From 3979abc638796b52edbf754290497a6cc58712f4 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Tue, 26 Jan 2016 22:05:35 +0000 Subject: [PATCH] Add warning if OpenSSL does not support TLSv1.2 or TLSv1.1 --- src/Composer/Command/DiagnoseCommand.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/Composer/Command/DiagnoseCommand.php b/src/Composer/Command/DiagnoseCommand.php index 2306b138a..c78c808e1 100644 --- a/src/Composer/Command/DiagnoseCommand.php +++ b/src/Composer/Command/DiagnoseCommand.php @@ -453,6 +453,10 @@ EOT $errors['openssl'] = true; } + if (extension_loaded('openssl') && OPENSSL_VERSION_NUMBER < 0x1000100f) { + $warnings['openssl_version'] = true; + } + if (!defined('HHVM_VERSION') && !extension_loaded('apcu') && ini_get('apc.enable_cli')) { $warnings['apc_cli'] = true; } @@ -570,6 +574,16 @@ EOT $text .= " Composer works with 5.3.2+ for most people, but there might be edge case issues."; break; + case 'openssl_version': + // Attempt to parse version number out, fallback to whole string value. + $opensslVersion = trim(strstr(OPENSSL_VERSION_TEXT, ' ')); + $opensslVersion = substr($opensslVersion, 0, strpos($opensslVersion, ' ')); + $opensslVersion = $opensslVersion ? $opensslVersion : OPENSSL_VERSION_TEXT; + + $text = "The OpenSSL library ({$opensslVersion}) used by PHP does not support TLSv1.2 or TLSv1.1.".PHP_EOL; + $text .= "If possible you should upgrade OpenSSL to version 1.0.1 or above."; + break; + case 'xdebug_loaded': $text = "The xdebug extension is loaded, this can slow down Composer a little.".PHP_EOL; $text .= " Disabling it when using Composer is recommended.";