
of the insecure SSLv2 or SSLv3 protocols by default. Users wishing
to allow these protocols must explicitly add them to the method
bitmask via the appropriate flags.
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed
Addresses bug #65137https://bugs.php.net/bug.php?id=65137
Conflicts:
ext/openssl/xp_ssl.c
* tls-alpn:
Improve test to target specific issue
Misc updates/cleanup
Add TLS ALPN extension support in crypto client/server streams
Add stream_socket_crypto_info() function
Update for compatibility with newer openssl libs
* PHP-5.6:
add include for missing usleep proto
C89 compat
Added more useful warning messages
Changed based on comments and make its behaviour equal to the Windows version
Fix#53092 - dns_get_record does not return false on dns server failure
Fix php cli (-S option) inconsistent port parsing
Conflicts:
main/streams/plain_wrapper.c
* PHP-5.5:
add include for missing usleep proto
C89 compat
Added more useful warning messages
Changed based on comments and make its behaviour equal to the Windows version
Fix#53092 - dns_get_record does not return false on dns server failure
Fix php cli (-S option) inconsistent port parsing