cataphract                               Mon, 12 Sep 2011 17:23:10 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=316562

Log:
- Fixed bug #55646: textual data is returned in UTF-8, but is input in
  another encoding. 5.4 only as this implies a BC break.

Bug: https://bugs.php.net/55646 (Open) decoding csr corrupts UTF8 characters
      
Changed paths:
    U   php/php-src/branches/PHP_5_4/UPGRADING
    U   php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
    U   php/php-src/trunk/ext/openssl/openssl.c

Modified: php/php-src/branches/PHP_5_4/UPGRADING
===================================================================
--- php/php-src/branches/PHP_5_4/UPGRADING      2011-09-12 17:20:44 UTC (rev 
316561)
+++ php/php-src/branches/PHP_5_4/UPGRADING      2011-09-12 17:23:10 UTC (rev 
316562)
@@ -198,6 +198,7 @@
 - Write operations within XSLT (for example with the extension sax:output) are
   disabled by default. You can define what is forbidden with the method
   XsltProcess::setSecurityPrefs($options)
+- openssl_csr_new() expects the textual data to be in UTF-8.

 ===================================
 5. Changes made to existing methods

Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
===================================================================
--- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-09-12 17:20:44 UTC 
(rev 316561)
+++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-09-12 17:23:10 UTC 
(rev 316562)
@@ -2096,10 +2096,14 @@

                                nid = OBJ_txt2nid(strindex);
                                if (nid != NID_undef) {
-                                       if (!X509_NAME_add_entry_by_NID(subj, 
nid, MBSTRING_ASC,
+                                       if (!X509_NAME_add_entry_by_NID(subj, 
nid, MBSTRING_UTF8,
                                                                (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0))
                                        {
-                                               php_error_docref(NULL 
TSRMLS_CC, E_WARNING, "dn: add_entry_by_NID %d -> %s (failed)", nid, 
Z_STRVAL_PP(item));
+                                               php_error_docref(NULL 
TSRMLS_CC, E_WARNING,
+                                                       "dn: add_entry_by_NID 
%d -> %s (failed; check error"
+                                                       " queue and value of 
string_mask OpenSSL option "
+                                                       "if illegal characters 
are reported)",
+                                                       nid, Z_STRVAL_PP(item));
                                                return FAILURE;
                                        }
                                } else {
@@ -2148,7 +2152,7 @@
                        if (X509_NAME_get_index_by_NID(subj, nid, -1) >= 0) {
                                continue;
                        }
-                       if (!X509_NAME_add_entry_by_txt(subj, type, 
MBSTRING_ASC, (unsigned char*)v->value, -1, -1, 0)) {
+                       if (!X509_NAME_add_entry_by_txt(subj, type, 
MBSTRING_UTF8, (unsigned char*)v->value, -1, -1, 0)) {
                                php_error_docref(NULL TSRMLS_CC, E_WARNING, 
"add_entry_by_txt %s -> %s (failed)", type, v->value);
                                return FAILURE;
                        }
@@ -2172,7 +2176,7 @@

                                        nid = OBJ_txt2nid(strindex);
                                        if (nid != NID_undef) {
-                                               if 
(!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_ASC, (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0)) {
+                                               if 
(!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0)) {
                                                        php_error_docref(NULL 
TSRMLS_CC, E_WARNING, "attribs: add_entry_by_NID %d -> %s (failed)", nid, 
Z_STRVAL_PP(item));
                                                        return FAILURE;
                                                }
@@ -2189,8 +2193,12 @@
                                if (X509_REQ_get_attr_by_NID(csr, nid, -1) >= 
0) {
                                        continue;
                                }
-                               if (!X509_REQ_add1_attr_by_txt(csr, v->name, 
MBSTRING_ASC, (unsigned char*)v->value, -1)) {
-                                       php_error_docref(NULL TSRMLS_CC, 
E_WARNING, "add1_attr_by_txt %s -> %s (failed)", v->name, v->value);
+                               if (!X509_REQ_add1_attr_by_txt(csr, v->name, 
MBSTRING_UTF8, (unsigned char*)v->value, -1)) {
+                                       php_error_docref(NULL TSRMLS_CC, 
E_WARNING,
+                                               "add1_attr_by_txt %s -> %s 
(failed; check error queue "
+                                               "and value of string_mask 
OpenSSL option if illegal "
+                                               "characters are reported)",
+                                               v->name, v->value);
                                        return FAILURE;
                                }
                        }

