[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Tue Jul 7 15:14:03 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - MF53: #48116, fix build with openssl 1.0 http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.53r2=1.98.2.5.2.54diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.53 php-src/ext/openssl/openssl.c:1.98.2.5.2.54 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.53 Mon Apr 20 10:00:41 2009 +++ php-src/ext/openssl/openssl.c Tue Jul 7 15:14:03 2009 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.53 2009/04/20 10:00:41 mkoppanen Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.54 2009/07/07 15:14:03 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -227,8 +227,13 @@ static char default_ssl_conf_filename[MAXPATHLEN]; struct php_x509_request { /* {{{ */ - LHASH * global_config; /* Global SSL config */ - LHASH * req_config; /* SSL config for this request */ +#if OPENSSL_VERSION_NUMBER = 0x1002L + LHASH_OF(CONF_VALUE) * global_config; /* Global SSL config */ + LHASH_OF(CONF_VALUE) * req_config; /* SSL config for this request */ +#else + LHASH * global_config; /* Global SSL config */ + LHASH * req_config; /* SSL config for this request */ +#endif const EVP_MD * md_alg; const EVP_MD * digest; char* section_name, @@ -406,12 +411,11 @@ } /* }}} */ -static inline int php_openssl_config_check_syntax( - const char * section_label, - const char * config_filename, - const char * section, - LHASH * config TSRMLS_DC - ) /* {{{ */ +#if OPENSSL_VERSION_NUMBER = 0x1002L +static inline int php_openssl_config_check_syntax(const char * section_label, const char * config_filename, const char * section, LHASH_OF(CONF_VALUE) * config TSRMLS_DC) /* {{{ */ +#else +static inline int php_openssl_config_check_syntax(const char * section_label, const char * config_filename, const char * section, LHASH * config TSRMLS_DC) /* {{{ */ +#endif { X509V3_CTX ctx; @@ -866,7 +870,7 @@ if (in == NULL) { return NULL; } - cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509, PEM_STRING_X509, in, NULL, NULL, NULL); + cert = (X509 *) PEM_ASN1_read_bio((d2i_of_void *)d2i_X509, PEM_STRING_X509, in, NULL, NULL, NULL); BIO_free(in); } @@ -2479,8 +2483,7 @@ case EVP_PKEY_RSA: case EVP_PKEY_RSA2: assert(pkey-pkey.rsa != NULL); - - if (NULL == pkey-pkey.rsa-p || NULL == pkey-pkey.rsa-q) { + if (pkey-pkey.rsa != NULL (NULL == pkey-pkey.rsa-p || NULL == pkey-pkey.rsa-q)) { return 0; } break; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
mkoppanen Mon Apr 20 10:00:41 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: MFH: Closes #47991 SSL streams fail if error stack contains items http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.52r2=1.98.2.5.2.53diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.52 php-src/ext/openssl/openssl.c:1.98.2.5.2.53 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.52 Sun Mar 29 23:33:01 2009 +++ php-src/ext/openssl/openssl.c Mon Apr 20 10:00:41 2009 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.52 2009/03/29 23:33:01 scottmac Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.53 2009/04/20 10:00:41 mkoppanen Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -3894,6 +3894,7 @@ char *cipherlist = NULL; int ok = 1; + ERR_clear_error(); /* look at context options in the stream and set appropriate verification flags */ if (GET_VER_OPT(verify_peer) zval_is_true(*val)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
scottmacSun Mar 29 23:33:01 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: MFH Fix bug #47828 - Converting to UTF-8 can sometimes fail, check error codes and avoid segfault. http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.51r2=1.98.2.5.2.52diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.51 php-src/ext/openssl/openssl.c:1.98.2.5.2.52 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.51 Wed Dec 31 11:17:41 2008 +++ php-src/ext/openssl/openssl.c Sun Mar 29 23:33:01 2009 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.51 2008/12/31 11:17:41 sebastian Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.52 2009/03/29 23:33:01 scottmac Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -301,7 +301,9 @@ str = X509_NAME_ENTRY_get_data(ne); if (ASN1_STRING_type(str) != V_ASN1_UTF8STRING) { to_add_len = ASN1_STRING_to_UTF8(to_add, str); - add_next_index_stringl(subentries, (char *)to_add, to_add_len, 1); + if (to_add_len != -1) { + add_next_index_stringl(subentries, (char *)to_add, to_add_len, 1); + } } else { to_add = ASN1_STRING_data(str); to_add_len = ASN1_STRING_length(str); @@ -317,7 +319,7 @@ } else { zval_dtor(subentries); FREE_ZVAL(subentries); - if (obj_cnt str) { + if (obj_cnt str to_add_len -1) { add_assoc_stringl(subitem, sname, (char *)to_add, to_add_len, 1); } } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sun Nov 30 21:39:58 2008 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #44900, OpenSSL extension fails to link with OpenSSL 0.9.6 (5.2 only, 5.3+ requires a decent version) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.49r2=1.98.2.5.2.50diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.49 php-src/ext/openssl/openssl.c:1.98.2.5.2.50 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.49 Tue Nov 18 02:02:19 2008 +++ php-src/ext/openssl/openssl.c Sun Nov 30 21:39:57 2008 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.49 2008/11/18 02:02:19 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.50 2008/11/30 21:39:57 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -3535,7 +3535,9 @@ efree(sigbuf); RETVAL_FALSE; } +#if OPENSSL_VERSION_NUMBER = 0x0090700fL EVP_MD_CTX_cleanup(md_ctx); +#endif if (keyresource == -1) { EVP_PKEY_free(pkey); } @@ -3575,7 +3577,9 @@ EVP_VerifyInit (md_ctx, mdtype); EVP_VerifyUpdate (md_ctx, data, data_len); err = EVP_VerifyFinal (md_ctx, (unsigned char *)signature, signature_len, pkey); +#if OPENSSL_VERSION_NUMBER = 0x0090700fL EVP_MD_CTX_cleanup(md_ctx); +#endif if (keyresource == -1) { EVP_PKEY_free(pkey); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem
Hello Pierre-Alain, 2nd try Tuesday, November 18, 2008, 3:02:19 AM, you wrote: pajoye Tue Nov 18 02:02:19 2008 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem Modified files: /php-src/ext/opensslopenssl.c Log: - MFH: #41033, enable signing with DSA keys http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.48r2=1.98.2.5.2.49diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.48 php-src/ext/openssl/openssl.c:1.98.2.5.2.49 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.48 Sun Oct 26 14:35:59 2008 +++ php-src/ext/openssl/openssl.c Tue Nov 18 02:02:19 2008 @@ -1224,7 +1229,15 @@ if (cert == NULL) { goto clean_exit; } - RETVAL_LONG(check_cert(cainfo, cert, untrustedchain, purpose)); + + ret = check_cert(cainfo, cert, untrustedchain, purpose); + +if (ret != 0 ret != 1) { +RETVAL_LONG(ret); +} else { +RETVAL_BOOL(ret); Why not simply: RETVAL_BOOL(ret != 0 and ret != 1); Best regards, Marcus -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem
pajoye Tue Nov 18 02:02:19 2008 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem Modified files: /php-src/ext/opensslopenssl.c Log: - MFH: #41033, enable signing with DSA keys http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.48r2=1.98.2.5.2.49diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.48 php-src/ext/openssl/openssl.c:1.98.2.5.2.49 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.48 Sun Oct 26 14:35:59 2008 +++ php-src/ext/openssl/openssl.c Tue Nov 18 02:02:19 2008 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.48 2008/10/26 14:35:59 iliaa Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.49 2008/11/18 02:02:19 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -56,6 +56,7 @@ #define OPENSSL_ALGO_MD5 2 #define OPENSSL_ALGO_MD4 3 #define OPENSSL_ALGO_MD2 4 +#define OPENSSL_ALGO_DSS1 5 #define DEBUG_SMIME0 @@ -641,6 +642,9 @@ case OPENSSL_ALGO_MD2: mdtype = (EVP_MD *) EVP_md2(); break; + case OPENSSL_ALGO_DSS1: + mdtype = (EVP_MD *) EVP_dss1(); + break; default: return NULL; break; @@ -692,6 +696,7 @@ REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD5, OPENSSL_ALGO_MD5, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD4, OPENSSL_ALGO_MD4, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD2, OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_ALGO_DSS1, OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT); /* flags for S/MIME */ REGISTER_LONG_CONSTANT(PKCS7_DETACHED, PKCS7_DETACHED, CONST_CS|CONST_PERSISTENT); @@ -1200,7 +1205,7 @@ STACK_OF(X509) * untrustedchain = NULL; long purpose; char * untrusted = NULL; - int untrusted_len; + int untrusted_len, ret; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zl|a!s, zcert, purpose, zcainfo, untrusted, untrusted_len) == FAILURE) { @@ -1224,7 +1229,15 @@ if (cert == NULL) { goto clean_exit; } - RETVAL_LONG(check_cert(cainfo, cert, untrustedchain, purpose)); + + ret = check_cert(cainfo, cert, untrustedchain, purpose); + +if (ret != 0 ret != 1) { +RETVAL_LONG(ret); +} else { +RETVAL_BOOL(ret); +} + clean_exit: if (certresource == 1 cert) { http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033.pem?