dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
713a960
)
When using fopen on https streams, disable weak ciphers and compression
author
Brian Wolff
<bawolff+wn@gmail.com>
Wed, 1 Jul 2015 08:42:05 +0000
(
02:42
-0600)
committer
Gergő Tisza
<gtisza@wikimedia.org>
Sun, 11 Oct 2015 03:00:10 +0000
(
03:00
+0000)
Per recomendation of
http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0
Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50
includes/HttpFunctions.php
patch
|
blob
|
history
diff --git
a/includes/HttpFunctions.php
b/includes/HttpFunctions.php
index
bbf3de6
..
60196ab
100644
(file)
--- a/
includes/HttpFunctions.php
+++ b/
includes/HttpFunctions.php
@@
-971,6
+971,8
@@
class PhpHttpRequest extends MWHttpRequest {
'ssl' => array(
'verify_peer' => $this->sslVerifyCert,
'SNI_enabled' => true,
+ 'ciphers' => 'HIGH:!SSLv2:!SSLv3:-ADH:-kDH:-kECDH:-DSS',
+ 'disable_compression' => true,
),
);