rdlowrey

<?php
function countCpuCores() {
    $os = (stripos(PHP_OS, "WIN") === 0) ? "win" : strtolower(trim(shell_exec("uname")));
    switch ($os) {
        case "win":
            $cmd = "wmic cpu get NumberOfCores";
            break;
        case "linux":
            $cmd = "cat /proc/cpuinfo | grep processor | wc -l";
            break;

rdlowrey

<?php
$ch = curl_init();

// 1: only verify that the peer cert HAS a name field
// 2: verify that the name ACTUALLY matches the domain you connected to
// true: cast to 1
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true);

// Mercifully the newest versions of libcurl now disable 1 for this setting.
// This is a prime example of undetectable scalar conversion catastrophe.

rdlowrey

[RFC] TLS Peer Verification

• Verify peer certificates in client streams by default
• Use operating system managed default cert stores if not otherwise specified
• Windows is still an issue as it uses different cert format (I'm working on it)

[RFC] Improved TLS Defaults

• Makes everything SSL/TLS more secure without any user knowledge required
• Vastly improved support for encrypted stream servers (a-la node.js)