Default single_dh_use and honor_cipher_order to true

author Niklas Keller <me@kelunik.com>

Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)

committer Sara Golemon <pollita@php.net>

Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)
author Niklas Keller <me@kelunik.com>
Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)
committer Sara Golemon <pollita@php.net>
Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c

index 66e1d598af9ee592aa234c47b5280d17d21dfd07..c56e67f36554cc9e7611535847d47c0829c0bdfe 100644 (file)
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -1252,12 +1252,12 @@ static int set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */
  
         set_server_dh_param(stream, ctx);
         zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "single_dh_use");
-       if (zv != NULL && zend_is_true(zv)) {
+       if (zv == NULL || zend_is_true(zv)) {
                 ssl_ctx_options |= SSL_OP_SINGLE_DH_USE;
         }
  
         zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "honor_cipher_order");
-       if (zv != NULL && zend_is_true(zv)) {
+       if (zv == NULL || zend_is_true(zv)) {
                 ssl_ctx_options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
         }
author	Niklas Keller <me@kelunik.com>
	Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)
committer	Sara Golemon <pollita@php.net>
	Sun, 18 Jun 2017 23:54:45 +0000 (19:54 -0400)