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug41033.pem +++ php-src/ext/openssl/tests/bug41033.pem http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug41033.phpt +++ php-src/ext/openssl/tests/bug41033.phpt http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033pub.pem?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug41033pub.pem +++ php-src/ext/openssl/tests/bug41033pub.pem -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Mon Apr 7 10:44:03 2008 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: initialize variable http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.44r2=1.98.2.5.2.45diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.44 php-src/ext/openssl/openssl.c:1.98.2.5.2.45 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.44 Tue Jan 15 15:13:37 2008 +++ php-src/ext/openssl/openssl.c Mon Apr 7 10:44:03 2008 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.44 2008/01/15 15:13:37 rrichards Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.45 2008/04/07 10:44:03 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1962,7 +1962,7 @@ X509 * cert = NULL, *new_cert = NULL; X509_REQ * csr; EVP_PKEY * key = NULL, *priv_key = NULL; - long csr_resource, certresource, keyresource; + long csr_resource, certresource = 0, keyresource; int i; struct php_x509_request req; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Wed Aug 8 06:29:47 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - fix regression introduced with #4 (thx to tony and mattias for the head up) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.40r2=1.98.2.5.2.41diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.40 php-src/ext/openssl/openssl.c:1.98.2.5.2.41 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.40 Mon Aug 6 19:49:45 2007 +++ php-src/ext/openssl/openssl.c Wed Aug 8 06:29:46 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.40 2007/08/06 19:49:45 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.41 2007/08/08 06:29:46 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1726,7 +1726,7 @@ /* Finally apply defaults from config file */ for(i = 0; i sk_CONF_VALUE_num(dn_sk); i++) { int len; - char buffer[200]; + char buffer[200 + 1]; /*200 + \0 !*/ v = sk_CONF_VALUE_value(dn_sk, i); type = v-name; @@ -1743,7 +1743,7 @@ len = 200; } memcpy(buffer, type, len); - buffer[len - 1] = '\0'; + buffer[len] = '\0'; type = buffer; /* Skip past any leading X. X: X, etc to allow for multiple -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Aug 6 19:11:20 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #4, truncate the _default to the buffer size (was 200 since day #1, we don't need dynamic alloc here) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.38r2=1.98.2.5.2.39diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.38 php-src/ext/openssl/openssl.c:1.98.2.5.2.39 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.38 Wed Jul 11 12:18:14 2007 +++ php-src/ext/openssl/openssl.c Mon Aug 6 19:11:20 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.38 2007/07/11 12:18:14 dmitry Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.39 2007/08/06 19:11:20 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1739,7 +1739,9 @@ if (strcmp(_default, type + len) != 0) { continue; } - + if (len 200) { + len = 200; + } memcpy(buffer, type, len); buffer[len] = '\0'; type = buffer; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Aug 6 19:49:45 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #4, forgot this one (thanks mattias) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.39r2=1.98.2.5.2.40diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.39 php-src/ext/openssl/openssl.c:1.98.2.5.2.40 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.39 Mon Aug 6 19:11:20 2007 +++ php-src/ext/openssl/openssl.c Mon Aug 6 19:49:45 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.39 2007/08/06 19:11:20 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.40 2007/08/06 19:49:45 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1743,7 +1743,7 @@ len = 200; } memcpy(buffer, type, len); - buffer[len] = '\0'; + buffer[len - 1] = '\0'; type = buffer; /* Skip past any leading X. X: X, etc to allow for multiple -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
I don't think it is imprtant fix. Nobody uses non-sting pasphrases. :) I found this bug in PHP6 where it was real stopper (because of unicode passphrases) and then backported it to 5.2. Thanks. Dmitry. -Original Message- From: Pierre [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 11, 2007 12:42 PM To: Dmitry Stogov Cc: php-cvs@lists.php.net Subject: Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c Hi Dmitry, Thanks for the fixes! Can you add two NEWS entry please? (5_2) On 7/11/07, Dmitry Stogov [EMAIL PROTECTED] wrote: dmitry Wed Jul 11 07:26:52 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: Fixed crash on non-string passphrase http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2. 5.2.35r2=1.98.2.5.2.36diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.35 php-src/ext/openssl/openssl.c:1.98.2.5.2.36 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.35 Tue Jun 19 22:09:49 2007 +++ php-src/ext/openssl/openssl.c Wed Jul 11 07:26:52 2007 @@ -20,7 +20,7 @@ +- -+ */ -/* $Id: openssl.c,v 1.98.2.5.2.35 2007/06/19 22:09:49 iliaa Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.36 2007/07/11 07:26:52 dmitry Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -2256,6 +2256,7 @@ } else { tmp = **zphrase; zval_copy_ctor(tmp); + convert_to_string(tmp); passphrase = Z_STRVAL(tmp); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
On 7/11/07, Dmitry Stogov [EMAIL PROTECTED] wrote: I don't think it is imprtant fix. Nobody uses non-sting pasphrases. :) I found this bug in PHP6 where it was real stopper (because of unicode passphrases) and then backported it to 5.2. If it changes / fixes a behaviors/bugs, it has be in the NEWS file, even if nobody uses it :) (for example, It is useful when one has to patch its php after a release) Thanks, --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Tue Jun 19 22:09:49 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: Fixed a memory leak inside load_all_certs_file() http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.34r2=1.98.2.5.2.35diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.34 php-src/ext/openssl/openssl.c:1.98.2.5.2.35 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.34 Sat May 19 22:05:08 2007 +++ php-src/ext/openssl/openssl.c Tue Jun 19 22:09:49 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.34 2007/05/19 22:05:08 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.35 2007/06/19 22:09:49 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1109,17 +1109,20 @@ } if (php_openssl_safe_mode_chk(certfile TSRMLS_CC)) { + sk_X509_free(stack); goto end; } if(!(in=BIO_new_file(certfile, r))) { php_error_docref(NULL TSRMLS_CC, E_WARNING, error opening the file, %s, certfile); + sk_X509_free(stack); goto end; } /* This loads from a file, a stack of x509/crl/pkey sets */ if(!(sk=PEM_X509_INFO_read_bio(in, NULL, NULL, NULL))) { php_error_docref(NULL TSRMLS_CC, E_WARNING, error reading the file, %s, certfile); + sk_X509_free(stack); goto end; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Thu Apr 5 07:10:07 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: fix ZTS build http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.30r2=1.98.2.5.2.31diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.30 php-src/ext/openssl/openssl.c:1.98.2.5.2.31 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.30 Wed Apr 4 22:00:51 2007 +++ php-src/ext/openssl/openssl.c Thu Apr 5 07:10:07 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.30 2007/04/04 22:00:51 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.31 2007/04/05 07:10:07 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1333,7 +1333,7 @@ sk_X509_free(sk); } -static STACK_OF(X509) * php_array_to_X509_sk(zval ** zcerts) +static STACK_OF(X509) * php_array_to_X509_sk(zval ** zcerts TSRMLS_DC) { HashPosition hpos; zval ** zcertval; @@ -1436,7 +1436,7 @@ */ if (args zend_hash_find(Z_ARRVAL_P(args), extracerts, sizeof(extracerts), (void**)item) == SUCCESS) - ca = php_array_to_X509_sk(item); + ca = php_array_to_X509_sk(item TSRMLS_CC); /* end parse extra config */ /*PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, @@ -1510,7 +1510,7 @@ friendly_name = Z_STRVAL_PP(item); if (args zend_hash_find(Z_ARRVAL_P(args), extracerts, sizeof(extracerts), (void**)item) == SUCCESS) - ca = php_array_to_X509_sk(item); + ca = php_array_to_X509_sk(item TSRMLS_CC); /* end parse extra config */ p12 = PKCS12_create(pass, friendly_name, priv_key, cert, ca, 0, 0, 0, 0, 0); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
rrichards Thu Apr 5 18:08:42 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: fix win32 build http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.31r2=1.98.2.5.2.32diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.31 php-src/ext/openssl/openssl.c:1.98.2.5.2.32 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.31 Thu Apr 5 07:10:07 2007 +++ php-src/ext/openssl/openssl.c Thu Apr 5 18:08:42 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.31 2007/04/05 07:10:07 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.32 2007/04/05 18:08:42 rrichards Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1567,11 +1567,10 @@ if(d2i_PKCS12_bio(bio_in, p12)) { if(PKCS12_parse(p12, pass, pkey, cert, ca)) { - + BIO * bio_out; + zval_dtor(zout); array_init(zout); - - BIO * bio_out; bio_out = BIO_new(BIO_s_mem()); if (PEM_write_bio_X509(bio_out, cert)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Wed Apr 4 22:00:52 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - nuke c++ comments http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.29r2=1.98.2.5.2.30diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.29 php-src/ext/openssl/openssl.c:1.98.2.5.2.30 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.29 Wed Apr 4 21:24:01 2007 +++ php-src/ext/openssl/openssl.c Wed Apr 4 22:00:51 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.29 2007/04/04 21:24:01 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.30 2007/04/04 22:00:51 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1430,17 +1430,19 @@ /* parse extra config from args array, promote this to an extra function */ if (args zend_hash_find(Z_ARRVAL_P(args), friendly_name, sizeof(friendly_name), (void**)item) == SUCCESS) friendly_name = Z_STRVAL_PP(item); - // certpbe (default RC2-40) - // keypbe (default 3DES) - // friendly_caname + /* certpbe (default RC2-40) + keypbe (default 3DES) + friendly_caname + */ if (args zend_hash_find(Z_ARRVAL_P(args), extracerts, sizeof(extracerts), (void**)item) == SUCCESS) ca = php_array_to_X509_sk(item); /* end parse extra config */ + /*PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, + int nid_key, int nid_cert, int iter, int mac_iter, int keytype);*/ + p12 = PKCS12_create(pass, friendly_name, priv_key, cert, ca, 0, 0, 0, 0, 0); - //PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, -// int nid_key, int nid_cert, int iter, int mac_iter, int keytype); bio_out = BIO_new_file(filename, w); if (bio_out) { @@ -1506,9 +1508,6 @@ /* parse extra config from args array, promote this to an extra function */ if (args zend_hash_find(Z_ARRVAL_P(args), friendly_name, sizeof(friendly_name), (void**)item) == SUCCESS) friendly_name = Z_STRVAL_PP(item); - // certpbe (default RC2-40) - // keypbe (default 3DES) - // friendly_caname if (args zend_hash_find(Z_ARRVAL_P(args), extracerts, sizeof(extracerts), (void**)item) == SUCCESS) ca = php_array_to_X509_sk(item); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 005.phpt bug38261.phpt
rrichards Sat Jan 20 22:08:29 2007 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests 005.phpt Modified files: /php-src/ext/opensslopenssl.c /php-src/ext/openssl/tests bug38261.phpt Log: MFH: fix accessing public key from x509 resource add test fix test under win32 http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.26r2=1.98.2.5.2.27diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.26 php-src/ext/openssl/openssl.c:1.98.2.5.2.27 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.26 Sun Jan 7 18:38:21 2007 +++ php-src/ext/openssl/openssl.c Sat Jan 20 22:08:29 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.26 2007/01/07 18:38:21 iliaa Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.27 2007/01/20 22:08:29 rrichards Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1958,10 +1958,10 @@ /* got the key - return it */ return (EVP_PKEY*)what; } + } else { + /* other types could be used here - eg: file pointers and read in the data from them */ + TMP_CLEAN; } - - /* other types could be used here - eg: file pointers and read in the data from them */ - TMP_CLEAN; } else { /* force it to be a string and check if it refers to a file */ /* passing non string values leaks, object uses toString, it returns NULL http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38261.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u Index: php-src/ext/openssl/tests/bug38261.phpt diff -u php-src/ext/openssl/tests/bug38261.phpt:1.1.2.1 php-src/ext/openssl/tests/bug38261.phpt:1.1.2.2 --- php-src/ext/openssl/tests/bug38261.phpt:1.1.2.1 Sun Jul 30 16:26:19 2006 +++ php-src/ext/openssl/tests/bug38261.phpt Sat Jan 20 22:08:29 2007 @@ -27,8 +27,8 @@ bool(false) bool(false) -Warning: openssl_x509_parse() expects at least 1 parameter, 0 given in %s/bug38261.php on line %d +Warning: openssl_x509_parse() expects at least 1 parameter, 0 given in %sbug38261.php on line %d NULL bool(false) -Catchable fatal error: Object of class stdClass could not be converted to string in %s/bug38261.php on line %d +Catchable fatal error: Object of class stdClass could not be converted to string in %sbug38261.php on line %d http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/005.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/005.phpt +++ php-src/ext/openssl/tests/005.phpt --TEST-- openSSL: read public key from x.509 resource --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); ? --FILE-- ?php $dir = dirname(__FILE__); $file_pub = $dir . '/bug37820cert.pem'; $file_key = $dir . '/bug37820key.pem'; $priv_key = file_get_contents($file_key); $priv_key_id = openssl_get_privatekey($priv_key); $x509 = openssl_x509_read(file_get_contents($file_pub)); $pub_key_id = openssl_get_publickey($x509); $data = some custom data; if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) { echo openssl_sign failed.; } $ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5); if ($ok == 1) { echo Ok; } elseif ($ok == 0) { echo openssl_verify failed.; } ? --EXPECTF-- Ok -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Sun Oct 15 21:09:24 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: fix compile warning http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.22r2=1.98.2.5.2.23diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.22 php-src/ext/openssl/openssl.c:1.98.2.5.2.23 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.22 Mon Oct 9 00:04:10 2006 +++ php-src/ext/openssl/openssl.c Sun Oct 15 21:09:24 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.22 2006/10/09 00:04:10 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.23 2006/10/15 21:09:24 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1059,7 +1059,7 @@ for (i = 0; i X509_get_ext_count(cert); i++) { extension = X509_get_ext(cert, i); extdata = X509_EXTENSION_get_data(extension); - extname = OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension))); + extname = (char *)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension))); add_assoc_asn1_string(subitem, extname, extdata); } add_assoc_zval(return_value, extensions, subitem); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Oct 9 00:04:10 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - fix possible segfault (see test 004) always exists and returns NULL on error http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.21r2=1.98.2.5.2.22diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.21 php-src/ext/openssl/openssl.c:1.98.2.5.2.22 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.21 Sat Sep 16 12:05:12 2006 +++ php-src/ext/openssl/openssl.c Mon Oct 9 00:04:10 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.21 2006/09/16 12:05:12 nlopess Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.22 2006/10/09 00:04:10 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1890,8 +1890,8 @@ #define TMP_CLEAN \ if (Z_TYPE(tmp) == IS_STRING) {\ zval_dtor(tmp); \ - return NULL; \ - } + } \ + return NULL; if (resourceval) { *resourceval = -1; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
nlopess Sat Sep 16 12:05:12 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: fix mem leak. hash keys dont need to be strdup'ed http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.20r2=1.98.2.5.2.21diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.20 php-src/ext/openssl/openssl.c:1.98.2.5.2.21 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.20 Tue Sep 12 10:53:59 2006 +++ php-src/ext/openssl/openssl.c Sat Sep 16 12:05:12 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.20 2006/09/12 10:53:59 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.21 2006/09/16 12:05:12 nlopess Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1059,7 +1059,7 @@ for (i = 0; i X509_get_ext_count(cert); i++) { extension = X509_get_ext(cert, i); extdata = X509_EXTENSION_get_data(extension); - extname = strdup(OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension; + extname = OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension))); add_assoc_asn1_string(subitem, extname, extdata); } add_assoc_zval(return_value, extensions, subitem); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Tue Sep 12 10:54:00 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: remove a leftover http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.19r2=1.98.2.5.2.20diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.19 php-src/ext/openssl/openssl.c:1.98.2.5.2.20 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.19 Fri Sep 8 20:10:47 2006 +++ php-src/ext/openssl/openssl.c Tue Sep 12 10:53:59 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.19 2006/09/08 20:10:47 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.20 2006/09/12 10:53:59 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1905,7 +1905,7 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, key array must be of the form array(0 = key, 1 = phrase)); return NULL; } - //convert_to_string_ex(zphrase); + if (Z_TYPE_PP(zphrase) == IS_STRING) { passphrase = Z_STRVAL_PP(zphrase); } else { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Thu Sep 7 14:11:06 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: Fixed memory leaks in openssl test #004 http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.17r2=1.98.2.5.2.18diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.17 php-src/ext/openssl/openssl.c:1.98.2.5.2.18 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.17 Tue Sep 5 13:59:25 2006 +++ php-src/ext/openssl/openssl.c Thu Sep 7 14:11:05 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.17 2006/09/05 13:59:25 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.18 2006/09/07 14:11:05 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1780,6 +1780,7 @@ if (we_made_the_key) { /* and a resource for the private key */ + zval_dtor(out_pkey); ZVAL_RESOURCE(out_pkey, zend_list_insert(req.priv_key, le_key)); req.priv_key = NULL; /* make sure the cleanup code doesn't zap it! */ } else if (key_resource != -1) { @@ -1882,7 +1883,16 @@ int free_cert = 0; long cert_res = -1; char * filename = NULL; - + zval tmp; + + Z_TYPE(tmp) = IS_NULL; + +#define TMP_CLEAN \ + if (Z_TYPE(tmp) == IS_STRING) {\ + zval_dtor(tmp); \ + return NULL; \ + } + if (resourceval) { *resourceval = -1; } @@ -1895,13 +1905,19 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, key array must be of the form array(0 = key, 1 = phrase)); return NULL; } - convert_to_string_ex(zphrase); - passphrase = Z_STRVAL_PP(zphrase); + //convert_to_string_ex(zphrase); + if (Z_TYPE_PP(zphrase) == IS_STRING) { + passphrase = Z_STRVAL_PP(zphrase); + } else { + tmp = **zphrase; + zval_copy_ctor(tmp); + passphrase = Z_STRVAL(tmp); + } /* now set val to be the key param and continue */ if (zend_hash_index_find(HASH_OF(*val), 0, (void **)val) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING, key array must be of the form array(0 = key, 1 = phrase)); - return NULL; + TMP_CLEAN; } } @@ -1911,7 +1927,7 @@ what = zend_fetch_resource(val TSRMLS_CC, -1, OpenSSL X.509/key, type, 2, le_x509, le_key); if (!what) { - return NULL; + TMP_CLEAN; } if (resourceval) { *resourceval = Z_LVAL_PP(val); @@ -1928,28 +1944,30 @@ /* check whether it is actually a private key if requested */ if (!public_key !is_priv) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param is a public key); - return NULL; + TMP_CLEAN; } if (public_key is_priv) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Don't know how to get public key from this private key); - return NULL; + TMP_CLEAN; } else { + if (Z_TYPE(tmp) == IS_STRING) { + zval_dtor(tmp); + } /* got the key - return it */ return (EVP_PKEY*)what; } } /* other types could be used here - eg: file pointers and read in the data from them */ - - return NULL; + TMP_CLEAN; } else { /* force it to be a string and check if it refers to a file */ /* passing non string values leaks, object uses toString, it returns NULL * See bug38255.phpt */ if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { - return NULL; + TMP_CLEAN; } convert_to_string_ex(val); @@ -1970,7 +1988,7 @@ in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val));
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Tue Sep 5 13:59:25 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: MFH: init variables http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.16r2=1.98.2.5.2.17diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.16 php-src/ext/openssl/openssl.c:1.98.2.5.2.17 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.16 Sun Sep 3 15:31:00 2006 +++ php-src/ext/openssl/openssl.c Tue Sep 5 13:59:25 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.16 2006/09/03 15:31:00 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.17 2006/09/05 13:59:25 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1339,7 +1339,8 @@ /* apply values from the dn hash */ zend_hash_internal_pointer_reset_ex(HASH_OF(dn), hpos); while(zend_hash_get_current_data_ex(HASH_OF(dn), (void**)item, hpos) == SUCCESS) { - char * strindex; uint strindexlen; + char * strindex = NULL; + uint strindexlen = 0; ulong intindex; zend_hash_get_current_key_ex(HASH_OF(dn), strindex, strindexlen, intindex, 0, hpos); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug28382.phpt bug36732.phpt
