From 1f5b6e7be58035d123b4f2e8cf42381c4b8f323c Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Thu, 7 Oct 2021 10:52:38 +0200 Subject: [PATCH] Add config parameter to defined extra CURL options for phpCAS client --- index.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/index.php b/index.php index 73457cf..1a9779d 100644 --- a/index.php +++ b/index.php @@ -26,7 +26,12 @@ $cas_servers=array( // If ssl_validation is enable you must define 'ssl_cacert_path' => '/etc/ssl/certs/ca-certificates.crt', 'ssl_cn_validation' => true - ) + // Extra CURL options (for phpCAS client) + 'extra_curl_options' => array( + // Uncomment it in case of 'dh key too small' error + // 'CURLOPT_SSL_CIPHER_LIST' => 'DEFAULT@SECLEVEL=1', + ), + ), ); // FQDN of CAS server @@ -252,6 +257,15 @@ if (is_writable($phpCAS_logfile) || (!is_file($phpCAS_logfile) && is_writable(di phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']); phpCAS::setFixedServiceURL($service_url); +// Set extra CURL options +if (isset($cas_servers[$cas_host]['extra_curl_options']) && is_array($cas_servers[$cas_host]['extra_curl_options'])) { + foreach($cas_servers[$cas_host]['extra_curl_options'] as $opt => $value) { + if (is_string($opt) && substr($opt, 0, 7) == 'CURLOPT' && defined($opt)) + $opt = constant($opt); + phpCAS::setExtraCurlOption($opt, $value); + } +} + if ($cas_servers[$cas_host]['insecure']) { $phpCAS_config['Insecure'] = 'Yes'; $phpCAS_config['Base URL'] = 'http://'.$cas_host.($cas_servers[$cas_host]['port']?':'.$cas_servers[$cas_host]['port']:'').$cas_servers[$cas_host]['context'];