diff options
author | friendica <info@friendica.com> | 2014-03-25 15:19:18 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-03-25 15:19:18 -0700 |
commit | 7375e305060df3818f01a96fbbd811921468ad89 (patch) | |
tree | 71cd4ebb6ef0bd7fa4434ef6868e141bca84c0b3 /mod | |
parent | f14596b1ebeecf2c75939374136c830e44dbd923 (diff) | |
download | volse-hubzilla-7375e305060df3818f01a96fbbd811921468ad89.tar.gz volse-hubzilla-7375e305060df3818f01a96fbbd811921468ad89.tar.bz2 volse-hubzilla-7375e305060df3818f01a96fbbd811921468ad89.zip |
This should be a slight improvement in setting ciphers - we'll punt on RedHat but open up the list just for openssl distros which seem to have all the problems at the moment.
Diffstat (limited to 'mod')
-rwxr-xr-x | mod/setup.php | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/mod/setup.php b/mod/setup.php index 83317dc4c..02c2268ce 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -605,9 +605,28 @@ function what_next() { $a = get_app(); // install the standard theme set_config('system','allowed_themes','redbasic'); + + // Set a lenient list of ciphers if using openssl. Other ssl engines + // (e.g. NSS used in RedHat) require different syntax, so hopefully + // the default curl cipher list will work for most sites. If not, + // this can set via config. Many distros are now disabling RC4, + // but many Red sites still use it and are unable to change it. + // We do not use SSL for encryption, only to protect session cookies. + // z_fetch_url() is also used to import shared links and other content + // so in theory most any cipher could show up and we should do our best + // to make the content available rather than tell folks that there's a + // weird SSL error which they can't do anything about. + + $x = curl_version(); + if(stristr($x['ssl_version'],'openssl')) + set_config('system','curl_ssl_ciphers','ALL:!eNULL'); + + // Create a system channel require_once ('include/identity.php'); create_sys_channel(); + + $baseurl = $a->get_baseurl(); return t('<h1>What next</h1>') |