Add 'honor_cipher_order' server context option

author Daniel Lowrey <rdlowrey@php.net>

Thu, 20 Feb 2014 03:39:57 +0000 (20:39 -0700)

committer Daniel Lowrey <rdlowrey@php.net>

Fri, 21 Feb 2014 00:10:06 +0000 (17:10 -0700)
author Daniel Lowrey <rdlowrey@php.net>
Thu, 20 Feb 2014 03:39:57 +0000 (20:39 -0700)
committer Daniel Lowrey <rdlowrey@php.net>
Fri, 21 Feb 2014 00:10:06 +0000 (17:10 -0700)
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c

index aa1d50e64d547e86daa4b92ce4985ef5d12d948f..ea2e5f70fcf9e064e226593ff6227ce33b1ec669 100644 (file)
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -435,6 +435,13 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
                 return -1;
         }
  
+       if (!sslsock->is_client && stream->context && SUCCESS == php_stream_context_get_option(
+                               stream->context, "ssl", "honor_cipher_order", &val) &&
+                       zend_is_true(*val)
+       ) {
+               SSL_CTX_set_options(sslsock->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
+       }
+
  #ifdef SSL_MODE_RELEASE_BUFFERS
         long mode = SSL_get_mode(sslsock->ssl_handle);
         SSL_set_mode(sslsock->ssl_handle, mode | SSL_MODE_RELEASE_BUFFERS);
author	Daniel Lowrey <rdlowrey@php.net>
	Thu, 20 Feb 2014 03:39:57 +0000 (20:39 -0700)
committer	Daniel Lowrey <rdlowrey@php.net>
	Fri, 21 Feb 2014 00:10:06 +0000 (17:10 -0700)