Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#25 2021-01-08 15:07:42

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,691
GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

Bloke wrote #328092:

OPENSSL_VERSION_NUMBER: 268443903
OPENSSL_VERSION_TEXT: OpenSSL 1.0.2o 27 Mar 2018

So, not sure what to make of all that.

Ideas?

Selectively quoting, juggling a few bits: 268443903 is decimal converted from its internal version string: 0x100020ff. Each OpenSSL revision release in a given branch is greater than the last one, so a < or > check should be straightforward.

Ninja edit: wiki.openssl.org/index.php/Versioning explains it far more succinctly than I could!

Last edited by gaekwad (2021-01-08 15:16:27)

Offline

#26 2021-01-08 15:12:27

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,691
GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

gaekwad wrote #328087:

TLS v1.2 (the oldest we use that’s currently considered ‘safe’) was introduced in OpenSSL 1.0.1, so PHP running with OpenSSL 1.0.1 or an off-brand remix with TLS v1.2 support should work just fine.

Check OPENSSL_VERSION_NUMBER for a value equal to or greater than 268439567, which is the decimal flavour of 0x1000100f, which is the oldest non-beta release of OpenSSL 1.0.1.

Offline

#27 2021-01-08 15:19:48

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,562
Website GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

gaekwad wrote #328097:

Check OPENSSL_VERSION_NUMBER for a value equal to or greater than 268439567

Okay. Watch the 4.8.5 repo for changes.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#28 2021-01-08 16:03:11

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,562
Website GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

Okay, go test please.

You should just get the standard ‘cannot connect’ if the SSL version doesn’t match our minimum (constant).

Note that you’ll need to comment out the check for $is_dev in txp_diag.php if you want to test this, since the update checks aren’t run for dev environments yet. When we get the infrastructure in place in the version.json file to include the bleeding edge dev version/branch (somehow), we might add this feature.

Oh, and delete the last_update_check pref from the database too, unless you’re ultra patient and want to wait an hour for it to timeout.

Last edited by Bloke (2021-01-08 16:07:25)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#29 2021-01-09 05:34:46

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,512
Website

Re: Vanilla Textpattern 4.8.4 hiccup

FWIW, on macOS 11.1: PHP SSL version: LibreSSL 2.8.3 – the Diagnostics panel loads just fine.

(patched TXP-dev install on localhost)

Note that you’ll need to comment out the check for $is_dev in txp_diag.php

Not sure what I need to comment out for further testing ? I can only find instances of a $txp_is_dev in that file (5 in total).


Where is that emoji for a solar powered submarine when you need it ?

Offline

#30 2021-01-09 09:43:22

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,562
Website GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

Sorry, yeah, $txp_is_dev. There’s a chunk of code near the top that does the checkUpdate so just comment out or remove line 196 and its corresponding brace on line 218 to enable the update check. And remove the last_update_check pref if it’s in your txp_prefs table as you only get one shot per hour otherwise.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#31 2021-01-09 10:24:46

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,512
Website

Re: Vanilla Textpattern 4.8.4 hiccup

Ok, modified the file, reloading the panel then gives me:

Pre-flight check

New Textpattern version 4.8.4 available for download. Help

/Users/[username]/Sites/txp-dev/textpattern/setup/ still exists. Help

Diagnostic info

The above is the expected text, I think. Still no issues to report. I’ll let that file remain modified till tomorow and see if it complains.


Where is that emoji for a solar powered submarine when you need it ?

Offline

#32 2021-01-09 13:20:43

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,562
Website GitHub

Re: Vanilla Textpattern 4.8.4 hiccup

phiw13 wrote #328109:

New Textpattern version…

Yeah, I spotted that. It’s a bit odd that it thinks your current version (4.8.4) is ‘older’ than the currently available version (4.8.4) so I might have to check the logic there.

Aside: does the Diagnostics panel indicate your PHP SSL version correctly?


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#33 2021-01-09 21:18:21

gomedia
Plugin Author
Registered: 2008-06-01
Posts: 1,358
Website

Re: Vanilla Textpattern 4.8.4 hiccup

For the record, here’re the values in my old-fashioned 5.6.21 setup:

OPENSSL_VERSION_TEXT = OpenSSL 0.9.8zc 19 Mar 2015
OPENSSL_VERSION_NUMBER = 9470431

and in 7.3.11:

OPENSSL_VERSION_TEXT = LibreSSL 2.8.3
OPENSSL_VERSION_NUMBER = 536870912

Have updated the code & output post to include OPENSSL_VERSION_NUMBER

Last edited by gomedia (2021-01-09 22:00:50)

Offline

#34 2021-01-10 00:30:47

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,512
Website

Re: Vanilla Textpattern 4.8.4 hiccup

Bloke wrote #328112:

Aside: does the Diagnostics panel indicate your PHP SSL version correctly?

Yes. PHP SSL version: LibreSSL 2.8.3, which matches what Adi posted above.

At the command line:

$openssl version
LibreSSL 2.8.3

after that many hours, I revisited the Diagnostics panel, still no complains/errors/warnings, same output as posted above


Where is that emoji for a solar powered submarine when you need it ?

Offline

Board footer

Powered by FluxBB