@ -383,6 +383,7 @@ class RemoteFilesystem
}
}
// Handle SSL cert match issues
if (false === $result & & false !== strpos($errorMessage, 'Peer certificate') & & PHP_VERSION_ID < 50600 ) {
// Certificate name error, PHP doesn't support subjectAltName on PHP < 5.6
// The procedure to handle sAN for older PHP's is:
@ -421,9 +422,11 @@ class RemoteFilesystem
$result = $this->get($this->originUrl, $this->fileUrl, $additionalOptions, $this->fileName, $this->progress);
$authHelper = new AuthHelper($this->io, $this->config);
$authHelper->storeAuth($this->originUrl, $this->storeAuth);
$this->storeAuth = false;
if (false !== $this->storeAuth) {
$authHelper = new AuthHelper($this->io, $this->config);
$authHelper->storeAuth($this->originUrl, $this->storeAuth);
$this->storeAuth = false;
}
return $result;
}
@ -734,7 +737,7 @@ class RemoteFilesystem
'DHE-DSS-AES256-SHA',
'DHE-RSA-AES256-SHA',
'AES128-GCM-SHA256',
'AES256-GCM-SHA384',
'AES256-GCM-SHA384',
'ECDHE-RSA-RC4-SHA',
'ECDHE-ECDSA-RC4-SHA',
'AES128',
@ -916,11 +919,12 @@ class RemoteFilesystem
// assume the CA is valid if php is vulnerable to
// https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html
if (
PHP_VERSION_ID < = 50327
|| (PHP_VERSION_ID >= 50400 & & PHP_VERSION_ID < 50422 )
|| (PHP_VERSION_ID >= 50500 & & PHP_VERSION_ID < 50506 )
) {
if (!TlsHelper::isOpensslParseSafe()) {
$this->io->writeError(sprintf(
'< error > Your version of PHP, %s, is affected by CVE-2013-6420 and cannot safely perform certificate validation, we strongly suggest you upgrade.< / error > ',
PHP_VERSION
));
return $files[$filename] = !empty($contents);
}
Jordi Boggiano
9 years ago