[PHP-CVS-DAILY] cvs: php-src / ChangeLog
changelog Sun Jul 30 01:31:08 2006 UTC Modified files: /php-srcChangeLog Log: ChangeLog update http://cvs.php.net/viewvc.cgi/php-src/ChangeLog?r1=1.2406r2=1.2407diff_format=u Index: php-src/ChangeLog diff -u php-src/ChangeLog:1.2406 php-src/ChangeLog:1.2407 --- php-src/ChangeLog:1.2406Sat Jul 29 01:31:19 2006 +++ php-src/ChangeLog Sun Jul 30 01:31:07 2006 @@ -1,3 +1,89 @@ +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* (PHP_5_2) + ext/openssl/openssl.c: + - MFH: make the test more obvious and add an explanation + +* ext/openssl/openssl.c: + - make the test more obvious and add an explanation + +* (PHP_5_2) + ext/openssl/openssl.c: + - vi happiness++ + +2006-07-29 Antony Dovgal [EMAIL PROTECTED] + +* ext/openssl/tests/bug38255.phpt: + MFB: improve test + +* (PHP_5_2) + ext/openssl/tests/bug38255.phpt: + improve test + +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* ext/openssl/openssl.c + ext/openssl/openssl.c: + - #38255, fails on array as well + +* (PHP_5_2) + NEWS: + - entry for #37820 and leak + +* (PHP_5_2) + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820key.pem + ext/openssl/tests/bug38255.phpt: + - forgot the tests + +* ext/openssl/openssl.c + ext/openssl/tests/bug38255.phpt + ext/openssl/tests/bug38255.phpt: + - MFH: #38255, fix possible leak in php_openssl_evp_from_zval + +* (PHP_5_2) + ext/openssl/openssl.c: + - fix leak when the key is not a valid key (like false or an array) + +* ext/openssl/openssl.c + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820key.pem + ext/openssl/tests/bug37820key.pem: + - #37820, add support for algorithm type in openssl_verify() + +2006-07-29 Seiji Masugata [EMAIL PROTECTED] + +* ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_substr.phpt + ext/mbstring/tests/mb_substr.phpt + ext/mbstring/tests/mb_substr.phpt: + fix tests. + +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* (PHP_5_2) + ext/filter/logical_filters.c + ext/filter/tests/bug8315.phpt: + - #8315, flaot is affected too + +* ext/filter/logical_filters.c + ext/filter/package.xml + ext/filter/tests/bug8315.phpt: + - MFH: #8315, NULL character stops the validation + +* (PHP_5_2) + ext/filter/logical_filters.c + ext/filter/package.xml + ext/filter/tests/bug8315.phpt + ext/filter/tests/bug8315.phpt: + - #8315, NULL character stops the validation + 2006-07-28 Hannes Magnusson [EMAIL PROTECTED] * ext/date/tests/date_constants.phpt:
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/filter logical_filters.c /ext/filter/tests bug8315.phpt
pajoye Sat Jul 29 12:43:21 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-src/ext/filter/tests bug8315.phpt Log: - #8315, flaot is affected too http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.4r2=1.1.2.5diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.4 php-src/ext/filter/logical_filters.c:1.1.2.5 --- php-src/ext/filter/logical_filters.c:1.1.2.4Sat Jul 29 01:26:55 2006 +++ php-src/ext/filter/logical_filters.cSat Jul 29 12:43:21 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.4 2006/07/29 01:26:55 pajoye Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.5 2006/07/29 12:43:21 pajoye Exp $ */ #include php_filter.h #include filter_private.h @@ -330,6 +330,7 @@ } i++; str[i] = '\0'; + end = str + i - 1; } if (*str == '-') { @@ -423,6 +424,9 @@ } stateT: + if ((str -1) != end) { + goto stateError; + } if (exp_value) { exp_value *= exp_multiply; ret_val *= pow(10, exp_value); http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug8315.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u Index: php-src/ext/filter/tests/bug8315.phpt diff -u php-src/ext/filter/tests/bug8315.phpt:1.1.2.1 php-src/ext/filter/tests/bug8315.phpt:1.1.2.2 --- php-src/ext/filter/tests/bug8315.phpt:1.1.2.1 Sat Jul 29 01:26:55 2006 +++ php-src/ext/filter/tests/bug8315.phpt Sat Jul 29 12:43:21 2006 @@ -5,6 +5,9 @@ $var=3.chr(0).foo; var_dump(filter_data($var, FILTER_VALIDATE_INT)); +$var=3.chr(0).foo; +var_dump(filter_data($var, FILTER_VALIDATE_FLOAT)); ? --EXPECTF-- bool(false) +bool(false) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/filter logical_filters.c /ext/filter/tests bug8315.phpt
