From f099e1bf041255f8fcc901e96b7d1ffe5be92ba7 Mon Sep 17 00:00:00 2001 From: gggeek Date: Sat, 1 Jul 2017 15:22:07 +0100 Subject: [PATCH] add support for setting ssl version to use --- .gitignore | 2 +- .travis.yml | 2 +- lib/xmlrpc.inc | 22 ++++++++++++++++++---- test/parse_args.php | 4 ++++ test/testsuite.php | 2 ++ 5 files changed, 26 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 8d880ea..3ec7bc3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ +/vendor /.idea composer.phar - diff --git a/.travis.yml b/.travis.yml index 8f5c0c2..28a16f9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,7 +30,7 @@ before_script: - ./test/ci/travis/setup_privoxy.sh script: - php -d "include_path=.:./lib:./test" test/testsuite.php LOCALSERVER=localhost URI=/demo/server/server.php HTTPSSERVER=localhost HTTPSURI=/demo/server/server.php PROXY=localhost:8080 HTTPSVERIFYHOST=0 HTTPSIGNOREPEER=1 + php -d "include_path=.:./lib:./test" test/testsuite.php LOCALSERVER=localhost URI=/demo/server/server.php HTTPSSERVER=localhost HTTPSURI=/demo/server/server.php PROXY=localhost:8080 HTTPSVERIFYHOST=0 HTTPSIGNOREPEER=1 SSLVERSION=3 after_failure: # Save as much info as we can to help developers diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc index 5afcc40..dbd36a9 100644 --- a/lib/xmlrpc.inc +++ b/lib/xmlrpc.inc @@ -821,6 +821,7 @@ var $keypass=''; var $verifypeer=true; var $verifyhost=1; + var $sslversion=0; // corresponds to CURL_SSLVERSION_DEFAULT var $no_multicall=false; var $proxy=''; var $proxyport=0; @@ -1039,6 +1040,16 @@ $this->verifyhost = $i; } + /** + * Set attributes for SSL communication: SSL version to use. Best left at 0 (default value ): let cURL decide + * + * @param int $i + */ + public function setSSLVersion($i) + { + $this->sslversion = $i; + } + /** * Set proxy info * @param string $proxyhost @@ -1190,7 +1201,8 @@ $this->proxy_authtype, $this->keepalive, $this->key, - $this->keypass + $this->keypass, + $this->sslversion ); } elseif($method == 'http11') @@ -1431,11 +1443,11 @@ function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='', $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, - $keepalive=false, $key='', $keypass='') + $keepalive=false, $key='', $keypass='', $sslVersion = 0) { $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport, - $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass); + $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass, $sslVersion); return $r; } @@ -1448,7 +1460,7 @@ function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='', $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https', - $keepalive=false, $key='', $keypass='') + $keepalive=false, $key='', $keypass='', $sslVersion = 0) { if(!function_exists('curl_init')) { @@ -1638,6 +1650,8 @@ } // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost); + // allow usage of different SSL versions + curl_setopt($curl, CURLOPT_SSLVERSION, $sslVersion); } // proxy info diff --git a/test/parse_args.php b/test/parse_args.php index b0c625a..151d943 100644 --- a/test/parse_args.php +++ b/test/parse_args.php @@ -88,6 +88,10 @@ { $HTTPSVERIFYHOST = 2; } + if(!isset($SSLVERSION)) + { + $SSLVERSION = 0; + } if(!isset($PROXY)) { $PROXYSERVER = null; diff --git a/test/testsuite.php b/test/testsuite.php index 19a4f0e..779d514 100644 --- a/test/testsuite.php +++ b/test/testsuite.php @@ -793,6 +793,7 @@ class LocalHostMultiTests extends LocalhostTests $this->client->path = $HTTPSURI; $this->client->setSSLVerifyPeer(!$HTTPSIGNOREPEER); $this->client->setSSLVerifyHost($HTTPSVERIFYHOST); + $this->client->setSSLVersion($SSLVERSION); $this->_runtests(); } @@ -817,6 +818,7 @@ class LocalHostMultiTests extends LocalhostTests $this->client->path = $HTTPSURI; $this->client->setSSLVerifyPeer(!$HTTPSIGNOREPEER); $this->client->setSSLVerifyHost($HTTPSVERIFYHOST); + $this->client->setSSLVersion($SSLVERSION); $this->_runtests(); } -- 2.43.0