wez Thu Jun 30 10:25:41 2005 EDT
Modified files:
/php-src/ext/openssl openssl.c
Log:
Add optional parameter to openssl_pkcs7_verify() which specifies the name
of a file that will be filled with the verified data, but with the signature
information stripped.
Patch by Marton Kenyeres, mkenyeres (at) konvergencia dot hu
http://cvs.php.net/diff.php/php-src/ext/openssl/openssl.c?r1=1.96&r2=1.97&ty=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.96 php-src/ext/openssl/openssl.c:1.97
--- php-src/ext/openssl/openssl.c:1.96 Tue Apr 19 18:04:25 2005
+++ php-src/ext/openssl/openssl.c Thu Jun 30 10:25:39 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: openssl.c,v 1.96 2005/04/19 22:04:25 sniper Exp $ */
+/* $Id: openssl.c,v 1.97 2005/06/30 14:25:39 wez Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -2152,7 +2152,7 @@
/* {{{ PKCS7 S/MIME functions */
-/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string
signerscerts [, array cainfo [, string extracerts]]])
+/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string
signerscerts [, array cainfo [, string extracerts [, string content]]]])
Verifys that the data block is intact, the signer is who they say they are,
and returns the CERTs of the signers */
PHP_FUNCTION(openssl_pkcs7_verify)
{
@@ -2161,17 +2161,18 @@
STACK_OF(X509) *signers= NULL;
STACK_OF(X509) *others = NULL;
PKCS7 * p7 = NULL;
- BIO * in = NULL, * datain = NULL;
+ BIO * in = NULL, * datain = NULL, * dataout = NULL;
long flags = 0;
char * filename; int filename_len;
char * extracerts = NULL; int extracerts_len;
char * signersfilename = NULL; int signersfilename_len;
+ char * datafilename = NULL; int datafilename_len;
RETVAL_LONG(-1);
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sas",
&filename, &filename_len,
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sass",
&filename, &filename_len,
&flags, &signersfilename, &signersfilename_len,
&cainfo,
- &extracerts, &extracerts_len) == FAILURE) {
+ &extracerts, &extracerts_len, &datafilename,
&datafilename_len) == FAILURE) {
return;
}
@@ -2204,18 +2205,30 @@
#endif
goto clean_exit;
}
+
+ if (datafilename) {
+
+ if (php_openssl_safe_mode_chk(datafilename TSRMLS_CC)) {
+ goto clean_exit;
+ }
+
+ dataout = BIO_new_file(datafilename, "w");
+ if (dataout == NULL) {
+ goto clean_exit;
+ }
+ }
#if DEBUG_SMIME
zend_printf("Calling PKCS7 verify\n");
#endif
- if (PKCS7_verify(p7, others, store, datain, NULL, flags)) {
+ if (PKCS7_verify(p7, others, store, datain, dataout, flags)) {
RETVAL_TRUE;
if (signersfilename) {
BIO *certout;
- if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
+ if (php_openssl_safe_mode_chk(signersfilename
TSRMLS_CC)) {
goto clean_exit;
}
@@ -2242,6 +2255,7 @@
X509_STORE_free(store);
BIO_free(datain);
BIO_free(in);
+ BIO_free(dataout);
PKCS7_free(p7);
sk_X509_free(others);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
