Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:99348 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 9125 invoked from network); 4 Jun 2017 09:22:35 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 4 Jun 2017 09:22:35 -0000 Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.217 cause and error) X-PHP-List-Original-Sender: me@kelunik.com X-Host-Fingerprint: 81.169.146.217 mo4-p00-ob.smtp.rzone.de Received: from [81.169.146.217] ([81.169.146.217:31289] helo=mo4-p00-ob.smtp.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id DC/33-12681-851D3395 for ; Sun, 04 Jun 2017 05:22:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1496568149; l=4048; s=domk; d=kelunik.com; h=Content-Type:Cc:To:Subject:Date:From:References:In-Reply-To: MIME-Version; bh=fH8rDMtUZq+7ZE4VIOc5rqZ73uC4+zge4DvpMtG6nBE=; b=dXwqJsp0JpJBTWU4+mWGDfMSMmSdif3zYkxJgfVCq+uezGkjaEQgAXPUF6K8x98xU4 aNvQFB8MCdu0JgiX2vsxBvoXlXAVOlK1AQJV1hIqUn39SxTxZ+x8LEaSaJ4WfFzARg9K xAPaakhgxvT7xbw5wvvU5TpkxRA2k8eg6Zri8= X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLDup6E67mzuoNHBqXx3Q== X-RZG-CLASS-ID: mo00 Received: by mail-oi0-f49.google.com with SMTP id o65so107144228oif.1 for ; Sun, 04 Jun 2017 02:22:29 -0700 (PDT) X-Gm-Message-State: AODbwcBHyecAPZqBJlT60fGEfDKfeHnYTrY6RpCAObDHUYenE6L/cIre Wol/MGvpftT/VDyc9HhHOGVFm0a8zg== X-Received: by 10.202.76.138 with SMTP id z132mr8609611oia.149.1496568148421; Sun, 04 Jun 2017 02:22:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.176.133 with HTTP; Sun, 4 Jun 2017 02:22:27 -0700 (PDT) In-Reply-To: References: Date: Sun, 4 Jun 2017 11:22:27 +0200 X-Gmail-Original-Message-ID: Message-ID: To: Anatol Belski Cc: Nikita Popov , PHP Internals Content-Type: multipart/alternative; boundary="001a1134e75ede794005511eecd6" Subject: Re: [PHP-DEV] [RFC][VOTE] Improved SSL / TLS constants From: me@kelunik.com (Niklas Keller) --001a1134e75ede794005511eecd6 Content-Type: text/plain; charset="UTF-8" 2017-05-29 22:29 GMT+02:00 Anatol Belski : > Hi Niklas, > > > -----Original Message----- > > From: Niklas Keller [mailto:me@kelunik.com] > > Sent: Monday, May 29, 2017 10:14 PM > > To: Anatol Belski > > Cc: Nikita Popov ; PHP Internals > > > > Subject: Re: [PHP-DEV] [RFC][VOTE] Improved SSL / TLS constants > > > > Hey Anatol, > > > > > > Niklas, I'd have yet a question about the RFC - it only deals with > stream > > wrappers, but there are indeed some other places at least in soap and > mysqlnd. > > Don't you think, the RFC and implementation should recapitulate those? > > > Yep, here you are > > https://github.com/php/php-src/blob/master/ext/soap/php_http.c#L305 > https://github.com/php/php-src/blob/master/ext/mysqlnd/mysqlnd_net.c#L974 > > Basically it is the same story, as the old definitions are used, which the > RFC aims to replace. It might be consistent to have the behavior synced, or > at least to evaluate it. And, there might yet some places, not expecting > much but just to be aware. > > Regards Hi Anatol, I upgraded STREAM_CRYPTO_METHOD_TLS_CLIENT to be an alias to STREAM_CRYPTO_METHOD_TLS_ANY_CLIENT now, so that automatically upgrades any use of STREAM_CRYPTO_METHOD_TLS_CLIENT to use TLS 1.1 or TLS 1.2 if available. Regards, Niklas --001a1134e75ede794005511eecd6--