pajoye Sat Jul 29 12:46:16 2006 UTC Modified files: /php-src/ext/filter logical_filters.c /php-src/ext/filter/tests bug8315.phpt Log: - MFH: #8315, float is affected too http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.5r2=1.6diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.5 php-src/ext/filter/logical_filters.c:1.6 --- php-src/ext/filter/logical_filters.c:1.5Sat Jul 29 01:27:47 2006 +++ php-src/ext/filter/logical_filters.cSat Jul 29 12:46:16 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.5 2006/07/29 01:27:47 pajoye Exp $ */ +/* $Id: logical_filters.c,v 1.6 2006/07/29 12:46:16 pajoye Exp $ */ #include php_filter.h #include filter_private.h @@ -330,6 +330,7 @@ } i++; str[i] = '\0'; + end = str + i - 1; } if (*str == '-') { @@ -423,6 +424,9 @@ } stateT: + if ((str -1) != end) { + goto stateError; + } if (exp_value) { exp_value *= exp_multiply; ret_val *= pow(10, exp_value); http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug8315.phpt?r1=1.2r2=1.3diff_format=u Index: php-src/ext/filter/tests/bug8315.phpt diff -u php-src/ext/filter/tests/bug8315.phpt:1.2 php-src/ext/filter/tests/bug8315.phpt:1.3 --- php-src/ext/filter/tests/bug8315.phpt:1.2 Sat Jul 29 01:27:47 2006 +++ php-src/ext/filter/tests/bug8315.phpt Sat Jul 29 12:46:16 2006 @@ -5,6 +5,9 @@ $var=3.chr(0).foo; var_dump(filter_data($var, FILTER_VALIDATE_INT)); +$var=3.chr(0).foo; +var_dump(filter_data($var, FILTER_VALIDATE_FLOAT)); ? --EXPECTF-- bool(false) +bool(false) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:09:59 2006 UTC Modified files: /php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt Log: fix tests. http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.4r2=1.5diff_format=u Index: php-src/ext/mbstring/tests/mb_strlen.phpt diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.4 php-src/ext/mbstring/tests/mb_strlen.phpt:1.5 --- php-src/ext/mbstring/tests/mb_strlen.phpt:1.4 Thu Jan 19 20:52:45 2006 +++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:09:59 2006 @@ -21,35 +21,35 @@ // ASCII echo == ASCII ==\n; -print strlen($ascii,'ASCII') . \n; +print mb_strlen($ascii,'ASCII') . \n; print strlen($ascii) . \n; // EUC-JP echo == EUC-JP ==\n; -print strlen($euc_jp,'EUC-JP') . \n; +print mb_strlen($euc_jp,'EUC-JP') . \n; mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n); print strlen($euc_jp) . \n; // SJIS echo == SJIS ==\n; -$sjis = mb_convert_encoding($euc_jp, 'SJIS'); -print strlen($sjis,'SJIS') . \n; +$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP'); +print mb_strlen($sjis,'SJIS') . \n; mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n); print strlen($sjis) . \n; // JIS // Note: either convert_encoding or strlen has problem echo == JIS ==\n; -$jis = mb_convert_encoding($euc_jp, 'JIS'); -print strlen($jis,'JIS') . \n; +$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP'); +print mb_strlen($jis,'JIS') . \n; mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n); print strlen($jis) . \n; // UTF-8 // Note: either convert_encoding or strlen has problem echo == UTF-8 ==\n; -$utf8 = mb_convert_encoding($euc_jp, 'UTF-8'); -print strlen($utf8,'UTF-8') . \n; +$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP'); +print mb_strlen($utf8,'UTF-8') . \n; mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n); print strlen($utf8) . \n; @@ -60,40 +60,36 @@ // Note: PHP Notice, but returns some value $r = strlen($t_ary); echo $r.\n; - // Object -// Note: PHP Catchable error +// Note: PHP Notice, but returns some value $r = strlen($t_obj); echo $r.\n; - // Wrong encoding mb_internal_encoding('EUC-JP'); -$r = strlen($euc_jp, 'BAD_NAME'); +$r = mb_strlen($euc_jp, 'BAD_NAME'); echo $r.\n; + + + ? --EXPECT-- == ASCII == -ERR: Warning - +40 40 == EUC-JP == -ERR: Warning - +43 72 == SJIS == -ERR: Warning - +43 72 == JIS == -ERR: Warning - -121 +43 +90 == UTF-8 == -ERR: Warning - -174 +43 +101 == WRONG PARAMETERS == ERR: Notice 5 @@ -101,3 +97,6 @@ ERR: Notice 6 ERR: Warning + + + http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.4diff_format=u Index: php-src/ext/mbstring/tests/mb_substr.phpt diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3 php-src/ext/mbstring/tests/mb_substr.phpt:1.4 --- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002 +++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:09:59 2006 @@ -4,6 +4,7 @@ ?php extension_loaded('mbstring') or die('skip mbstring not available'); ? --INI-- output_handler= +mbstring.func_overload=0 --FILE-- ?php // TODO: Add more encodings -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:11:09 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt Log: fix tests. http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.3.6.1r2=1.3.6.2diff_format=u Index: php-src/ext/mbstring/tests/mb_strlen.phpt diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.1 php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.2 --- php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.1 Mon May 29 21:08:02 2006 +++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:11:09 2006 @@ -21,35 +21,35 @@ // ASCII echo == ASCII ==\n; -print strlen($ascii,'ASCII') . \n; +print mb_strlen($ascii,'ASCII') . \n; print strlen($ascii) . \n; // EUC-JP echo == EUC-JP ==\n; -print strlen($euc_jp,'EUC-JP') . \n; +print mb_strlen($euc_jp,'EUC-JP') . \n; mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n); print strlen($euc_jp) . \n; // SJIS echo == SJIS ==\n; -$sjis = mb_convert_encoding($euc_jp, 'SJIS'); -print strlen($sjis,'SJIS') . \n; +$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP'); +print mb_strlen($sjis,'SJIS') . \n; mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n); print strlen($sjis) . \n; // JIS // Note: either convert_encoding or strlen has problem echo == JIS ==\n; -$jis = mb_convert_encoding($euc_jp, 'JIS'); -print strlen($jis,'JIS') . \n; +$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP'); +print mb_strlen($jis,'JIS') . \n; mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n); print strlen($jis) . \n; // UTF-8 // Note: either convert_encoding or strlen has problem echo == UTF-8 ==\n; -$utf8 = mb_convert_encoding($euc_jp, 'UTF-8'); -print strlen($utf8,'UTF-8') . \n; +$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP'); +print mb_strlen($utf8,'UTF-8') . \n; mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n); print strlen($utf8) . \n; @@ -66,7 +66,7 @@ echo $r.\n; // Wrong encoding mb_internal_encoding('EUC-JP'); -$r = strlen($euc_jp, 'BAD_NAME'); +$r = mb_strlen($euc_jp, 'BAD_NAME'); echo $r.\n; @@ -76,25 +76,20 @@ --EXPECT-- == ASCII == -ERR: Warning - +40 40 == EUC-JP == -ERR: Warning - +43 72 == SJIS == -ERR: Warning - +43 72 == JIS == -ERR: Warning - -121 +43 +90 == UTF-8 == -ERR: Warning - -174 +43 +101 == WRONG PARAMETERS == ERR: Notice 5 http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.3.20.1diff_format=u Index: php-src/ext/mbstring/tests/mb_substr.phpt diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3 php-src/ext/mbstring/tests/mb_substr.phpt:1.3.20.1 --- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002 +++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:11:09 2006 @@ -4,6 +4,7 @@ ?php extension_loaded('mbstring') or die('skip mbstring not available'); ? --INI-- output_handler= +mbstring.func_overload=0 --FILE-- ?php // TODO: Add more encodings -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:12:22 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt Log: fix tests. http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.2.2.1r2=1.2.2.1.4.1diff_format=u Index: php-src/ext/mbstring/tests/mb_strlen.phpt diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1 php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1.4.1 --- php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1 Mon Jan 19 16:54:22 2004 +++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:12:22 2006 @@ -21,35 +21,35 @@ // ASCII echo == ASCII ==\n; -print strlen($ascii,'ASCII') . \n; +print mb_strlen($ascii,'ASCII') . \n; print strlen($ascii) . \n; // EUC-JP echo == EUC-JP ==\n; -print strlen($euc_jp,'EUC-JP') . \n; +print mb_strlen($euc_jp,'EUC-JP') . \n; mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n); print strlen($euc_jp) . \n; // SJIS echo == SJIS ==\n; -$sjis = mb_convert_encoding($euc_jp, 'SJIS'); -print strlen($sjis,'SJIS') . \n; +$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP'); +print mb_strlen($sjis,'SJIS') . \n; mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n); print