Subject: Re: OpenSSL support compiled in PHP?
To: Jaromir Dolecek <jdolecek@NetBSD.org>
From: None <firstname.lastname@example.org>
Date: 01/28/2004 15:21:34
On Wed, Jan 28, 2004 at 03:01:36PM +0100, Jaromir Dolecek wrote:
> Quentin Garnier wrote:
> > PHP4 needs OpenSSL support compiled in to establish tls/ssl connections.
> > The openssl module only contains a few functions, support for tls
> > connections is elsewhere in PHP4 code.
> > I think it makes the openssl module mostly useless, and I suggest we
> > compile in support for OpenSSL in our php4 packages (mostly www/php4 and
> > www/ap-php4, right?).
> I'd prefer not to make it part of base PHP pkg - the functionality
> is rarely used, so it would be unnecessary bloat for most users.
Heh I was expecting something like that. Frankly, I'd prefer too.
> Where is the TLS related code located and what uses it? Perhaps
> it would be possible to pull the TLS support code to openssl
> extension module?
That's a big hack (grep -r HAVE_OPENSSL_EXT is informative, and mainly it is
about ext/standard/fsock.c and main/network.c).
I don't know the status of PHP5 on that issue, I doubt it will be different.
Basically the openssl extension is useless when dynamically loaded, except
for some hash calculations. Anything that want to use TLS/SSL (even the
extensions such as ftp.so) need openssl support in the base php.
Also, the functionality is not necessarily "rarely used". The reason why I
raised the issue is because I want to use SquirrelMail with imaps and pop3s.