Skip to content

Commit 612bb5c

Browse files
nicolas-grekasnicolas-grekas
committed
[HttpClient] Add option crypto_method to set the minimum TLS version and make it default to v1.2
1 parent 7c0b57b commit 612bb5c

File tree

1 file changed

+7
-4
lines changed

1 file changed

+7
-4
lines changed

DependencyInjection/Configuration.php

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1817,7 +1817,7 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode, callable $e
18171817
->info('A network interface name, IP address, a host name or a UNIX socket to bind to.')
18181818
->end()
18191819
->booleanNode('verify_peer')
1820-
->info('Indicates if the peer should be verified in an SSL/TLS context.')
1820+
->info('Indicates if the peer should be verified in a TLS context.')
18211821
->end()
18221822
->booleanNode('verify_host')
18231823
->info('Indicates if the host should exist as a certificate common name.')
@@ -1838,7 +1838,7 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode, callable $e
18381838
->info('The passphrase used to encrypt the "local_pk" file.')
18391839
->end()
18401840
->scalarNode('ciphers')
1841-
->info('A list of SSL/TLS ciphers separated by colons, commas or spaces (e.g. "RC3-SHA:TLS13-AES-128-GCM-SHA256"...)')
1841+
->info('A list of TLS ciphers separated by colons, commas or spaces (e.g. "RC3-SHA:TLS13-AES-128-GCM-SHA256"...)')
18421842
->end()
18431843
->arrayNode('peer_fingerprint')
18441844
->info('Associative array: hashing algorithm => hash(es).')
@@ -1849,6 +1849,9 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode, callable $e
18491849
->variableNode('md5')->end()
18501850
->end()
18511851
->end()
1852+
->scalarNode('crypto_method')
1853+
->info('The minimum version of TLS to accept; must be one of STREAM_CRYPTO_METHOD_TLSv*_CLIENT constants.')
1854+
->end()
18521855
->arrayNode('extra')
18531856
->info('Extra options for specific HTTP client')
18541857
->normalizeKeys(false)
@@ -1965,7 +1968,7 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode, callable $e
19651968
->info('A network interface name, IP address, a host name or a UNIX socket to bind to.')
19661969
->end()
19671970
->booleanNode('verify_peer')
1968-
->info('Indicates if the peer should be verified in an SSL/TLS context.')
1971+
->info('Indicates if the peer should be verified in a TLS context.')
19691972
->end()
19701973
->booleanNode('verify_host')
19711974
->info('Indicates if the host should exist as a certificate common name.')
@@ -1986,7 +1989,7 @@ private function addHttpClientSection(ArrayNodeDefinition $rootNode, callable $e
19861989
->info('The passphrase used to encrypt the "local_pk" file.')
19871990
->end()
19881991
->scalarNode('ciphers')
1989-
->info('A list of SSL/TLS ciphers separated by colons, commas or spaces (e.g. "RC3-SHA:TLS13-AES-128-GCM-SHA256"...)')
1992+
->info('A list of TLS ciphers separated by colons, commas or spaces (e.g. "RC3-SHA:TLS13-AES-128-GCM-SHA256"...)')
19901993
->end()
19911994
->arrayNode('peer_fingerprint')
19921995
->info('Associative array: hashing algorithm => hash(es).')

0 commit comments

Comments
 (0)