On Mon, Dec 4, 2017 at 1:18 PM, li...@rhsoft.net <li...@rhsoft.net> wrote: > Am 04.12.2017 um 18:36 schrieb Sara Golemon: >> On Fri, Dec 1, 2017 at 6:35 PM, li...@rhsoft.net <li...@rhsoft.net> wrote: >>> >>> the main question is why does PHP need to to *anything* here instead hand >>> the TLS handshake completly over to openssl? in that case even PHP5 could >>> perfer TLS1.2 ciphers against a sevrer that orders them on top without >>> touch >>> any line of PHP's code >>> >> Because the SSL API in OpenSSL that PHP uses doesn't let you say: >> "Just give me the best method you can" >> >> There may be another SSL API that does, but that's more than just "set >> the value to any and be done with it" > > > and how does other software like the apache benchmark tool "ab" this for as > long as i can think which is also linked against openssl? >
You quoted this, but I don't think you understood it. """ There may be another SSL API that does, but that's more than just "set the value to any and be done with it". Pull requests welcome, """ I don't doubt that it's possible to do, but it's not as trivial as "Just make the ANY constant really mean ANY". If you have a solution, offer it. Until then, it's going to wait until someone else has the time and inclination to do so. -Sara -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
