iliaa Sun Nov 10 00:19:39 2002 EDT
Modified files:
/php4/ext/openssl openssl.c
Log:
Fixed bug #19935. Made OpenSSL file system operations abide by safe_mode
& open_basedir restrictions.
Index: php4/ext/openssl/openssl.c
diff -u php4/ext/openssl/openssl.c:1.51 php4/ext/openssl/openssl.c:1.52
--- php4/ext/openssl/openssl.c:1.51 Sat Aug 10 16:19:46 2002
+++ php4/ext/openssl/openssl.c Sun Nov 10 00:19:39 2002
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: openssl.c,v 1.51 2002/08/10 20:19:46 wez Exp $ */
+/* $Id: openssl.c,v 1.52 2002/11/10 05:19:39 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -158,6 +158,20 @@
}
/* }}} */
+/* {{{ openssl safe_mode & open_basedir checks */
+inline static int php_openssl_safe_mode_chk(char *filename TSRMLS_DC)
+{
+ if (PG(safe_mode) && (!php_checkuid(filename, NULL,
+CHECKUID_CHECK_FILE_AND_DIR))) {
+ return -1;
+ }
+ if (php_check_open_basedir(filename TSRMLS_CC)) {
+ return -1;
+ }
+
+ return 0;
+}
+/* }}} */
+
/* {{{ openssl -> PHP "bridging" */
/* true global; readonly after module startup */
static char default_ssl_conf_filename[MAXPATHLEN];
@@ -384,8 +398,8 @@
/* read in the oids */
str = CONF_get_string(req->req_config, NULL, "oid_file");
- if (str) {
- BIO * oid_bio = BIO_new_file(str, "r");
+ if (str && !php_openssl_safe_mode_chk(str TSRMLS_CC)) {
+ BIO *oid_bio = BIO_new_file(str, "r");
if (oid_bio) {
OBJ_create_objects(oid_bio);
BIO_free(oid_bio);
@@ -654,6 +668,10 @@
/* read cert from the named file */
BIO *in;
+ if (php_openssl_safe_mode_chk(Z_STRVAL_PP(val) + 7 TSRMLS_CC)) {
+ return NULL;
+ }
+
in = BIO_new_file(Z_STRVAL_PP(val) + 7, "r");
if (in == NULL)
return NULL;
@@ -705,6 +723,10 @@
return;
}
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ return;
+ }
+
bio_out = BIO_new_file(filename, "w");
if (bio_out) {
if (!notext)
@@ -900,6 +922,10 @@
goto end;
}
+ if (php_openssl_safe_mode_chk(certfile TSRMLS_CC)) {
+ goto end;
+ }
+
if(!(in=BIO_new_file(certfile, "r"))) {
zend_error(E_WARNING, "%s(): error opening the file, %s",
get_active_function_name(TSRMLS_C), certfile);
goto end;
@@ -1286,8 +1312,12 @@
if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", 7) == 0)
filename = Z_STRVAL_PP(val) + 7;
- if (filename)
+ if (filename) {
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ return NULL;
+ }
in = BIO_new_file(filename, "r");
+ }
else
in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val));
@@ -1320,6 +1350,10 @@
return;
}
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ return;
+ }
+
bio_out = BIO_new_file(filename, "w");
if (bio_out) {
if (!notext)
@@ -1669,7 +1703,11 @@
else {
/* we want the private key */
if (filename) {
- BIO *in = BIO_new_file(filename, "r");
+ BIO *in;
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ return NULL;
+ }
+ in = BIO_new_file(filename, "r");
if (in == NULL)
return NULL;
key = PEM_read_bio_PrivateKey(in, NULL,NULL,
passphrase);
@@ -1793,6 +1831,10 @@
RETURN_FALSE;
}
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ RETURN_FALSE;
+ }
+
PHP_SSL_REQ_INIT(&req);
if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS)
@@ -1972,6 +2014,10 @@
if (!store)
goto clean_exit;
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ goto clean_exit;
+ }
+
in = BIO_new_file(filename, (flags & PKCS7_BINARY) ? "rb" : "r");
if (in == NULL)
goto clean_exit;
@@ -1990,8 +2036,14 @@
RETVAL_TRUE;
- if (signersfilename) {
- BIO * certout = BIO_new_file(signersfilename, "w");
+ if (signersfilename) {
+ BIO *certout;
+
+ if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ goto clean_exit;
+ }
+
+ certout = BIO_new_file(signersfilename, "w");
if (certout) {
int i;
signers = PKCS7_get0_signers(p7, NULL, flags);
@@ -2046,6 +2098,10 @@
&outfilename, &outfilename_len, &zrecipcerts,
&zheaders, &flags) == FAILURE)
return;
+ if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) ||
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
+ return;
+ }
+
infile = BIO_new_file(infilename, "r");
if (infile == NULL)
goto clean_exit;
@@ -2190,6 +2246,10 @@
goto clean_exit;
}
+ if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) ||
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
+ goto clean_exit;
+ }
+
infile = BIO_new_file(infilename, "r");
if (infile == NULL) {
zend_error(E_WARNING, "%s(): error opening input file %s!",
get_active_function_name(TSRMLS_C), infilename);
@@ -2273,6 +2333,10 @@
key = php_openssl_evp_from_zval(recipkey ? &recipkey : &recipcert, 0, "", 0,
&keyresval TSRMLS_CC);
if (key == NULL) {
zend_error(E_WARNING, "%s(): unable to get private key",
get_active_function_name(TSRMLS_C));
+ goto clean_exit;
+ }
+
+ if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) ||
+php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
goto clean_exit;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
