Split conditional TLS versions into a separate method

Having a separate method gives a nicer home to the inline comments. I've
had to disable coding standards checks as the constants provided by PHP
do not follow the UPPER_CASE conventions.
This commit is contained in:
mark_story 2017-04-06 10:00:47 -04:00
parent 4475cc06fd
commit c74d2e0860

View file

@ -45,7 +45,7 @@ class CakeSocket {
'protocol' => 'tcp', 'protocol' => 'tcp',
'port' => 80, 'port' => 80,
'timeout' => 30, 'timeout' => 30,
'cryptoType' => 'tls' 'cryptoType' => 'tls',
); );
/** /**
@ -118,8 +118,23 @@ class CakeSocket {
public function __construct($config = array()) { public function __construct($config = array()) {
$this->config = array_merge($this->_baseConfig, $config); $this->config = array_merge($this->_baseConfig, $config);
// These TLS versions are not supported by older PHP versions, $this->_addTlsVersions();
// so we have to conditionally set them if they are supported. }
/**
* Add TLS versions that are dependent on specific PHP versions.
*
* These TLS versions are not supported by older PHP versions,
* so we have to conditionally set them if they are supported.
*
* As of PHP5.6.6, STREAM_CRYPTO_METHOD_TLS_CLIENT does not include
* TLS1.1 or 1.2. If we have TLS1.2 support we need to update the method map.
*
* @see https://bugs.php.net/bug.php?id=69195
* @see https://github.com/php/php-src/commit/10bc5fd4c4c8e1dd57bd911b086e9872a56300a0
* @return void
*/
protected function _addTlsVersions() {
$conditionalCrypto = array( $conditionalCrypto = array(
'tlsv1_1_client' => 'STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT', 'tlsv1_1_client' => 'STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT',
'tlsv1_2_client' => 'STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT', 'tlsv1_2_client' => 'STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT',
@ -132,17 +147,14 @@ class CakeSocket {
} }
} }
// As of PHP5.6.6, STREAM_CRYPTO_METHOD_TLS_CLIENT does not include // @codingStandardsIgnoreStart
// TLS1.1 or 1.2. If we have TLS1.2 support we need to update the method map.
//
// See https://bugs.php.net/bug.php?id=69195 &
// https://github.com/php/php-src/commit/10bc5fd4c4c8e1dd57bd911b086e9872a56300a0
if (isset($this->_encryptMethods['tlsv1_2_client'])) { if (isset($this->_encryptMethods['tlsv1_2_client'])) {
$this->_encryptMethods['tls_client'] = STREAM_CRYPTO_METHOD_TLS_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; $this->_encryptMethods['tls_client'] = STREAM_CRYPTO_METHOD_TLS_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
} }
if (isset($this->_encryptMethods['tlsv1_2_server'])) { if (isset($this->_encryptMethods['tlsv1_2_server'])) {
$this->_encryptMethods['tls_server'] = STREAM_CRYPTO_METHOD_TLS_SERVER | STREAM_CRYPTO_METHOD_TLSv1_1_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER; $this->_encryptMethods['tls_server'] = STREAM_CRYPTO_METHOD_TLS_SERVER | STREAM_CRYPTO_METHOD_TLSv1_1_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER;
} }
// @codingStandardsIgnoreEnd
} }
/** /**