Browse Source

Apply patch from @nervuri:matrix.org to stop supporting out of spec versions of TLS

master
Neil McKillop 4 years ago
parent
commit
ec115d017e
  1. 7
      server.php

7
server.php

@ -20,11 +20,16 @@ $socket = stream_socket_server("tcp://{$g->ip}:{$g->port}", $errno, $errstr, STR
stream_socket_enable_crypto($socket, false); stream_socket_enable_crypto($socket, false);
// apply patch from @nervuri:matrix.org to stop supporting out of spec versions of TLS
$cryptoMethod = STREAM_CRYPTO_METHOD_TLS_SERVER
& ~ STREAM_CRYPTO_METHOD_TLSv1_0_SERVER
& ~ STREAM_CRYPTO_METHOD_TLSv1_1_SERVER;
while(true) { while(true) {
$forkedSocket = stream_socket_accept($socket, "-1", $remoteIP); $forkedSocket = stream_socket_accept($socket, "-1", $remoteIP);
stream_set_blocking($forkedSocket, true); stream_set_blocking($forkedSocket, true);
stream_socket_enable_crypto($forkedSocket, true, STREAM_CRYPTO_METHOD_TLS_SERVER); stream_socket_enable_crypto($forkedSocket, true, $cryptoMethod);
$line = fread($forkedSocket, 1024); $line = fread($forkedSocket, 1024);
stream_set_blocking($forkedSocket, false); stream_set_blocking($forkedSocket, false);

Loading…
Cancel
Save