php 错误 0x1408F10B:“SSL3_GET_RECORD:错误的版本号”与 PayPal SDK
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/26378351/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error 0x1408F10B: "SSL3_GET_RECORD:wrong version number" with PayPal SDK
提问by Archimedix
Looks like PayPal might have updated its systems in light of the POODLEattack, causing sites using the PHP PayPal SDK to break.
看起来 PayPal 可能已经根据POODLE攻击更新了其系统,从而导致使用 PHP PayPal SDK 的站点中断。
I get the error:
我收到错误:
PayPal/Exception/PPConnectionException: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPHttpConnection.php:91
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPAPIService.php:66
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPBaseService.php:82
/var/www/site/vendor/paypal/adaptivepayments-sdk-php/lib/PayPal/Service/AdaptivePaymentsService.php:97
What would you recommend to fix this, without compromising security ?
您建议如何在不影响安全性的情况下解决此问题?
采纳答案by Archimedix
UPDATE: As Jaffer noted, PayPal's GitHub repositoryhas already merged the changesbelow, so you might just update your SDK.
更新:正如 Jaffer 所指出的,PayPal 的 GitHub 存储库已经合并了以下更改,因此您可能只需更新您的 SDK。
At least this seems to work for now, though I will have to investigate what protocol it will actually use.
至少现在这似乎有效,但我将不得不调查它实际使用的协议。
\PayPal\Core\PPHttpConfig::$DEFAULT_CURL_OPTS[CURLOPT_SSLVERSION] = 1;
// 0 = default protocol (likely TLSv1), 1 = TLSv1; unsafe: 2 = SSLv2, 3 = SSLv3
For other people using cURL directly, just use
对于直接使用 cURL 的其他人,只需使用
curl_setopt($handle, CURLOPT_SSLVERSION, 1);
UPDATE:
Just looked up the source to cURL, these are the values (//comments mine):
enum {
CURL_SSLVERSION_DEFAULT, // 0
CURL_SSLVERSION_TLSv1, // 1
CURL_SSLVERSION_SSLv2, // 2
CURL_SSLVERSION_SSLv3, // 3
CURL_SSLVERSION_LAST /* never use, keep last */ // 4
};
So to summarize, yes, 1 is TLSv1 and judging from the comment, is probably better than 4.
Updated code above.
所以总而言之,是的,1 是 TLSv1,从评论来看,可能比 4 好
。更新了上面的代码。
回答by Phil Hawthorne
PayPal have officially released an update to the PHP SDK to address this issue, which was posted in the Github PR Jaffer linked to
PayPal 已正式发布了 PHP SDK 的更新以解决此问题,该更新发布在 Github PR Jaffer 中,链接到
https://github.com/paypal/rest-api-sdk-php/releases/tag/v0.13.1
https://github.com/paypal/rest-api-sdk-php/releases/tag/v0.13.1
回答by datasn.io
For people who are using https://github.com/Quixotix/PHP-PayPal-IPN, just set false to force_ssl_v3:
对于使用https://github.com/Quixotix/PHP-PayPal-IPN 的人,只需将 false 设置为 force_ssl_v3:
$listener = new IpnListener();
$listener->force_ssl_v3 = false;
