Support » Requests and Feedback » Setting SSLVERSION in CURL requests

  • When using functions like wp_remote_get to connect to a third party site, it would be great if we could somehow specify the TLS version to be used.

    In older versions of wordpress, it was possible to do this using the ‘http_api_curl’ action hook and calling curl_setopt on the handle. But as far as I can tell this is no longer possible because WP_Http_Curl has been superseded by Requests_Transport_cURL and related classes.

    The new system uses local hooks rather than global ones ($options->hooks->register() ) and I can’t see any way of adding methods to these hooks apart from directly modifying WP_Http->request() or Requests_Transport_cURL->setup_handle().

    The use-case I have is a server with Centos 6.6, libcurl v7.19.7, openssl 1.0.1e. It’s capable of using TLS 1.2, but by default it will use TLS1.0 unless specified with curl_setopt($handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2)

    Various webservices (eg Stripe) are restricting connections to TLS1.2 only, so the ability to force a TLS1.2 transaction in an environment where it is not the default method would be invaluable.

Viewing 1 replies (of 1 total)
  • Moderator Samuel Wood (Otto)

    (@otto42) Admin

    The http_api_curl action should still work.

    When dispatch is called like so:

    $options['hooks']->dispatch('curl.before_send', array(&$this->handle));

    With the curl.before_send as that first parameter, the function being called here is WP_HTTP_Requests_Hooks::dispatch. It has a special case for curl.before_send that calls that global action_ref_array hook, same as the old hook.

    See class-wp-requests-hooks.php, line 50:

    	public function dispatch( $hook, $parameters = array() ) {
    		$result = parent::dispatch( $hook, $parameters );
    		// Handle back-compat actions
    		switch ( $hook ) {
    			case 'curl.before_send':
    				/** This action is documented in wp-includes/class-wp-http-curl.php */
    				do_action_ref_array( 'http_api_curl', array( $parameters[0], $this->request, $this->url ) );

    Note that below that, it also allows any other local hook to be hooked into by a global one in the same basic manner. The http_api_curl hook is just special-cased specifically for backwards compatibility.

    do_action_ref_array( "requests-{$hook}", $parameters, $this->request, $this->url );
Viewing 1 replies (of 1 total)
  • The topic ‘Setting SSLVERSION in CURL requests’ is closed to new replies.