PHP :: Request #76420 :: tls version change
php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #76420 tls version change
Submitted: 2018-06-06 13:54 UTC Modified: -
From: 24dnlj6zphz at brukerfeil dot eu Assigned:
Status: Open Package: OpenSSL related
PHP Version: Next Major Version OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: 24dnlj6zphz at brukerfeil dot eu
New email:
PHP Version: OS:

 

 [2018-06-06 13:54 UTC] 24dnlj6zphz at brukerfeil dot eu
Description:
------------
TLS-versions prior to TLS 1.2 contain security issues and are deprecated.
All major cloud providers are now also disabling older versions

The default ssl method when not specified by client code in PHP is sslv2/3.
This opens up for security issues and also breaks tls-servers that no longer support old versions.

I suggest changing the default tls version to 1.2.
I have attached a patch, but I'm not 100% sure it is correct.



Patches

patch.diff (last revision 2018-06-06 13:54 UTC) by 24dnlj6zphz at brukerfeil dot eu)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-06-06 14:13 UTC] 24d3dlct6vz5txut at brukerfeil dot eu
Additional note:

Connecting to a TLS 1.2-only webserver with fsockopen works using URL ssl:// but not tls://


PHP Warning:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version in - on line 3
PHP Warning:  fsockopen(): Failed to enable crypto in - on line 3
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Fri Aug 17 18:01:26 2018 UTC