Quote:
|
Originally Posted by gravel
One of our sites has been experiencing a UPS problem for some customers (but not all). Even thought it's a 4.0.17 site, commenting out if statements with "ssl3" fixed the problem. See http://forum.x-cart.com/showthread.php?t=70478.
So again, I ask, for the file func_https_ssleay.php, how do I modify this line which contains "ssl3":
Code:
$execline .= " $ui[host] $ui[port] " . ($use_ssl3 ? '1' : '0') . ' ' . func_shellquote($cert) . ' ' . func_shellquote($kcert) . ' < ' . func_shellquote($tmpfile) . ' 2>' . func_shellquote($ignorefile);
|
Sorry for the misunderstanding.
It seems your https modules have 4.2.x/4.3.x or 4.x.x versions.
In this case you have to apply the
remove_ssl3-2014-10-30.4.2.3.tgz
or
remove_ssl3-2014-10-30.4.3.2.tgz
or
remove_ssl3-2014-10-30.4.x.x.tgz
patches.
Regarding the netssleay module you have to apply this patch
Code:
Index: payment/netssleay.pl
===================================================================
--- payment/netssleay.pl 2014-10-30 10:53:36.853370920 +0300
+++ payment/netssleay.pl 2014-10-30 10:56:14.703370767 +0300
@@ -9,15 +9,16 @@
if ($#ARGV < 1) {
print <<EOF;
- Usage: $0 host port use_ssl3 [cert [keycert]] < requestfile
+ Usage: $0 host port use_tls [cert [keycert]] < requestfile
EOF
exit;
}
-($host, $port, $use_ssl3, $cert, $kcert) = @ARGV;
+($host, $port, $use_tls, $cert, $kcert) = @ARGV;
-if ($use_ssl3 == '1') {
- $Net::SSLeay::ssl_version = 3;
+if ($use_tls == '1') {
+ # http://search.cpan.org/~mikem/Net-SSLeay-1.66/lib/Net/SSLeay.pod#KNOWN_BUGS_AND_CAVEATS
+ $Net::SSLeay::ssl_version = 10;
}
$request = "";
You can skip the func.https_ssleay.php file modification.
By the way it seems the onlinetools.ups.com UPS server still supports SSL3 protocol.
https://www.ssllabs.com/ssltest/analyze.html?d=onlinetools.ups.com&s=153.2.228.76& hideResults=on