Edit report at https://bugs.php.net/bug.php?id=63992&edit=1
ID: 63992 Updated by: tony2...@php.net Reported by: mikhail dot v dot gavrilov at gmail dot com Summary: php not use default openSSH confing -Status: Open +Status: Assigned Type: Bug Package: OpenSSL related Operating System: RHEL/Fedora PHP Version: 5.4.11RC1 -Assigned To: +Assigned To: pajoye Block user comment: N Private report: N Previous Comments: ------------------------------------------------------------------------ [2013-01-15 14:51:34] mikhail dot v dot gavrilov at gmail dot com Description: ------------ For using GOST encryption engine: 1. i compiled openSSH with GOST support 2. added the following lines in openssl.cnf openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] gost = gost_section [gost_section] engine_id = gost default_algorithms = ALL dynamic_path = /usr/lib/openssl/engines/libgost.so CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet But when I use curl PHP still get error: 'Cannot communicate securely with peer: no common encryption algorithm(s).' Than I search I find this solution: http://stackoverflow.com/questions/10959771/openssl-and-gost-engine-issue- statically-linked So I create patch *** 111/openssl.c 2012-12-19 12:55:19.000000000 +0600 --- openssl.c 2013-01-15 18:43:22.000000000 +0600 *************** *** 1038,1043 **** --- 1038,1046 ---- le_x509 = zend_register_list_destructors_ex(php_x509_free, NULL, "OpenSSL X.509", module_number); le_csr = zend_register_list_destructors_ex(php_csr_free, NULL, "OpenSSL X.509 CSR", module_number); + /* needed for use default config */ + OPENSSL_config(NULL); + SSL_library_init(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); and my script became work. Test script: --------------- $address="https://icrs.nbki.ru/products/B2BRequestServlet";; // $proxy = '10.10.4.24:3128'; $xml = ''; $ch = curl_init($address); $page = "Xml.php"; $headers = array( "POST ".$page." HTTP/1.0", "content-type:application/octet-stream;charset=\"windows-1251\"", ); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_POSTFIELDS, $xml); if(isset($proxy)) curl_setopt($ch, CURLOPT_PROXY, $proxy); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $response = curl_exec($ch);if ($response === false) throw new Exception(curl_error($ch)); curl_close($ch); ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=63992&edit=1
