http://git.php.net/?p=php-src.git;a=commitdiff;h=6edc84fcdfc8e76507bc73122310fff4b6170b88
I've just pushed a fix here
http://git.php.net/?p=php-src.git;a=commitdiff;h=c91ad8233b46e1605b225c782efc3131f158d9be
After that openssl in master seems to be doing fine, but could you please
verify it?Thanks
Anatol
Yes, Chris mentioned this yesterday but I was unaware of it until he pinged
me on twitter this afternoon:
http://news.php.net/php.cvs/75832
The problem arises from an incorrect version number comparison against
Openssl:
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
0x0090806fL corresponds to 0.9.8e but the SNI functionality relying on this
version check was not introduced until OpenSSL 0.9.8f. The fix is to change
the version number to 0x00908070L which will accurately reflect the
presence of the required C functionality.
Enabling SNI by default (if available) is the only sensible option when
verifying peers by default. Your fix commit here solves the build problem
but also prevents users from utilizing SNI in their transfers. I'll merge
the appropriate fix shortly. Would've gotten to it sooner had I been aware
:)
Regards,
Daniel