strlen($sjis) . \n; // JIS // Note: either convert_encoding or strlen has problem echo == JIS ==\n; -$jis = mb_convert_encoding($euc_jp, 'JIS'); -print strlen($jis,'JIS') . \n; +$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP'); +print mb_strlen($jis,'JIS') . \n; mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n); print strlen($jis) . \n; // UTF-8 // Note: either convert_encoding or strlen has problem echo == UTF-8 ==\n; -$utf8 = mb_convert_encoding($euc_jp, 'UTF-8'); -print strlen($utf8,'UTF-8') . \n; +$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP'); +print mb_strlen($utf8,'UTF-8') . \n; mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n); print strlen($utf8) . \n; @@ -66,7 +66,7 @@ echo $r.\n; // Wrong encoding mb_internal_encoding('EUC-JP'); -$r = strlen($euc_jp, 'BAD_NAME'); +$r = mb_strlen($euc_jp, 'BAD_NAME'); echo $r.\n; @@ -76,28 +76,24 @@ --EXPECT-- == ASCII == -ERR: Warning - +40 40 == EUC-JP == -ERR: Warning - +43 72 == SJIS == -ERR: Warning - +43 72 == JIS == -ERR: Warning - -121 +43 +90 == UTF-8 == -ERR: Warning - -174 +43 +101 == WRONG PARAMETERS == ERR: Notice 5 +ERR: Catchable fatal error ERR: Notice 6 ERR: Warning http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.3.16.1diff_format=u Index: php-src/ext/mbstring/tests/mb_substr.phpt diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3 php-src/ext/mbstring/tests/mb_substr.phpt:1.3.16.1 --- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002 +++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:12:22 2006 @@ -4,6 +4,7 @@ ?php extension_loaded('mbstring') or die('skip mbstring not available'); ? --INI-- output_handler= +mbstring.func_overload=0 --FILE-- ?php // TODO: Add more encodings -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c /ext/openssl/tests bug37820.phpt bug37820cert.pem bug37820key.pem
pajoye Sat Jul 29 21:54:45 2006 UTC Added files: /php-src/ext/openssl/tests bug37820key.pem bug37820cert.pem bug37820.phpt Modified files: /php-src/ext/opensslopenssl.c Log: - #37820, add support for algorithm type in openssl_verify() http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.106r2=1.107diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.106 php-src/ext/openssl/openssl.c:1.107 --- php-src/ext/openssl/openssl.c:1.106 Sun Apr 30 23:45:13 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 21:54:45 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.106 2006/04/30 23:45:13 wez Exp $ */ +/* $Id: openssl.c,v 1.107 2006/07/29 21:54:45 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -563,6 +563,30 @@ } return SUCCESS; } + +static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */ + EVP_MD *mdtype; + + switch (algo) { + case OPENSSL_ALGO_SHA1: + mdtype = (EVP_MD *) EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = (EVP_MD *) EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = (EVP_MD *) EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = (EVP_MD *) EVP_md2(); + break; + default: + return NULL; + break; + } + return mdtype; +} +/* }}} */ /* }}} */ /* {{{ PHP_MINIT_FUNCTION @@ -2860,7 +2884,7 @@ } /* }}} */ -/* {{{ proto bool openssl_sign(string data, string signature, mixed key) +/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int signature_alg]) Signs data */ PHP_FUNCTION(openssl_sign) { @@ -2884,23 +2908,10 @@ RETURN_FALSE; } - switch (signature_algo) { - case OPENSSL_ALGO_SHA1: - mdtype = (EVP_MD *) EVP_sha1(); - break; - case OPENSSL_ALGO_MD5: - mdtype = (EVP_MD *) EVP_md5(); - break; - case OPENSSL_ALGO_MD4: - mdtype = (EVP_MD *) EVP_md4(); - break; - case OPENSSL_ALGO_MD2: - mdtype = (EVP_MD *) EVP_md2(); - break; - default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); - RETURN_FALSE; - break; + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; } siglen = EVP_PKEY_size(pkey); @@ -2931,21 +2942,29 @@ EVP_PKEY *pkey; int err; EVP_MD_CTX md_ctx; + EVP_MD *mdtype; long keyresource = -1; char * data;int data_len; char * signature; int signature_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data, data_len, signature, signature_len, key) == FAILURE) { + long signature_algo = OPENSSL_ALGO_SHA1; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data, data_len, signature, signature_len, key, signature_algo) == FAILURE) { return; } - + + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; + } + pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param cannot be coerced into a public key); RETURN_FALSE; } - EVP_VerifyInit (md_ctx, EVP_sha1()); + EVP_VerifyInit (md_ctx, mdtype); EVP_VerifyUpdate (md_ctx, data, data_len); err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820key.pem?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug37820key.pem +++ php-src/ext/openssl/tests/bug37820key.pem -BEGIN RSA PRIVATE KEY- MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ 2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr 8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
[PHP-CVS] cvs: php-src /ext/openssl openssl.c /ext/openssl/tests bug38255.phpt
pajoye Sat Jul 29 22:24:48 2006 UTC Added files: /php-src/ext/openssl/tests bug38255.phpt Modified files: /php-src/ext/opensslopenssl.c Log: - MFH: #38255, fix possible leak in php_openssl_evp_from_zval http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.107r2=1.108diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.107 php-src/ext/openssl/openssl.c:1.108 --- php-src/ext/openssl/openssl.c:1.107 Sat Jul 29 21:54:45 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:24:48 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.107 2006/07/29 21:54:45 pajoye Exp $ */ +/* $Id: openssl.c,v 1.108 2006/07/29 22:24:48 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1824,6 +1824,9 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + return NULL; + } convert_to_string_ex(val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, sizeof(file://) - 1) == 0) { http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug38255.phpt +++ php-src/ext/openssl/tests/bug38255.phpt --TEST-- openssl key from zval leaks --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); ? --FILE-- ?php $pub_key_id = false; $signature = ''; $ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5); ? --EXPECTF-- Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s/bug38255.php on line %d -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:33 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #38255, fails on array as well http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.1r2=1.98.2.5.2.2diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.1 php-src/ext/openssl/openssl.c:1.98.2.5.2.2 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.1 Sat Jul 29 22:10:49 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:33 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1836,7 +1836,8 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL + || Z_TYPE_PP(val) == IS_ARRAY) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:51 2006 UTC Modified files: /php-src/ext/opensslopenssl.c Log: - #38255, fails on array as well http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.108r2=1.109diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.108 php-src/ext/openssl/openssl.c:1.109 --- php-src/ext/openssl/openssl.c:1.108 Sat Jul 29 22:24:48 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:51 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.108 2006/07/29 22:24:48 pajoye Exp $ */ +/* $Id: openssl.c,v 1.109 2006/07/29 22:39:51 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1824,7 +1824,8 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL + || Z_TYPE_PP(val) == IS_ARRAY) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl/tests bug38255.phpt
tony2001Sat Jul 29 22:41:34 2006 UTC Modified files: /php-src/ext/openssl/tests bug38255.phpt Log: MFB: improve test http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?r1=1.1r2=1.2diff_format=u Index: php-src/ext/openssl/tests/bug38255.phpt diff -u php-src/ext/openssl/tests/bug38255.phpt:1.1 php-src/ext/openssl/tests/bug38255.phpt:1.2 --- php-src/ext/openssl/tests/bug38255.phpt:1.1 Sat Jul 29 22:24:48 2006 +++ php-src/ext/openssl/tests/bug38255.phpt Sat Jul 29 22:41:34 2006 @@ -9,6 +9,47 @@ $pub_key_id = false; $signature = ''; $ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5); + +class test { + function __toString() { + return test object; + } +} +$t = new