UPDATE 16.08.2019 - the below is silly and wrong. OpenSSL disabled SSL3 by default but it does not mean that it can't be enabled. Simple "make config" and recompile will do it.
As all newer versions of OpenSSL disabled support for SSL 3, now most operating systems have troubles compiling older versions of PHP.
More precisely, PHP 5.4 and older (probably 5.5 too) will produce the following error:
Similar issue happened years ago when SSL 2 was disabled and the PHP team released a patch for it here:
https://bugs.php.net/patch-display....SSLv2_for_openssl_1_0_0.patch&revision=latest
This time (unfortunately) they will not patch it officially because these versions of PHP are unsupported.
DirectAdmin however still provide these PHP versions (and I praise them for that - many hosting providers are unfortunately stuck with support for old php versions because of retro websites being hosted on them). Now without a PHP patch DA can't be installed on newer OS. Keeping the existing OS and OpenSSL library up-to-date may also be an issue.
So I guess we do need a patch for old PHP versions to get SSL 3 disabled. I guess it will be similar to the patch I posted above.
Anybody?
As all newer versions of OpenSSL disabled support for SSL 3, now most operating systems have troubles compiling older versions of PHP.
More precisely, PHP 5.4 and older (probably 5.5 too) will produce the following error:
--- sapi/fpm/php-fpm ---
ext/openssl/xp_ssl.o: In function `php_openssl_setup_crypto':
/usr/local/directadmin/custombuild/php-5.4.45/ext/openssl/xp_ssl.c:343: undefined reference to `SSLv3_client_method'
/usr/local/directadmin/custombuild/php-5.4.45/ext/openssl/xp_ssl.c:355: undefined reference to `SSLv3_server_method'
Similar issue happened years ago when SSL 2 was disabled and the PHP team released a patch for it here:
https://bugs.php.net/patch-display....SSLv2_for_openssl_1_0_0.patch&revision=latest
This time (unfortunately) they will not patch it officially because these versions of PHP are unsupported.
DirectAdmin however still provide these PHP versions (and I praise them for that - many hosting providers are unfortunately stuck with support for old php versions because of retro websites being hosted on them). Now without a PHP patch DA can't be installed on newer OS. Keeping the existing OS and OpenSSL library up-to-date may also be an issue.
So I guess we do need a patch for old PHP versions to get SSL 3 disabled. I guess it will be similar to the patch I posted above.
Anybody?
Last edited: