| Summary | Free/Busy URL Request (CURL + SSL) |
| Queue | Kronolith |
| Queue Version | Git master |
| Type | Bug |
| State | Not A Bug |
| Priority | 1. Low |
| Owners | |
| Requester | tyler.parsons-horde (at) dynamicpulse (dot) com |
| Created | 06/06/2014 (4048 days ago) |
| Due | |
| Updated | 08/29/2014 (3964 days ago) |
| Assigned | 06/10/2014 (4044 days ago) |
| Resolved | 08/29/2014 (3964 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
Version ⇒ Git master
State ⇒ Feedback
CURLOPT_SSLVERSION: The SSL version (2 or 3) to use. By default PHP
will try to determine this itself, although in some cases this must be
set manually.
I'd rather leave it like this, as it seems that any attempt to detect
this on the client level would be inferior to solve it on the protocol
or library level. I'd rather work with the PHP and/or Curl developers
to determine what exactly "some cases" mean, and how to improve this.
Priority ⇒ 1. Low
Patch ⇒ No
Milestone ⇒
Queue ⇒ Kronolith
Summary ⇒ Free/Busy URL Request (CURL + SSL)
Type ⇒ Bug
State ⇒ Unconfirmed
I recently shored up our SSL implementation on apache with the
following options:
SSLProtocol -ALL +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
Then I began noticing that Kronolith requests for free/busy URL
information began to fail. I think I've managed to trace the
accessibility error back to the following class
./pear/php/Horde/Http/Request/Curl.php. Adding the following option
seems to rectify the accessibility issue and Free/Busy URL requests
are now succeeding:
curl_setopt($curl, CURLOPT_SSLVERSION, 3);
I know my workaround is not a good solution and was wondering if
adding support for a fall-through like solution would be desirable?
Perhaps higher SSL versions are tried first within the CURL class, and
if they fail the class could then fall back to older implementations.
I appreciation your feedback.