[MediaWiki-commits] [Gerrit] When using fopen on https streams, disable weak ciphers and ... - change (mediawiki/core)
jenkins-bot has submitted this change and it was merged. Change subject: When using fopen on https streams, disable weak ciphers and compression .. When using fopen on https streams, disable weak ciphers and compression Per recomendation of http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0 Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50 --- M includes/HttpFunctions.php 1 file changed, 2 insertions(+), 0 deletions(-) Approvals: Gergő Tisza: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php index bbf3de6..60196ab 100644 --- a/includes/HttpFunctions.php +++ b/includes/HttpFunctions.php @@ -971,6 +971,8 @@ 'ssl' => array( 'verify_peer' => $this->sslVerifyCert, 'SNI_enabled' => true, + 'ciphers' => 'HIGH:!SSLv2:!SSLv3:-ADH:-kDH:-kECDH:-DSS', + 'disable_compression' => true, ), ); -- To view, visit https://gerrit.wikimedia.org/r/222088 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50 Gerrit-PatchSet: 4 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Brian WolffGerrit-Reviewer: BBlack Gerrit-Reviewer: CSteipp Gerrit-Reviewer: Gergő Tisza Gerrit-Reviewer: Ori.livneh Gerrit-Reviewer: Parent5446 Gerrit-Reviewer: jenkins-bot <> ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] When using fopen on https streams, disable weak ciphers and ... - change (mediawiki/core)
Brian Wolff has uploaded a new change for review. https://gerrit.wikimedia.org/r/222088 Change subject: When using fopen on https streams, disable weak ciphers and compression .. When using fopen on https streams, disable weak ciphers and compression Per recomendation of http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0 Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50 --- M includes/HttpFunctions.php 1 file changed, 2 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/88/222088/1 diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php index 825cd06..c47b5e6 100644 --- a/includes/HttpFunctions.php +++ b/includes/HttpFunctions.php @@ -899,6 +899,8 @@ 'ssl' = array( 'verify_peer' = $this-sslVerifyCert, 'SNI_enabled' = true, + 'ciphers' = 'HIGH:!SSLv2:!SSLv3', + 'disable_compression' = true, ), ); -- To view, visit https://gerrit.wikimedia.org/r/222088 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Brian Wolff bawolff...@gmail.com ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits