[PHP-CVS-DAILY] cvs: php-src / ChangeLog
changelog Sun Jul 30 01:31:08 2006 UTC Modified files: /php-srcChangeLog Log: ChangeLog update http://cvs.php.net/viewvc.cgi/php-src/ChangeLog?r1=1.2406r2=1.2407diff_format=u Index: php-src/ChangeLog diff -u php-src/ChangeLog:1.2406 php-src/ChangeLog:1.2407 --- php-src/ChangeLog:1.2406Sat Jul 29 01:31:19 2006 +++ php-src/ChangeLog Sun Jul 30 01:31:07 2006 @@ -1,3 +1,89 @@ +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* (PHP_5_2) + ext/openssl/openssl.c: + - MFH: make the test more obvious and add an explanation + +* ext/openssl/openssl.c: + - make the test more obvious and add an explanation + +* (PHP_5_2) + ext/openssl/openssl.c: + - vi happiness++ + +2006-07-29 Antony Dovgal [EMAIL PROTECTED] + +* ext/openssl/tests/bug38255.phpt: + MFB: improve test + +* (PHP_5_2) + ext/openssl/tests/bug38255.phpt: + improve test + +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* ext/openssl/openssl.c + ext/openssl/openssl.c: + - #38255, fails on array as well + +* (PHP_5_2) + NEWS: + - entry for #37820 and leak + +* (PHP_5_2) + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820key.pem + ext/openssl/tests/bug38255.phpt: + - forgot the tests + +* ext/openssl/openssl.c + ext/openssl/tests/bug38255.phpt + ext/openssl/tests/bug38255.phpt: + - MFH: #38255, fix possible leak in php_openssl_evp_from_zval + +* (PHP_5_2) + ext/openssl/openssl.c: + - fix leak when the key is not a valid key (like false or an array) + +* ext/openssl/openssl.c + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820.phpt + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820cert.pem + ext/openssl/tests/bug37820key.pem + ext/openssl/tests/bug37820key.pem: + - #37820, add support for algorithm type in openssl_verify() + +2006-07-29 Seiji Masugata [EMAIL PROTECTED] + +* ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_strlen.phpt + ext/mbstring/tests/mb_substr.phpt + ext/mbstring/tests/mb_substr.phpt + ext/mbstring/tests/mb_substr.phpt: + fix tests. + +2006-07-29 Pierre-Alain Joye [EMAIL PROTECTED] + +* (PHP_5_2) + ext/filter/logical_filters.c + ext/filter/tests/bug8315.phpt: + - #8315, flaot is affected too + +* ext/filter/logical_filters.c + ext/filter/package.xml + ext/filter/tests/bug8315.phpt: + - MFH: #8315, NULL character stops the validation + +* (PHP_5_2) + ext/filter/logical_filters.c + ext/filter/package.xml + ext/filter/tests/bug8315.phpt + ext/filter/tests/bug8315.phpt: + - #8315, NULL character stops the validation + 2006-07-28 Hannes Magnusson [EMAIL PROTECTED] * ext/date/tests/date_constants.phpt:
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/filter logical_filters.c /ext/filter/tests bug8315.phpt
pajoye Sat Jul 29 12:43:21 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-src/ext/filter/tests bug8315.phpt
Log:
- #8315, flaot is affected too
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.4r2=1.1.2.5diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.4
php-src/ext/filter/logical_filters.c:1.1.2.5
--- php-src/ext/filter/logical_filters.c:1.1.2.4Sat Jul 29 01:26:55 2006
+++ php-src/ext/filter/logical_filters.cSat Jul 29 12:43:21 2006
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.4 2006/07/29 01:26:55 pajoye Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.5 2006/07/29 12:43:21 pajoye Exp $ */
#include php_filter.h
#include filter_private.h
@@ -330,6 +330,7 @@
}
i++;
str[i] = '\0';
+ end = str + i - 1;
}
if (*str == '-') {
@@ -423,6 +424,9 @@
}
stateT:
+ if ((str -1) != end) {
+ goto stateError;
+ }
if (exp_value) {
exp_value *= exp_multiply;
ret_val *= pow(10, exp_value);
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug8315.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u
Index: php-src/ext/filter/tests/bug8315.phpt
diff -u php-src/ext/filter/tests/bug8315.phpt:1.1.2.1
php-src/ext/filter/tests/bug8315.phpt:1.1.2.2
--- php-src/ext/filter/tests/bug8315.phpt:1.1.2.1 Sat Jul 29 01:26:55 2006
+++ php-src/ext/filter/tests/bug8315.phpt Sat Jul 29 12:43:21 2006
@@ -5,6 +5,9 @@
$var=3.chr(0).foo;
var_dump(filter_data($var, FILTER_VALIDATE_INT));
+$var=3.chr(0).foo;
+var_dump(filter_data($var, FILTER_VALIDATE_FLOAT));
?
--EXPECTF--
bool(false)
+bool(false)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/filter logical_filters.c /ext/filter/tests bug8315.phpt
pajoye Sat Jul 29 12:46:16 2006 UTC
Modified files:
/php-src/ext/filter logical_filters.c
/php-src/ext/filter/tests bug8315.phpt
Log:
- MFH: #8315, float is affected too
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.5r2=1.6diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.5
php-src/ext/filter/logical_filters.c:1.6
--- php-src/ext/filter/logical_filters.c:1.5Sat Jul 29 01:27:47 2006
+++ php-src/ext/filter/logical_filters.cSat Jul 29 12:46:16 2006
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.5 2006/07/29 01:27:47 pajoye Exp $ */
+/* $Id: logical_filters.c,v 1.6 2006/07/29 12:46:16 pajoye Exp $ */
#include php_filter.h
#include filter_private.h
@@ -330,6 +330,7 @@
}
i++;
str[i] = '\0';
+ end = str + i - 1;
}
if (*str == '-') {
@@ -423,6 +424,9 @@
}
stateT:
+ if ((str -1) != end) {
+ goto stateError;
+ }
if (exp_value) {
exp_value *= exp_multiply;
ret_val *= pow(10, exp_value);
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug8315.phpt?r1=1.2r2=1.3diff_format=u
Index: php-src/ext/filter/tests/bug8315.phpt
diff -u php-src/ext/filter/tests/bug8315.phpt:1.2
php-src/ext/filter/tests/bug8315.phpt:1.3
--- php-src/ext/filter/tests/bug8315.phpt:1.2 Sat Jul 29 01:27:47 2006
+++ php-src/ext/filter/tests/bug8315.phpt Sat Jul 29 12:46:16 2006
@@ -5,6 +5,9 @@
$var=3.chr(0).foo;
var_dump(filter_data($var, FILTER_VALIDATE_INT));
+$var=3.chr(0).foo;
+var_dump(filter_data($var, FILTER_VALIDATE_FLOAT));
?
--EXPECTF--
bool(false)
+bool(false)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:09:59 2006 UTC
Modified files:
/php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
Log:
fix tests.
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.4r2=1.5diff_format=u
Index: php-src/ext/mbstring/tests/mb_strlen.phpt
diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.4
php-src/ext/mbstring/tests/mb_strlen.phpt:1.5
--- php-src/ext/mbstring/tests/mb_strlen.phpt:1.4 Thu Jan 19 20:52:45 2006
+++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:09:59 2006
@@ -21,35 +21,35 @@
// ASCII
echo == ASCII ==\n;
-print strlen($ascii,'ASCII') . \n;
+print mb_strlen($ascii,'ASCII') . \n;
print strlen($ascii) . \n;
// EUC-JP
echo == EUC-JP ==\n;
-print strlen($euc_jp,'EUC-JP') . \n;
+print mb_strlen($euc_jp,'EUC-JP') . \n;
mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n);
print strlen($euc_jp) . \n;
// SJIS
echo == SJIS ==\n;
-$sjis = mb_convert_encoding($euc_jp, 'SJIS');
-print strlen($sjis,'SJIS') . \n;
+$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP');
+print mb_strlen($sjis,'SJIS') . \n;
mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n);
print strlen($sjis) . \n;
// JIS
// Note: either convert_encoding or strlen has problem
echo == JIS ==\n;
-$jis = mb_convert_encoding($euc_jp, 'JIS');
-print strlen($jis,'JIS') . \n;
+$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP');
+print mb_strlen($jis,'JIS') . \n;
mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n);
print strlen($jis) . \n;
// UTF-8
// Note: either convert_encoding or strlen has problem
echo == UTF-8 ==\n;
-$utf8 = mb_convert_encoding($euc_jp, 'UTF-8');
-print strlen($utf8,'UTF-8') . \n;
+$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP');
+print mb_strlen($utf8,'UTF-8') . \n;
mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n);
print strlen($utf8) . \n;
@@ -60,40 +60,36 @@
// Note: PHP Notice, but returns some value
$r = strlen($t_ary);
echo $r.\n;
-
// Object
-// Note: PHP Catchable error
+// Note: PHP Notice, but returns some value
$r = strlen($t_obj);
echo $r.\n;
-
// Wrong encoding
mb_internal_encoding('EUC-JP');
-$r = strlen($euc_jp, 'BAD_NAME');
+$r = mb_strlen($euc_jp, 'BAD_NAME');
echo $r.\n;
+
+
+
?
--EXPECT--
== ASCII ==
-ERR: Warning
-
+40
40
== EUC-JP ==
-ERR: Warning
-
+43
72
== SJIS ==
-ERR: Warning
-
+43
72
== JIS ==
-ERR: Warning
-
-121
+43
+90
== UTF-8 ==
-ERR: Warning
-
-174
+43
+101
== WRONG PARAMETERS ==
ERR: Notice
5
@@ -101,3 +97,6 @@
ERR: Notice
6
ERR: Warning
+
+
+
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.4diff_format=u
Index: php-src/ext/mbstring/tests/mb_substr.phpt
diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3
php-src/ext/mbstring/tests/mb_substr.phpt:1.4
--- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002
+++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:09:59 2006
@@ -4,6 +4,7 @@
?php extension_loaded('mbstring') or die('skip mbstring not available'); ?
--INI--
output_handler=
+mbstring.func_overload=0
--FILE--
?php
// TODO: Add more encodings
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:11:09 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
Log:
fix tests.
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.3.6.1r2=1.3.6.2diff_format=u
Index: php-src/ext/mbstring/tests/mb_strlen.phpt
diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.1
php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.2
--- php-src/ext/mbstring/tests/mb_strlen.phpt:1.3.6.1 Mon May 29 21:08:02 2006
+++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:11:09 2006
@@ -21,35 +21,35 @@
// ASCII
echo == ASCII ==\n;
-print strlen($ascii,'ASCII') . \n;
+print mb_strlen($ascii,'ASCII') . \n;
print strlen($ascii) . \n;
// EUC-JP
echo == EUC-JP ==\n;
-print strlen($euc_jp,'EUC-JP') . \n;
+print mb_strlen($euc_jp,'EUC-JP') . \n;
mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n);
print strlen($euc_jp) . \n;
// SJIS
echo == SJIS ==\n;
-$sjis = mb_convert_encoding($euc_jp, 'SJIS');
-print strlen($sjis,'SJIS') . \n;
+$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP');
+print mb_strlen($sjis,'SJIS') . \n;
mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n);
print strlen($sjis) . \n;
// JIS
// Note: either convert_encoding or strlen has problem
echo == JIS ==\n;
-$jis = mb_convert_encoding($euc_jp, 'JIS');
-print strlen($jis,'JIS') . \n;
+$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP');
+print mb_strlen($jis,'JIS') . \n;
mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n);
print strlen($jis) . \n;
// UTF-8
// Note: either convert_encoding or strlen has problem
echo == UTF-8 ==\n;
-$utf8 = mb_convert_encoding($euc_jp, 'UTF-8');
-print strlen($utf8,'UTF-8') . \n;
+$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP');
+print mb_strlen($utf8,'UTF-8') . \n;
mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n);
print strlen($utf8) . \n;
@@ -66,7 +66,7 @@
echo $r.\n;
// Wrong encoding
mb_internal_encoding('EUC-JP');
-$r = strlen($euc_jp, 'BAD_NAME');
+$r = mb_strlen($euc_jp, 'BAD_NAME');
echo $r.\n;
@@ -76,25 +76,20 @@
--EXPECT--
== ASCII ==
-ERR: Warning
-
+40
40
== EUC-JP ==
-ERR: Warning
-
+43
72
== SJIS ==
-ERR: Warning
-
+43
72
== JIS ==
-ERR: Warning
-
-121
+43
+90
== UTF-8 ==
-ERR: Warning
-
-174
+43
+101
== WRONG PARAMETERS ==
ERR: Notice
5
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.3.20.1diff_format=u
Index: php-src/ext/mbstring/tests/mb_substr.phpt
diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3
php-src/ext/mbstring/tests/mb_substr.phpt:1.3.20.1
--- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002
+++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:11:09 2006
@@ -4,6 +4,7 @@
?php extension_loaded('mbstring') or die('skip mbstring not available'); ?
--INI--
output_handler=
+mbstring.func_overload=0
--FILE--
?php
// TODO: Add more encodings
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
masugataSat Jul 29 17:12:22 2006 UTC
Modified files: (Branch: PHP_4_4)
/php-src/ext/mbstring/tests mb_strlen.phpt mb_substr.phpt
Log:
fix tests.
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_strlen.phpt?r1=1.2.2.1r2=1.2.2.1.4.1diff_format=u
Index: php-src/ext/mbstring/tests/mb_strlen.phpt
diff -u php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1
php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1.4.1
--- php-src/ext/mbstring/tests/mb_strlen.phpt:1.2.2.1 Mon Jan 19 16:54:22 2004
+++ php-src/ext/mbstring/tests/mb_strlen.phpt Sat Jul 29 17:12:22 2006
@@ -21,35 +21,35 @@
// ASCII
echo == ASCII ==\n;
-print strlen($ascii,'ASCII') . \n;
+print mb_strlen($ascii,'ASCII') . \n;
print strlen($ascii) . \n;
// EUC-JP
echo == EUC-JP ==\n;
-print strlen($euc_jp,'EUC-JP') . \n;
+print mb_strlen($euc_jp,'EUC-JP') . \n;
mb_internal_encoding('EUC-JP') or print(mb_internal_encoding() failed\n);
print strlen($euc_jp) . \n;
// SJIS
echo == SJIS ==\n;
-$sjis = mb_convert_encoding($euc_jp, 'SJIS');
-print strlen($sjis,'SJIS') . \n;
+$sjis = mb_convert_encoding($euc_jp, 'SJIS','EUC-JP');
+print mb_strlen($sjis,'SJIS') . \n;
mb_internal_encoding('SJIS') or print(mb_internal_encoding() failed\n);
print strlen($sjis) . \n;
// JIS
// Note: either convert_encoding or strlen has problem
echo == JIS ==\n;
-$jis = mb_convert_encoding($euc_jp, 'JIS');
-print strlen($jis,'JIS') . \n;
+$jis = mb_convert_encoding($euc_jp, 'JIS','EUC-JP');
+print mb_strlen($jis,'JIS') . \n;
mb_internal_encoding('JIS') or print(mb_internal_encoding() failed\n);
print strlen($jis) . \n;
// UTF-8
// Note: either convert_encoding or strlen has problem
echo == UTF-8 ==\n;
-$utf8 = mb_convert_encoding($euc_jp, 'UTF-8');
-print strlen($utf8,'UTF-8') . \n;
+$utf8 = mb_convert_encoding($euc_jp, 'UTF-8','EUC-JP');
+print mb_strlen($utf8,'UTF-8') . \n;
mb_internal_encoding('UTF-8') or print(mb_internal_encoding() failed\n);
print strlen($utf8) . \n;
@@ -66,7 +66,7 @@
echo $r.\n;
// Wrong encoding
mb_internal_encoding('EUC-JP');
-$r = strlen($euc_jp, 'BAD_NAME');
+$r = mb_strlen($euc_jp, 'BAD_NAME');
echo $r.\n;
@@ -76,28 +76,24 @@
--EXPECT--
== ASCII ==
-ERR: Warning
-
+40
40
== EUC-JP ==
-ERR: Warning
-
+43
72
== SJIS ==
-ERR: Warning
-
+43
72
== JIS ==
-ERR: Warning
-
-121
+43
+90
== UTF-8 ==
-ERR: Warning
-
-174
+43
+101
== WRONG PARAMETERS ==
ERR: Notice
5
+ERR: Catchable fatal error
ERR: Notice
6
ERR: Warning
http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/tests/mb_substr.phpt?r1=1.3r2=1.3.16.1diff_format=u
Index: php-src/ext/mbstring/tests/mb_substr.phpt
diff -u php-src/ext/mbstring/tests/mb_substr.phpt:1.3
php-src/ext/mbstring/tests/mb_substr.phpt:1.3.16.1
--- php-src/ext/mbstring/tests/mb_substr.phpt:1.3 Sun Nov 3 08:37:59 2002
+++ php-src/ext/mbstring/tests/mb_substr.phpt Sat Jul 29 17:12:22 2006
@@ -4,6 +4,7 @@
?php extension_loaded('mbstring') or die('skip mbstring not available'); ?
--INI--
output_handler=
+mbstring.func_overload=0
--FILE--
?php
// TODO: Add more encodings
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c /ext/openssl/tests bug37820.phpt bug37820cert.pem bug37820key.pem
pajoye Sat Jul 29 21:54:45 2006 UTC
Added files:
/php-src/ext/openssl/tests bug37820key.pem bug37820cert.pem
bug37820.phpt
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- #37820, add support for algorithm type in openssl_verify()
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.106r2=1.107diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.106 php-src/ext/openssl/openssl.c:1.107
--- php-src/ext/openssl/openssl.c:1.106 Sun Apr 30 23:45:13 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 21:54:45 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.106 2006/04/30 23:45:13 wez Exp $ */
+/* $Id: openssl.c,v 1.107 2006/07/29 21:54:45 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -563,6 +563,30 @@
}
return SUCCESS;
}
+
+static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ EVP_MD *mdtype;
+
+ switch (algo) {
+ case OPENSSL_ALGO_SHA1:
+ mdtype = (EVP_MD *) EVP_sha1();
+ break;
+ case OPENSSL_ALGO_MD5:
+ mdtype = (EVP_MD *) EVP_md5();
+ break;
+ case OPENSSL_ALGO_MD4:
+ mdtype = (EVP_MD *) EVP_md4();
+ break;
+ case OPENSSL_ALGO_MD2:
+ mdtype = (EVP_MD *) EVP_md2();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ return mdtype;
+}
+/* }}} */
/* }}} */
/* {{{ PHP_MINIT_FUNCTION
@@ -2860,7 +2884,7 @@
}
/* }}} */
-/* {{{ proto bool openssl_sign(string data, string signature, mixed key)
+/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int
signature_alg])
Signs data */
PHP_FUNCTION(openssl_sign)
{
@@ -2884,23 +2908,10 @@
RETURN_FALSE;
}
- switch (signature_algo) {
- case OPENSSL_ALGO_SHA1:
- mdtype = (EVP_MD *) EVP_sha1();
- break;
- case OPENSSL_ALGO_MD5:
- mdtype = (EVP_MD *) EVP_md5();
- break;
- case OPENSSL_ALGO_MD4:
- mdtype = (EVP_MD *) EVP_md4();
- break;
- case OPENSSL_ALGO_MD2:
- mdtype = (EVP_MD *) EVP_md2();
- break;
- default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
signature algorithm.);
- RETURN_FALSE;
- break;
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
}
siglen = EVP_PKEY_size(pkey);
@@ -2931,21 +2942,29 @@
EVP_PKEY *pkey;
int err;
EVP_MD_CTX md_ctx;
+ EVP_MD *mdtype;
long keyresource = -1;
char * data;int data_len;
char * signature; int signature_len;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data,
data_len, signature, signature_len, key) == FAILURE) {
+ long signature_algo = OPENSSL_ALGO_SHA1;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data,
data_len, signature, signature_len, key, signature_algo) == FAILURE) {
return;
}
-
+
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
+ }
+
pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource
TSRMLS_CC);
if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param
cannot be coerced into a public key);
RETURN_FALSE;
}
- EVP_VerifyInit (md_ctx, EVP_sha1());
+ EVP_VerifyInit (md_ctx, mdtype);
EVP_VerifyUpdate (md_ctx, data, data_len);
err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey);
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820key.pem?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug37820key.pem
+++ php-src/ext/openssl/tests/bug37820key.pem
-BEGIN RSA PRIVATE KEY-
MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
[PHP-CVS] cvs: php-src /ext/openssl openssl.c /ext/openssl/tests bug38255.phpt
pajoye Sat Jul 29 22:24:48 2006 UTC
Added files:
/php-src/ext/openssl/tests bug38255.phpt
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- MFH: #38255, fix possible leak in php_openssl_evp_from_zval
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.107r2=1.108diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.107 php-src/ext/openssl/openssl.c:1.108
--- php-src/ext/openssl/openssl.c:1.107 Sat Jul 29 21:54:45 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:24:48 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.107 2006/07/29 21:54:45 pajoye Exp $ */
+/* $Id: openssl.c,v 1.108 2006/07/29 22:24:48 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1824,6 +1824,9 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ return NULL;
+ }
convert_to_string_ex(val);
if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://,
sizeof(file://) - 1) == 0) {
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug38255.phpt
+++ php-src/ext/openssl/tests/bug38255.phpt
--TEST--
openssl key from zval leaks
--SKIPIF--
?php
if (!extension_loaded(openssl)) die(skip);
?
--FILE--
?php
$pub_key_id = false;
$signature = '';
$ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
?
--EXPECTF--
Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s/bug38255.php on line %d
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:33 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- #38255, fails on array as well
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.1r2=1.98.2.5.2.2diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.1
php-src/ext/openssl/openssl.c:1.98.2.5.2.2
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.1 Sat Jul 29 22:10:49 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:33 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1836,7 +1836,8 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
+ || Z_TYPE_PP(val) == IS_ARRAY) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:51 2006 UTC
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- #38255, fails on array as well
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.108r2=1.109diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.108 php-src/ext/openssl/openssl.c:1.109
--- php-src/ext/openssl/openssl.c:1.108 Sat Jul 29 22:24:48 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:51 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.108 2006/07/29 22:24:48 pajoye Exp $ */
+/* $Id: openssl.c,v 1.109 2006/07/29 22:39:51 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1824,7 +1824,8 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
+ || Z_TYPE_PP(val) == IS_ARRAY) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl/tests bug38255.phpt
tony2001Sat Jul 29 22:41:34 2006 UTC
Modified files:
/php-src/ext/openssl/tests bug38255.phpt
Log:
MFB: improve test
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?r1=1.1r2=1.2diff_format=u
Index: php-src/ext/openssl/tests/bug38255.phpt
diff -u php-src/ext/openssl/tests/bug38255.phpt:1.1
php-src/ext/openssl/tests/bug38255.phpt:1.2
--- php-src/ext/openssl/tests/bug38255.phpt:1.1 Sat Jul 29 22:24:48 2006
+++ php-src/ext/openssl/tests/bug38255.phpt Sat Jul 29 22:41:34 2006
@@ -9,6 +9,47 @@
$pub_key_id = false;
$signature = '';
$ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
+
+class test {
+ function __toString() {
+ return test object;
+ }
+}
+$t = new test;
+
+
+var_dump(openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify(foo, $t, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify(foo, new stdClass, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify(foo, new stdClass, array(), OPENSSL_ALGO_MD5));
+var_dump(openssl_verify(foo, array(), array(), OPENSSL_ALGO_MD5));
+var_dump(openssl_verify());
+var_dump(openssl_verify(new stdClass, new stdClass, array(), 1));
+
+echo Done\n;
+
?
--EXPECTF--
-Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s/bug38255.php on line %d
+Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s on line %d
+
+Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s on line %d
+bool(false)
+
+Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s on line %d
+bool(false)
+
+Warning: openssl_verify() expects parameter 2 to be string, object given in %s
on line %d
+NULL
+
+Warning: openssl_verify() expects parameter 2 to be string, object given in %s
on line %d
+NULL
+
+Warning: openssl_verify() expects parameter 2 to be string, array given in %s
on line %d
+NULL
+
+Warning: openssl_verify() expects at least 3 parameters, 0 given in %s on line
%d
+NULL
+
+Warning: openssl_verify() expects parameter 1 to be string, object given in %s
on line %d
+NULL
+Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl/tests bug37820.phpt bug37820cert.pem bug37820key.pem bug38255.phpt
pajoye Sat Jul 29 22:27:54 2006 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests bug38255.phpt bug37820key.pem
bug37820cert.pem bug37820.phpt
Log:
- forgot the tests
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38255.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug38255.phpt
+++ php-src/ext/openssl/tests/bug38255.phpt
--TEST--
openssl key from zval leaks
--SKIPIF--
?php
if (!extension_loaded(openssl)) die(skip);
?
--FILE--
?php
$pub_key_id = false;
$signature = '';
$ok = openssl_verify(foo, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
?
--EXPECTF--
Warning: openssl_verify(): supplied key param cannot be coerced into a public
key in %s/bug38255.php on line %d
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820key.pem?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug37820key.pem
+++ php-src/ext/openssl/tests/bug37820key.pem
-BEGIN RSA PRIVATE KEY-
MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
-END RSA PRIVATE KEY-
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820cert.pem?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug37820cert.pem
+++ php-src/ext/openssl/tests/bug37820cert.pem
-BEGIN CERTIFICATE-
MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
-END CERTIFICATE-
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug37820.phpt
+++ php-src/ext/openssl/tests/bug37820.phpt
--TEST--
openssl_sign/verify: accept different algos
--SKIPIF--
?php
if (!extension_loaded(openssl)) die(skip);
?
--FILE--
?php
$dir = dirname(__FILE__);
$file_pub = $dir . '/bug37820cert.pem';
$file_key = $dir . '/bug37820key.pem';
$priv_key = file_get_contents($file_key);
$priv_key_id = openssl_get_privatekey($priv_key);
$pub_key = file_get_contents($file_pub);
$pub_key_id = openssl_get_publickey($pub_key);
$data = some custom data;
if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) {
echo openssl_sign failed.;
}
$ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
if ($ok == 1) {
echo Ok;
} elseif ($ok == 0) {
echo openssl_verify failed.;
}
?
--EXPECTF--
Ok
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:37 2006 UTC
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- make the test more obvious and add an explanation
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.109r2=1.110diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.109 php-src/ext/openssl/openssl.c:1.110
--- php-src/ext/openssl/openssl.c:1.109 Sat Jul 29 22:39:51 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:37 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.109 2006/07/29 22:39:51 pajoye Exp $ */
+/* $Id: openssl.c,v 1.110 2006/07/29 23:03:37 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1824,8 +1824,10 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
- || Z_TYPE_PP(val) == IS_ARRAY) {
+ /* passing non string values leaks, object uses toString, it
returns NULL
+* bug38255.phpt
+*/
+ if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) ==
IS_OBJECT)) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:55 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- MFH: make the test more obvious and add an explanation
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.3r2=1.98.2.5.2.4diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.3
php-src/ext/openssl/openssl.c:1.98.2.5.2.4
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.3 Sat Jul 29 22:52:48 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:55 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1847,8 +1847,10 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
- || Z_TYPE_PP(val) == IS_ARRAY) {
+ /* passing non string values leaks, object uses toString, it
returns NULL
+* See bug38255.phpt
+*/
+ if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) ==
IS_OBJECT)) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:10:49 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- fix leak when the key is not a valid key (like false or an array)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5r2=1.98.2.5.2.1diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5
php-src/ext/openssl/openssl.c:1.98.2.5.2.1
--- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -577,6 +577,30 @@
}
return SUCCESS;
}
+
+static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ EVP_MD *mdtype;
+
+ switch (algo) {
+ case OPENSSL_ALGO_SHA1:
+ mdtype = (EVP_MD *) EVP_sha1();
+ break;
+ case OPENSSL_ALGO_MD5:
+ mdtype = (EVP_MD *) EVP_md5();
+ break;
+ case OPENSSL_ALGO_MD4:
+ mdtype = (EVP_MD *) EVP_md4();
+ break;
+ case OPENSSL_ALGO_MD2:
+ mdtype = (EVP_MD *) EVP_md2();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ return mdtype;
+}
+/* }}} */
/* }}} */
/* {{{ PHP_MINIT_FUNCTION
@@ -1812,6 +1836,9 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ return NULL;
+ }
convert_to_string_ex(val);
if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://,
sizeof(file://) - 1) == 0) {
@@ -2872,7 +2899,7 @@
}
/* }}} */
-/* {{{ proto bool openssl_sign(string data, string signature, mixed key)
+/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int
signature_alg])
Signs data */
PHP_FUNCTION(openssl_sign)
{
@@ -2896,23 +2923,10 @@
RETURN_FALSE;
}
- switch (signature_algo) {
- case OPENSSL_ALGO_SHA1:
- mdtype = (EVP_MD *) EVP_sha1();
- break;
- case OPENSSL_ALGO_MD5:
- mdtype = (EVP_MD *) EVP_md5();
- break;
- case OPENSSL_ALGO_MD4:
- mdtype = (EVP_MD *) EVP_md4();
- break;
- case OPENSSL_ALGO_MD2:
- mdtype = (EVP_MD *) EVP_md2();
- break;
- default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
signature algorithm.);
- RETURN_FALSE;
- break;
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
}
siglen = EVP_PKEY_size(pkey);
@@ -2943,21 +2957,29 @@
EVP_PKEY *pkey;
int err;
EVP_MD_CTX md_ctx;
+ EVP_MD *mdtype;
long keyresource = -1;
char * data;int data_len;
char * signature; int signature_len;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data,
data_len, signature, signature_len, key) == FAILURE) {
+ long signature_algo = OPENSSL_ALGO_SHA1;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data,
data_len, signature, signature_len, key, signature_algo) == FAILURE) {
return;
}
-
+
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
+ }
+
pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource
TSRMLS_CC);
if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param
cannot be coerced into a public key);
RETURN_FALSE;
}
- EVP_VerifyInit (md_ctx, EVP_sha1());
+ EVP_VerifyInit (md_ctx, mdtype);
EVP_VerifyUpdate (md_ctx, data, data_len);
err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:52:48 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- vi happiness++
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.2r2=1.98.2.5.2.3diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.2
php-src/ext/openssl/openssl.c:1.98.2.5.2.3
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.2 Sat Jul 29 22:39:33 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:52:48 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -156,10 +156,11 @@
static int le_csr;
static int ssl_stream_data_index;
-int php_openssl_get_x509_list_id(void)
+int php_openssl_get_x509_list_id(void) /* {{{ */
{
return le_x509;
}
+/* }}} */
/* {{{ resource destructors */
static void php_pkey_free(zend_rsrc_list_entry *rsrc TSRMLS_DC)
@@ -202,7 +203,7 @@
/* true global; readonly after module startup */
static char default_ssl_conf_filename[MAXPATHLEN];
-struct php_x509_request {
+struct php_x509_request { /* {{{ */
LHASH * global_config; /* Global SSL config */
LHASH * req_config; /* SSL config for this request */
const EVP_MD * md_alg;
@@ -219,7 +220,7 @@
EVP_PKEY * priv_key;
};
-
+/* }}} */
static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long *
resourceval TSRMLS_DC);
static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char
* passphrase, int makeresource, long * resourceval TSRMLS_DC);
@@ -230,7 +231,7 @@
static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request *
req TSRMLS_DC);
-static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int
shortname TSRMLS_DC)
+static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int
shortname TSRMLS_DC) /* {{{ */
{
zval *subitem, *subentries;
int i, j = -1, last = -1, obj_cnt = 0;
@@ -285,13 +286,15 @@
}
zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void *)subitem,
sizeof(subitem), NULL);
}
+/* }}} */
-static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str)
+static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str)
/* {{{ */
{
add_assoc_stringl(val, key, str-data, str-length, 1);
}
+/* }}} */
-static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC)
+static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */
{
/*
This is how the time string is formatted:
@@ -359,12 +362,14 @@
return ret;
}
+/* }}} */
static inline int php_openssl_config_check_syntax(
const char * section_label,
const char * config_filename,
const char * section,
- LHASH * config TSRMLS_DC)
+ LHASH * config TSRMLS_DC
+ ) /* {{{ */
{
X509V3_CTX ctx;
@@ -379,8 +384,9 @@
}
return SUCCESS;
}
+/* }}} */
-static int add_oid_section(struct php_x509_request * req TSRMLS_DC)
+static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */
{
char * str;
STACK_OF(CONF_VALUE) * sktmp;
@@ -405,6 +411,7 @@
}
return SUCCESS;
}
+/* }}} */
#define PHP_SSL_REQ_INIT(req) memset(req, 0, sizeof(*req))
#define PHP_SSL_REQ_DISPOSE(req) php_openssl_dispose_config(req
TSRMLS_CC)
@@ -431,7 +438,7 @@
struct php_x509_request * req,
zval * optional_args
TSRMLS_DC
- )
+ ) /* {{{ */
{
char * str;
zval ** item;
@@ -509,8 +516,9 @@
return SUCCESS;
}
+/* }}} */
-static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC)
+static void php_openssl_dispose_config(struct php_x509_request * req
TSRMLS_DC) /* {{{ */
{
if (req-priv_key) {
EVP_PKEY_free(req-priv_key);
@@ -525,8 +533,9 @@
req-req_config = NULL;
}
}
+/* }}} */
-static int php_openssl_load_rand_file(const char * file, int *egdsocket, int
*seeded)
+static int php_openssl_load_rand_file(const char * file, int *egdsocket, int
*seeded) /* {{{ */
{
char buffer[MAXPATHLEN];
@@ -556,8 +565,9 @@
*seeded = 1;
return SUCCESS;
}
+/* }}} */
-static int php_openssl_write_rand_file(const char * file, int egdsocket, int
seeded)
+static int php_openssl_write_rand_file(const char * file, int egdsocket, int
seeded) /* {{{ */
{
char buffer[MAXPATHLEN];
@@ -577,6 +587,7 @@
}
return SUCCESS;
}
+/* }}} */
static EVP_MD * php_openssl_get_evp_md_from_algo(long algo)
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/standard array.c
andrei Sun Jul 30 03:31:18 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/standard array.c
Log:
Make array_merge(_recursive) handle binary keys safely. (Patch by Matt W)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.308.2.21.2.8r2=1.308.2.21.2.9diff_format=u
Index: php-src/ext/standard/array.c
diff -u php-src/ext/standard/array.c:1.308.2.21.2.8
php-src/ext/standard/array.c:1.308.2.21.2.9
--- php-src/ext/standard/array.c:1.308.2.21.2.8 Mon Jul 24 18:18:33 2006
+++ php-src/ext/standard/array.cSun Jul 30 03:31:18 2006
@@ -21,7 +21,7 @@
+--+
*/
-/* $Id: array.c,v 1.308.2.21.2.8 2006/07/24 18:18:33 andrei Exp $ */
+/* $Id: array.c,v 1.308.2.21.2.9 2006/07/30 03:31:18 andrei Exp $ */
#include php.h
#include php_ini.h
@@ -2328,7 +2328,7 @@
} else {
(*src_entry)-refcount++;
- zend_hash_update(dest, string_key,
strlen(string_key)+1,
+ zend_hash_update(dest, string_key,
string_key_len,
src_entry, sizeof(zval *), NULL);
}
break;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
