[MediaWiki-commits] [Gerrit] When using fopen on https streams, disable weak ciphers and ... - change (mediawiki/core)

2015-10-11 Thread jenkins-bot (Code Review)
jenkins-bot has submitted this change and it was merged.

Change subject: When using fopen on https streams, disable weak ciphers and 
compression
..


When using fopen on https streams, disable weak ciphers and compression

Per recomendation of
http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0

Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50
---
M includes/HttpFunctions.php
1 file changed, 2 insertions(+), 0 deletions(-)

Approvals:
  Gergő Tisza: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index bbf3de6..60196ab 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -971,6 +971,8 @@
'ssl' => array(
'verify_peer' => $this->sslVerifyCert,
'SNI_enabled' => true,
+   'ciphers' => 
'HIGH:!SSLv2:!SSLv3:-ADH:-kDH:-kECDH:-DSS',
+   'disable_compression' => true,
),
);
 

-- 
To view, visit https://gerrit.wikimedia.org/r/222088
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Brian Wolff 
Gerrit-Reviewer: BBlack 
Gerrit-Reviewer: CSteipp 
Gerrit-Reviewer: Gergő Tisza 
Gerrit-Reviewer: Ori.livneh 
Gerrit-Reviewer: Parent5446 
Gerrit-Reviewer: jenkins-bot <>

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits


[MediaWiki-commits] [Gerrit] When using fopen on https streams, disable weak ciphers and ... - change (mediawiki/core)

2015-07-01 Thread Brian Wolff (Code Review)
Brian Wolff has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/222088

Change subject: When using fopen on https streams, disable weak ciphers and 
compression
..

When using fopen on https streams, disable weak ciphers and compression

Per recomendation of
http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0

Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50
---
M includes/HttpFunctions.php
1 file changed, 2 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/88/222088/1

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index 825cd06..c47b5e6 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -899,6 +899,8 @@
'ssl' = array(
'verify_peer' = $this-sslVerifyCert,
'SNI_enabled' = true,
+   'ciphers' = 'HIGH:!SSLv2:!SSLv3',
+   'disable_compression' = true,
),
);
 

-- 
To view, visit https://gerrit.wikimedia.org/r/222088
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Brian Wolff bawolff...@gmail.com

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits