错误 0x1408F10B:“SSL3_GET_RECORD:版本号错误"使用贝宝 SDK [英] Error 0x1408F10B: "SSL3_GET_RECORD:wrong version number" with PayPal SDK
问题描述
看来 PayPal 可能已经根据 POODLE 攻击,导致使用 PHP PayPal SDK 的网站崩溃.
Looks like PayPal might have updated its systems in light of the POODLE attack, causing sites using the PHP PayPal SDK to break.
我收到错误:
PayPal/Exception/PPConnectionException: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPHttpConnection.php:91
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPAPIService.php:66
/var/www/site/vendor/paypal/sdk-core-php/lib/PayPal/Core/PPBaseService.php:82
/var/www/site/vendor/paypal/adaptivepayments-sdk-php/lib/PayPal/Service/AdaptivePaymentsService.php:97
在不影响安全性的情况下,您有什么建议可以解决这个问题?
What would you recommend to fix this, without compromising security ?
推荐答案
UPDATE:正如 Jaffer 所指出的,PayPal 的 GitHub 存储库 已经合并了下面的更改,所以你可能只是更新你的 SDK.
UPDATE: As Jaffer noted, PayPal's GitHub repository has already merged the changes below, so you might just update your SDK.
至少目前看来这可行,但我将不得不调查它实际使用的协议.
At least this seems to work for now, though I will have to investigate what protocol it will actually use.
PayPalCorePPHttpConfig::$DEFAULT_CURL_OPTS[CURLOPT_SSLVERSION] = 1;
// 0 = default protocol (likely TLSv1), 1 = TLSv1; unsafe: 2 = SSLv2, 3 = SSLv3
其他人直接使用cURL,直接使用
For other people using cURL directly, just use
curl_setopt($handle, CURLOPT_SSLVERSION, 1);
更新:
刚刚查了一下来源到cURL,这些是值(// 评论我的):
UPDATE:
Just looked up the source to cURL, these are the values (// comments mine):
enum {
CURL_SSLVERSION_DEFAULT, // 0
CURL_SSLVERSION_TLSv1, // 1
CURL_SSLVERSION_SSLv2, // 2
CURL_SSLVERSION_SSLv3, // 3
CURL_SSLVERSION_LAST /* never use, keep last */ // 4
};
总而言之,是的,1 是 TLSv1,从评论来看,可能比 4 好.
更新了上面的代码.
So to summarize, yes, 1 is TLSv1 and judging from the comment, is probably better than 4.
Updated code above.
这篇关于错误 0x1408F10B:“SSL3_GET_RECORD:版本号错误"使用贝宝 SDK的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
