You are not logged in. Please login or register.
 |
For proper configuration and installation, please use the Configuration Wizard |
English: PHP ≤ 7.1 is EOL - PHP 7.2.27 - PHP 7.3.14 - PHP 7.4.2 - #remirepo IRC channel
Français : PHP ≤ 7.1 est EOL - PHP 7.2.27 - PHP 7.3.14 - PHP 7.4.2 - canal IRC #remirepo - Twitter: @RemiRepository
Remi's RPM repository - Forum → Request for old packages → php-devel from 5.3.14-1.el6.remi
Hi Remi,
I'm desperate looking for:
distribution used (Fedora / Red Hat / CentOS, ...)
Centos 6.2
architecture used (i386, i686 or x86_64)
x86_64
exact package name, version, release needed
php-devel from 5.3.14-1.el6.remi
Would it be possible to provide this?
Please read http://forum.remirepo.net/viewtopic.php?id=1966
Especially explain that you understand all the security issues.
You should rather switch to php 5.3.3 in base repo which is maintained by RH.
Hi Remi, i certainly do understand the security risk. Migration already has been planned but current libcurl needs to be recompiled for tls support 1.2 before 30th of this month.
You don't have to rebuild anything.
libcurl in C6 support TLS 1.2
And from php-5.3.3-47 changelog
- add options to enable TLS in curl #1255920And using any other version, just add, in you code
defined("CURL_SSLVERSION_TLSv1_2") or define("CURL_SSLVERSION_TLSv1_2", 6);See https://github.com/paypal/TLS-update/issues/7
Hi Remi,
Thanking for thinking along. Currently libcurl is using NSS which didn't work with your suggested solution. On my dev server i switched to openSSL using latest comment on:
http://stackoverflow.com/questions/3513 … sl-version
Which did the trick. If you have a better suggestion in switching to openssl without recompiling, i'll be glad to hear.
I don't understand what it doesn't work for you.
# cat /etc/centos-release
CentOS release 6.8 (Final)
# rpm -q libcurl php-cli
libcurl-7.19.7-52.el6.x86_64
php-cli-5.3.3-47.el6.x86_64
# php -r '
> $ch = curl_init();
> curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/");
> curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
> var_dump(curl_exec($ch));'
PayPal_Connection_OKbool(true)BTW, if you want to rebuild, you have to rebuild everything, not only libcurl, but also php, so php-devel won't help you.
Hi Remi,
As described in the link in my previous message, to have TLS support with cURL:
SSL Version OpenSSL/1.0.1e – Good
SSL Version NSS/3.13.6.0 – Bad
This is what i encoutered too with my setup.
But if i need to rebuild anyway, it should be better escelate and upgrade to the suggested RH Repo
+1 for gerjoremi
I'm using 5.6.28-1.el6.remi
php -i | grep SSL :
SSL => Yes
SSL Version => NSS/3.21 Basic ECC
core SSL => supported
extended SSL => supported
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version => OpenSSL 1.0.1e-fips 11 Feb 2013
Native OpenSSL support => enabled
we have:
SSL Version => NSS/3.21 Basic ECC
it is a problem for example with the payment system 'stripe'. even using CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2 is not working.
current work around is to update nss (yum update nss). but I guess it would be better to have ssl version using openssl instead of nss
AFAIK, there is some curl/nss update in 7.3 (and probably later for 6.x)
Sorry, but I don't plan to maintain another curl package, and will still rely on system default available version.
If something need to be fixed, it should be fixed there.
Remi's RPM repository - Forum → Request for old packages → php-devel from 5.3.14-1.el6.remi
Generated in 0.020 seconds (84% PHP - 16% DB) with 11 queries
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 2 official extensions. Copyright © 2003–2009 PunBB.