add support for setting ssl version to use

diff --git a/.gitignore b/.gitignore
index 8d880ea..3ec7bc3 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
+/vendor
 /.idea
 composer.phar
-

diff --git a/.travis.yml b/.travis.yml
index 8f5c0c2..28a16f9 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -30,7 +30,7 @@ before_script:
   - ./test/ci/travis/setup_privoxy.sh
 
 script:
-  php -d "include_path=.:./lib:./test" test/testsuite.php LOCALSERVER=localhost URI=/demo/server/server.php HTTPSSERVER=localhost HTTPSURI=/demo/server/server.php PROXY=localhost:8080 HTTPSVERIFYHOST=0 HTTPSIGNOREPEER=1
+  php -d "include_path=.:./lib:./test" test/testsuite.php LOCALSERVER=localhost URI=/demo/server/server.php HTTPSSERVER=localhost HTTPSURI=/demo/server/server.php PROXY=localhost:8080 HTTPSVERIFYHOST=0 HTTPSIGNOREPEER=1 SSLVERSION=3
 
 after_failure:
   # Save as much info as we can to help developers

diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc
index 5afcc40..dbd36a9 100644 (file)
--- a/lib/xmlrpc.inc
+++ b/lib/xmlrpc.inc
@@ -821,6 +821,7 @@
                var $keypass='';\r
                var $verifypeer=true;\r
                var $verifyhost=1;\r
+               var $sslversion=0; // corresponds to CURL_SSLVERSION_DEFAULT\r
                var $no_multicall=false;\r
                var $proxy='';\r
                var $proxyport=0;\r
@@ -1039,6 +1040,16 @@
                        $this->verifyhost = $i;\r
                }\r
 \r
+               /**\r
+               * Set attributes for SSL communication: SSL version to use. Best left at 0 (default value ): let cURL decide\r
+               *\r
+               * @param int $i\r
+               */\r
+               public function setSSLVersion($i)\r
+               {\r
+                       $this->sslversion = $i;\r
+               }\r
+\r
                /**\r
                * Set proxy info\r
                * @param string $proxyhost\r
@@ -1190,7 +1201,8 @@
                                        $this->proxy_authtype,\r
                                        $this->keepalive,\r
                                        $this->key,\r
-                                       $this->keypass\r
+                                       $this->keypass,\r
+                                       $this->sslversion\r
                                );\r
                        }\r
                        elseif($method == 'http11')\r
@@ -1431,11 +1443,11 @@
                function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='',\r
                        $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='',\r
                        $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1,\r
-                       $keepalive=false, $key='', $keypass='')\r
+                       $keepalive=false, $key='', $keypass='', $sslVersion = 0)\r
                {\r
                        $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username,\r
                                $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport,\r
-                               $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass);\r
+                               $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass, $sslVersion);\r
                        return $r;\r
                }\r
 \r
@@ -1448,7 +1460,7 @@
                function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='',\r
                        $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='',\r
                        $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https',\r
-                       $keepalive=false, $key='', $keypass='')\r
+                       $keepalive=false, $key='', $keypass='', $sslVersion = 0)\r
                {\r
                        if(!function_exists('curl_init'))\r
                        {\r
@@ -1638,6 +1650,8 @@
                                }\r
                                // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used\r
                                curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);\r
+                               // allow usage of different SSL versions\r
+                               curl_setopt($curl, CURLOPT_SSLVERSION, $sslVersion);\r
                        }\r
 \r
                        // proxy info\r

diff --git a/test/parse_args.php b/test/parse_args.php
index b0c625a..151d943 100644 (file)
--- a/test/parse_args.php
+++ b/test/parse_args.php
@@ -88,6 +88,10 @@
        {
                $HTTPSVERIFYHOST = 2;
        }
+       if(!isset($SSLVERSION))
+       {
+               $SSLVERSION = 0;
+       }
        if(!isset($PROXY))
        {
                $PROXYSERVER = null;

diff --git a/test/testsuite.php b/test/testsuite.php
index 19a4f0e..779d514 100644 (file)
--- a/test/testsuite.php
+++ b/test/testsuite.php
@@ -793,6 +793,7 @@ class LocalHostMultiTests extends LocalhostTests
         $this->client->path = $HTTPSURI;
         $this->client->setSSLVerifyPeer(!$HTTPSIGNOREPEER);
         $this->client->setSSLVerifyHost($HTTPSVERIFYHOST);
+        $this->client->setSSLVersion($SSLVERSION);
         $this->_runtests();
     }
 
@@ -817,6 +818,7 @@ class LocalHostMultiTests extends LocalhostTests
         $this->client->path = $HTTPSURI;
         $this->client->setSSLVerifyPeer(!$HTTPSIGNOREPEER);
         $this->client->setSSLVerifyHost($HTTPSVERIFYHOST);
+        $this->client->setSSLVersion($SSLVERSION);
         $this->_runtests();
     }