test; + + +var_dump(openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5)); +var_dump(openssl_verify(foo, $t, $pub_key_id, OPENSSL_ALGO_MD5)); +var_dump(openssl_verify(foo, new stdClass, $pub_key_id, OPENSSL_ALGO_MD5)); +var_dump(openssl_verify(foo, new stdClass, array(), OPENSSL_ALGO_MD5)); +var_dump(openssl_verify(foo, array(), array(), OPENSSL_ALGO_MD5)); +var_dump(openssl_verify()); +var_dump(openssl_verify(new stdClass, new stdClass, array(), 1)); + +echo Done\n; + ? --EXPECTF-- -Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s/bug38255.php on line %d +Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d + +Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d +bool(false) + +Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d +bool(false) + +Warning: openssl_verify() expects parameter 2 to be string, object given in %s on line %d +NULL + +Warning: openssl_verify() expects parameter 2 to be string, object given in %s on line %d +NULL + +Warning: openssl_verify() expects parameter 2 to be string, array given in %s on line %d +NULL + +Warning: openssl_verify() expects at least 3 parameters, 0 given in %s on line %d +NULL + +Warning: openssl_verify() expects parameter 1 to be string, object given in %s on line %d +NULL +Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl/tests bug37820.phpt bug37820cert.pem bug37820key.pem bug38255.phpt
pajoye Sat Jul 29 22:27:54 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug38255.phpt bug37820key.pem bug37820cert.pem bug37820.phpt Log: - forgot the tests http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug38255.phpt +++ php-src/ext/openssl/tests/bug38255.phpt --TEST-- openssl key from zval leaks --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); ? --FILE-- ?php $pub_key_id = false; $signature = ''; $ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5); ? --EXPECTF-- Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s/bug38255.php on line %d http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820key.pem?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug37820key.pem +++ php-src/ext/openssl/tests/bug37820key.pem -BEGIN RSA PRIVATE KEY- MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ 2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr 8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7 WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA 6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg= -END RSA PRIVATE KEY- http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820cert.pem?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug37820cert.pem +++ php-src/ext/openssl/tests/bug37820cert.pem -BEGIN CERTIFICATE- MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX 9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4= -END CERTIFICATE- http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug37820.phpt +++ php-src/ext/openssl/tests/bug37820.phpt --TEST-- openssl_sign/verify: accept different algos --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); ? --FILE-- ?php $dir = dirname(__FILE__); $file_pub = $dir . '/bug37820cert.pem'; $file_key = $dir . '/bug37820key.pem'; $priv_key = file_get_contents($file_key); $priv_key_id = openssl_get_privatekey($priv_key); $pub_key = file_get_contents($file_pub); $pub_key_id = openssl_get_publickey($pub_key); $data = some custom data; if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) { echo openssl_sign failed.; } $ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5); if ($ok == 1) { echo Ok; } elseif ($ok == 0) { echo openssl_verify failed.; } ? --EXPECTF-- Ok -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:37 2006 UTC Modified files: /php-src/ext/opensslopenssl.c Log: - make the test more obvious and add an explanation http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.109r2=1.110diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.109 php-src/ext/openssl/openssl.c:1.110 --- php-src/ext/openssl/openssl.c:1.109 Sat Jul 29 22:39:51 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:37 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.109 2006/07/29 22:39:51 pajoye Exp $ */ +/* $Id: openssl.c,v 1.110 2006/07/29 23:03:37 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1824,8 +1824,10 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL - || Z_TYPE_PP(val) == IS_ARRAY) { + /* passing non string values leaks, object uses toString, it returns NULL +* bug38255.phpt +*/ + if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:55 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - MFH: make the test more obvious and add an explanation http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.3r2=1.98.2.5.2.4diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.3 php-src/ext/openssl/openssl.c:1.98.2.5.2.4 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.3 Sat Jul 29 22:52:48 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:55 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1847,8 +1847,10 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL - || Z_TYPE_PP(val) == IS_ARRAY) { + /* passing non string values leaks, object uses toString, it returns NULL +* See bug38255.phpt +*/ + if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:10:49 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - fix leak when the key is not a valid key (like false or an array) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5r2=1.98.2.5.2.1diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5 php-src/ext/openssl/openssl.c:1.98.2.5.2.1 --- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -577,6 +577,30 @@ } return SUCCESS; } + +static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */ + EVP_MD *mdtype; + + switch (algo) { + case OPENSSL_ALGO_SHA1: + mdtype = (EVP_MD *) EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = (EVP_MD *) EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = (EVP_MD *) EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = (EVP_MD *) EVP_md2(); + break; + default: + return NULL; + break; + } + return mdtype; +} +/* }}} */ /* }}} */ /* {{{ PHP_MINIT_FUNCTION @@ -1812,6 +1836,9 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + return NULL; + } convert_to_string_ex(val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, sizeof(file://) - 1) == 0) { @@ -2872,7 +2899,7 @@ } /* }}} */ -/* {{{ proto bool openssl_sign(string data, string signature, mixed key) +/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int signature_alg]) Signs data */ PHP_FUNCTION(openssl_sign) { @@ -2896,23 +2923,10 @@ RETURN_FALSE; } - switch (signature_algo) { - case OPENSSL_ALGO_SHA1: - mdtype = (EVP_MD *) EVP_sha1(); - break; - case OPENSSL_ALGO_MD5: - mdtype = (EVP_MD *) EVP_md5(); - break; - case OPENSSL_ALGO_MD4: - mdtype = (EVP_MD *) EVP_md4(); - break; - case OPENSSL_ALGO_MD2: - mdtype = (EVP_MD *) EVP_md2(); - break; - default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); - RETURN_FALSE; - break; + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; } siglen = EVP_PKEY_size(pkey); @@ -2943,21 +2957,29 @@ EVP_PKEY *pkey; int err; EVP_MD_CTX md_ctx; + EVP_MD *mdtype; long keyresource = -1; char * data;int data_len; char * signature; int signature_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data, data_len, signature, signature_len, key) == FAILURE) { + long signature_algo = OPENSSL_ALGO_SHA1; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data, data_len, signature, signature_len, key, signature_algo) == FAILURE) { return; } - + + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; + } + pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param cannot be coerced into a public key); RETURN_FALSE; } - EVP_VerifyInit (md_ctx, EVP_sha1()); + EVP_VerifyInit (md_ctx, mdtype); EVP_VerifyUpdate (md_ctx, data, data_len); err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:52:48 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - vi happiness++ http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.2r2=1.98.2.5.2.3diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.2 php-src/ext/openssl/openssl.c:1.98.2.5.2.3 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.2 Sat Jul 29 22:39:33 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:52:48 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -156,10 +156,11 @@ static int le_csr; static int ssl_stream_data_index; -int php_openssl_get_x509_list_id(void) +int php_openssl_get_x509_list_id(void) /* {{{ */ { return le_x509; } +/* }}} */ /* {{{ resource destructors */ static void php_pkey_free(zend_rsrc_list_entry *rsrc TSRMLS_DC) @@ -202,7 +203,7 @@ /* true global; readonly after module startup */ static char default_ssl_conf_filename[MAXPATHLEN]; -struct php_x509_request { +struct php_x509_request { /* {{{ */ LHASH * global_config; /* Global SSL config */ LHASH * req_config; /* SSL config for this request */ const EVP_MD * md_alg; @@ -219,7 +220,7 @@ EVP_PKEY * priv_key; }; - +/* }}} */ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * resourceval TSRMLS_DC); static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * passphrase, int makeresource, long * resourceval TSRMLS_DC); @@ -230,7 +231,7 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req TSRMLS_DC); -static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) +static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) /* {{{ */ { zval *subitem, *subentries; int i, j = -1, last = -1, obj_cnt = 0; @@ -285,13 +286,15 @@ } zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void *)subitem, sizeof(subitem), NULL); } +/* }}} */ -static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) +static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) /* {{{ */ { add_assoc_stringl(val, key, str-data, str-length, 1); } +/* }}} */ -static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) +static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */ { /* This is how the time string is formatted: @@ -359,12 +362,14 @@ return ret; } +/* }}} */ static inline int php_openssl_config_check_syntax( const char * section_label, const char * config_filename, const char * section, - LHASH * config TSRMLS_DC) + LHASH * config TSRMLS_DC + ) /* {{{ */ { X509V3_CTX ctx; @@ -379,8 +384,9 @@ } return SUCCESS; } +/* }}} */ -static int add_oid_section(struct php_x509_request * req TSRMLS_DC) +static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */ { char * str; STACK_OF(CONF_VALUE) * sktmp; @@ -405,6 +411,7 @@ } return SUCCESS; } +/* }}} */ #define PHP_SSL_REQ_INIT(req) memset(req, 0, sizeof(*req)) #define PHP_SSL_REQ_DISPOSE(req) php_openssl_dispose_config(req TSRMLS_CC) @@ -431,7 +438,7 @@ struct php_x509_request * req, zval * optional_args TSRMLS_DC - ) + ) /* {{{ */ { char * str; zval ** item; @@ -509,8 +516,9 @@ return SUCCESS; } +/* }}} */ -static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC) +static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC) /* {{{ */ { if (req-priv_key) { EVP_PKEY_free(req-priv_key); @@ -525,8 +533,9 @@ req-req_config = NULL; } } +/* }}} */ -static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *seeded) +static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *seeded) /* {{{ */ { char buffer[MAXPATHLEN]; @@ -556,8 +565,9 @@ *seeded = 1; return SUCCESS; } +/* }}} */ -static int php_openssl_write_rand_file(const char * file, int egdsocket, int seeded) +static int php_openssl_write_rand_file(const char * file, int egdsocket, int seeded) /* {{{ */ { char buffer[MAXPATHLEN]; @@ -577,6 +587,7 @@ } return SUCCESS; } +/* }}} */ static EVP_MD * php_openssl_get_evp_md_from_algo(long algo)
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/standard array.c
andrei Sun Jul 30 03:31:18 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard array.c Log: Make array_merge(_recursive) handle binary keys safely. (Patch by Matt W) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.308.2.21.2.8r2=1.308.2.21.2.9diff_format=u Index: php-src/ext/standard/array.c diff -u php-src/ext/standard/array.c:1.308.2.21.2.8 php-src/ext/standard/array.c:1.308.2.21.2.9 --- php-src/ext/standard/array.c:1.308.2.21.2.8 Mon Jul 24 18:18:33 2006 +++ php-src/ext/standard/array.cSun Jul 30 03:31:18 2006 @@ -21,7 +21,7 @@ +--+ */ -/* $Id: array.c,v 1.308.2.21.2.8 2006/07/24 18:18:33 andrei Exp $ */ +/* $Id: array.c,v 1.308.2.21.2.9 2006/07/30 03:31:18 andrei Exp $ */ #include php.h #include php_ini.h @@ -2328,7 +2328,7 @@ } else { (*src_entry)-refcount++; - zend_hash_update(dest, string_key, strlen(string_key)+1, + zend_hash_update(dest, string_key, string_key_len, src_entry, sizeof(zval *), NULL); } break; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php