iliaa           Sun Nov 10 00:19:39 2002 EDT

  Modified files:              
    /php4/ext/openssl   openssl.c 
  Log:
  Fixed bug #19935. Made OpenSSL file system operations abide by safe_mode 
  & open_basedir restrictions.
  
  
Index: php4/ext/openssl/openssl.c
diff -u php4/ext/openssl/openssl.c:1.51 php4/ext/openssl/openssl.c:1.52
--- php4/ext/openssl/openssl.c:1.51     Sat Aug 10 16:19:46 2002
+++ php4/ext/openssl/openssl.c  Sun Nov 10 00:19:39 2002
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: openssl.c,v 1.51 2002/08/10 20:19:46 wez Exp $ */
+/* $Id: openssl.c,v 1.52 2002/11/10 05:19:39 iliaa Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -158,6 +158,20 @@
 }
 /* }}} */
 
+/* {{{ openssl safe_mode & open_basedir checks */
+inline static int php_openssl_safe_mode_chk(char *filename TSRMLS_DC)
+{
+       if (PG(safe_mode) && (!php_checkuid(filename, NULL, 
+CHECKUID_CHECK_FILE_AND_DIR))) {
+               return -1;
+       }
+       if (php_check_open_basedir(filename TSRMLS_CC)) {
+               return -1;
+       }
+       
+       return 0;
+}
+/* }}} */
+
 /* {{{ openssl -> PHP "bridging" */
 /* true global; readonly after module startup */
 static char default_ssl_conf_filename[MAXPATHLEN];
@@ -384,8 +398,8 @@
 
        /* read in the oids */
        str = CONF_get_string(req->req_config, NULL, "oid_file");
-       if (str)        {
-               BIO * oid_bio = BIO_new_file(str, "r");
+       if (str && !php_openssl_safe_mode_chk(str TSRMLS_CC)) {
+               BIO *oid_bio = BIO_new_file(str, "r");
                if (oid_bio)    {
                        OBJ_create_objects(oid_bio);
                        BIO_free(oid_bio);
@@ -654,6 +668,10 @@
                /* read cert from the named file */
                BIO *in;
 
+               if (php_openssl_safe_mode_chk(Z_STRVAL_PP(val) + 7 TSRMLS_CC)) {
+                       return NULL;
+               }
+
                in = BIO_new_file(Z_STRVAL_PP(val) + 7, "r");
                if (in == NULL)
                        return NULL;
@@ -705,6 +723,10 @@
                return;
        }
 
+       if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+               return;
+       }
+
        bio_out = BIO_new_file(filename, "w");
        if (bio_out)    {
                if (!notext)
@@ -900,6 +922,10 @@
                goto end;
        }
 
+       if (php_openssl_safe_mode_chk(certfile TSRMLS_CC)) {
+               goto end;
+       }
+
        if(!(in=BIO_new_file(certfile, "r"))) {
                zend_error(E_WARNING, "%s(): error opening the file, %s", 
get_active_function_name(TSRMLS_C), certfile);
                goto end;
@@ -1286,8 +1312,12 @@
        if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", 7) == 0)
                filename = Z_STRVAL_PP(val) + 7;
 
-       if (filename)
+       if (filename) {
+               if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+                       return NULL;
+               }
                in = BIO_new_file(filename, "r");
+       }       
        else
                in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val));
        
@@ -1320,6 +1350,10 @@
                return;
        }
 
+       if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+               return;
+       }
+
        bio_out = BIO_new_file(filename, "w");
        if (bio_out)    {
                if (!notext)
@@ -1669,7 +1703,11 @@
                else    {
                        /* we want the private key */
                        if (filename)   {
-                               BIO *in = BIO_new_file(filename, "r");
+                               BIO *in;
+                               if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+                                       return NULL;
+                               }
+                               in = BIO_new_file(filename, "r");
                                if (in == NULL)
                                        return NULL;
                                key = PEM_read_bio_PrivateKey(in, NULL,NULL, 
passphrase);
@@ -1793,6 +1831,10 @@
                RETURN_FALSE;
        }
        
+       if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
+       
        PHP_SSL_REQ_INIT(&req);
 
        if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS)
@@ -1972,6 +2014,10 @@
        if (!store)
                goto clean_exit;
 
+       if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+               goto clean_exit;
+       }
+
        in = BIO_new_file(filename, (flags & PKCS7_BINARY) ? "rb" : "r");
        if (in == NULL)
                goto clean_exit;
@@ -1990,8 +2036,14 @@
 
                RETVAL_TRUE;
 
-               if (signersfilename)    {
-                       BIO * certout = BIO_new_file(signersfilename, "w");
+               if (signersfilename) {
+                       BIO *certout;
+               
+                       if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+                               goto clean_exit;
+                       }
+               
+                       certout = BIO_new_file(signersfilename, "w");
                        if (certout)    {
                                int i;
                                signers = PKCS7_get0_signers(p7, NULL, flags);
@@ -2046,6 +2098,10 @@
                                &outfilename, &outfilename_len, &zrecipcerts, 
&zheaders, &flags) == FAILURE)
                return;
 
+       if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || 
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
+               return;
+       }
+
        infile = BIO_new_file(infilename, "r");
        if (infile == NULL)
                goto clean_exit;
@@ -2190,6 +2246,10 @@
                goto clean_exit;
        }
 
+       if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || 
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
+               goto clean_exit;
+       }
+
        infile = BIO_new_file(infilename, "r");
        if (infile == NULL)     {
                zend_error(E_WARNING, "%s(): error opening input file %s!", 
get_active_function_name(TSRMLS_C), infilename);
@@ -2273,6 +2333,10 @@
        key = php_openssl_evp_from_zval(recipkey ? &recipkey : &recipcert, 0, "", 0, 
&keyresval TSRMLS_CC);
        if (key == NULL)        {
                zend_error(E_WARNING, "%s(): unable to get private key", 
get_active_function_name(TSRMLS_C));
+               goto clean_exit;
+       }
+       
+       if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || 
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
                goto clean_exit;
        }
 



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to