ID: 48116
Updated by: paj...@php.net
Reported By: Al dot Smith at aeschi dot ch dot eu dot org
-Status: Assigned
+Status: Closed
Bug Type: OpenSSL related
Operating System: Linux
PHP Version: *
Assigned To: pajoye
New Comment:
Applied to 5.3 and HEAD, keeping 0.x compatibility.
Previous Comments:
------------------------------------------------------------------------
[2009-06-18 15:10:38] paj...@php.net
Not specific to 5.3 and will be done for 6.0 or 5.3.1.
------------------------------------------------------------------------
[2009-04-29 22:26:20] paj...@php.net
I will test it while updating HEAD to use openssl 1.0 on win. I have to
check as well if this change builds fine with older version (both this
week :).
------------------------------------------------------------------------
[2009-04-29 22:03:19] Al dot Smith at aeschi dot ch dot eu dot org
diff -ur php-5.3.0RC1-orig/ext/openssl/openssl.c
php-5.3.0RC1/ext/openssl/openssl.c
--- php-5.3.0RC1-orig/ext/openssl/openssl.c 2008-12-31
03:15:40.000000000 -0800
+++ php-5.3.0RC1/ext/openssl/openssl.c 2009-04-29 14:50:04.000000000
-0700
@@ -502,8 +502,8 @@
static char default_ssl_conf_filename[MAXPATHLEN];
struct php_x509_request { /* {{{ */
- LHASH * global_config; /* Global SSL config */
- LHASH * req_config; /* SSL config for this request
*/
+ LHASH_OF(CONF_VALUE) * global_config; /* Global SSL config
*/
+ LHASH_OF(CONF_VALUE) * req_config; /* SSL config
for this request */
const EVP_MD * md_alg;
const EVP_MD * digest;
char * section_name,
@@ -678,7 +678,7 @@
}
/* }}} */
-static inline int php_openssl_config_check_syntax(const char *
section_label, const char * config_filename, const char * section,
LHASH * config TSRMLS_DC) /* {{{ */
+static inline int php_openssl_config_check_syntax(const char *
section_label, const char * config_filename, const char * section,
LHASH_OF(CONF_VALUE) * config TSRMLS_DC) /* {{{ */
{
X509V3_CTX ctx;
@@ -1156,7 +1156,7 @@
if (in == NULL) {
return NULL;
}
- cert = (X509 *) PEM_ASN1_read_bio((char
*(*)())d2i_X509, PEM_STRING_X509, in, NULL, NULL, NULL);
+ cert = (X509 *) PEM_ASN1_read_bio((d2i_of_void *)
d2i_X509, PEM_STRING_X509, in, NULL, NULL, NULL);
BIO_free(in);
}
@@ -2786,7 +2786,7 @@
case EVP_PKEY_RSA2:
assert(pkey->pkey.rsa != NULL);
- if (NULL == pkey->pkey.rsa->p || NULL ==
pkey->pkey.rsa->q) {
+ if (pkey->pkey.rsa != NULL && (NULL ==
pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)) {
return 0;
}
break;
------------------------------------------------------------------------
[2009-04-29 22:02:25] Al dot Smith at aeschi dot ch dot eu dot org
Description:
------------
PHP 5.3.0-RC1 fails to compile correctly against OpenSSL library
1.0.0-beta2. A patch will be supplied to correct the compile failures.
Additionally, when using SSL library functions, pkey->pkey.rsa is found
to be NULL where the code expects a different value. The supplied patch
will protect against a null pointer being followed, however I am not
certain of any other side-effects.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=48116&edit=1