Modified: php/php-src/trunk/ext/openssl/openssl.c
===================================================================
--- php/php-src/trunk/ext/openssl/openssl.c     2011-09-12 17:20:44 UTC (rev 
316561)
+++ php/php-src/trunk/ext/openssl/openssl.c     2011-09-12 17:23:10 UTC (rev 
316562)
@@ -2092,10 +2092,14 @@

                                nid = OBJ_txt2nid(strindex);
                                if (nid != NID_undef) {
-                                       if (!X509_NAME_add_entry_by_NID(subj, 
nid, MBSTRING_ASC,
+                                       if (!X509_NAME_add_entry_by_NID(subj, 
nid, MBSTRING_UTF8,
                                                                (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0))
                                        {
-                                               php_error_docref(NULL 
TSRMLS_CC, E_WARNING, "dn: add_entry_by_NID %d -> %s (failed)", nid, 
Z_STRVAL_PP(item));
+                                               php_error_docref(NULL 
TSRMLS_CC, E_WARNING,
+                                                       "dn: add_entry_by_NID 
%d -> %s (failed; check error"
+                                                       " queue and value of 
string_mask OpenSSL option "
+                                                       "if illegal characters 
are reported)",
+                                                       nid, Z_STRVAL_PP(item));
                                                return FAILURE;
                                        }
                                } else {
@@ -2144,7 +2148,7 @@
                        if (X509_NAME_get_index_by_NID(subj, nid, -1) >= 0) {
                                continue;
                        }
-                       if (!X509_NAME_add_entry_by_txt(subj, type, 
MBSTRING_ASC, (unsigned char*)v->value, -1, -1, 0)) {
+                       if (!X509_NAME_add_entry_by_txt(subj, type, 
MBSTRING_UTF8, (unsigned char*)v->value, -1, -1, 0)) {
                                php_error_docref(NULL TSRMLS_CC, E_WARNING, 
"add_entry_by_txt %s -> %s (failed)", type, v->value);
                                return FAILURE;
                        }
@@ -2168,7 +2172,7 @@

                                        nid = OBJ_txt2nid(strindex);
                                        if (nid != NID_undef) {
-                                               if 
(!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_ASC, (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0)) {
+                                               if 
(!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, (unsigned 
char*)Z_STRVAL_PP(item), -1, -1, 0)) {
                                                        php_error_docref(NULL 
TSRMLS_CC, E_WARNING, "attribs: add_entry_by_NID %d -> %s (failed)", nid, 
Z_STRVAL_PP(item));
                                                        return FAILURE;
                                                }
@@ -2185,8 +2189,12 @@
                                if (X509_REQ_get_attr_by_NID(csr, nid, -1) >= 
0) {
                                        continue;
                                }
-                               if (!X509_REQ_add1_attr_by_txt(csr, v->name, 
MBSTRING_ASC, (unsigned char*)v->value, -1)) {
-                                       php_error_docref(NULL TSRMLS_CC, 
E_WARNING, "add1_attr_by_txt %s -> %s (failed)", v->name, v->value);
+                               if (!X509_REQ_add1_attr_by_txt(csr, v->name, 
MBSTRING_UTF8, (unsigned char*)v->value, -1)) {
+                                       php_error_docref(NULL TSRMLS_CC, 
E_WARNING,
+                                               "add1_attr_by_txt %s -> %s 
(failed; check error queue "
+                                               "and value of string_mask 
OpenSSL option if illegal "
+                                               "characters are reported)",
+                                               v->name, v->value);
                                        return FAILURE;
                                }
                        }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to