When using fopen on https streams, disable weak ciphers and compression

Per recomendation of
http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0

Change-Id: I69d063ff4aa4248dd4f3d03de5a168c4b5a99c50

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index bbf3de6..60196ab 100644 (file)
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -971,6 +971,8 @@ class PhpHttpRequest extends MWHttpRequest {
                        'ssl' => array(
                                'verify_peer' => $this->sslVerifyCert,
                                'SNI_enabled' => true,
+                               'ciphers' => 'HIGH:!SSLv2:!SSLv3:-ADH:-kDH:-kECDH:-DSS',
+                               'disable_compression' => true,
                        ),
                );