pajoye Sun Sep 3 15:31:01 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c /php-src/ext/openssl/tests bug28382.phpt bug36732.phpt Log: - add OPENSSL_VERSION_TEXT and OPENSSL_VERSION_NUMBER constants - skip tests if openssl version 0.9.7j (known to work) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.15r2=1.98.2.5.2.16diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.15 php-src/ext/openssl/openssl.c:1.98.2.5.2.16 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.15 Thu Aug 31 13:48:16 2006 +++ php-src/ext/openssl/openssl.c Sun Sep 3 15:31:00 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.15 2006/08/31 13:48:16 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.16 2006/09/03 15:31:00 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -651,6 +651,9 @@ * openSSL callbacks */ ssl_stream_data_index = SSL_get_ex_new_index(0, PHP stream index, NULL, NULL, NULL); + REGISTER_STRING_CONSTANT(OPENSSL_VERSION_TEXT, OPENSSL_VERSION_TEXT, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_NUMBER, CONST_CS|CONST_PERSISTENT); + /* purposes for cert purpose checking */ REGISTER_LONG_CONSTANT(X509_PURPOSE_SSL_CLIENT, X509_PURPOSE_SSL_CLIENT, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT(X509_PURPOSE_SSL_SERVER, X509_PURPOSE_SSL_SERVER, CONST_CS|CONST_PERSISTENT); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u Index: php-src/ext/openssl/tests/bug28382.phpt diff -u php-src/ext/openssl/tests/bug28382.phpt:1.1.2.2 php-src/ext/openssl/tests/bug28382.phpt:1.1.2.3 --- php-src/ext/openssl/tests/bug28382.phpt:1.1.2.2 Sun Jul 30 17:03:12 2006 +++ php-src/ext/openssl/tests/bug28382.phpt Sun Sep 3 15:31:00 2006 @@ -3,6 +3,7 @@ --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); +if (OPENSSL_VERSION_NUMBER0x009070af) die(skip); ? --FILE-- ?php http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug36732.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u Index: php-src/ext/openssl/tests/bug36732.phpt diff -u php-src/ext/openssl/tests/bug36732.phpt:1.1.2.1 php-src/ext/openssl/tests/bug36732.phpt:1.1.2.2 --- php-src/ext/openssl/tests/bug36732.phpt:1.1.2.1 Mon Jul 31 00:33:41 2006 +++ php-src/ext/openssl/tests/bug36732.phpt Sun Sep 3 15:31:00 2006 @@ -2,7 +2,8 @@ #36732, add support for req_extensions in openss_csr_new and sign --SKIPIF-- ?php -if (!extension_loaded(openssl)) die(skip); +if (!extension_loaded(openssl)) die(skip); +if (OPENSSL_VERSION_NUMBER 0x009070af) die(skip); ? --FILE-- ?php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Thu Aug 31 13:48:16 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: MFH: fix problem with mixed arguments accepted as zval* causing leaks/segfaults when converting to other types http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.14r2=1.98.2.5.2.15diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.14 php-src/ext/openssl/openssl.c:1.98.2.5.2.15 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.14 Wed Aug 30 21:51:06 2006 +++ php-src/ext/openssl/openssl.c Thu Aug 31 13:48:16 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.14 2006/08/30 21:51:06 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.15 2006/08/31 13:48:16 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -807,7 +807,7 @@ } /* force it to be a string and check if it refers to a file */ - convert_to_string(*val); + convert_to_string_ex(val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, sizeof(file://) - 1) == 0) { /* read cert from the named file */ @@ -847,19 +847,19 @@ PHP_FUNCTION(openssl_x509_export_to_file) { X509 * cert; - zval * zcert = NULL; + zval ** zcert; zend_bool notext = 1; BIO * bio_out; long certresource; char * filename; int filename_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rs|b, zcert, filename, filename_len, notext) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zs|b, zcert, filename, filename_len, notext) == FAILURE) { return; } RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, cannot get cert from parameter 1); return; @@ -892,17 +892,17 @@ PHP_FUNCTION(openssl_x509_export) { X509 * cert; - zval * zcert = NULL, *zout=NULL; + zval ** zcert, *zout; zend_bool notext = 1; BIO * bio_out; long certresource; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcert, zout, notext) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zz|b, zcert, zout, notext) == FAILURE) { return; } RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, cannot get cert from parameter 1); return; @@ -933,21 +933,21 @@ Checks if a private key corresponds to a CERT */ PHP_FUNCTION(openssl_x509_check_private_key) { - zval * zcert, *zkey; + zval ** zcert, **zkey; X509 * cert = NULL; EVP_PKEY * key = NULL; long certresource = -1, keyresource = -1; RETVAL_FALSE; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, zcert, zkey) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ZZ, zcert, zkey) == FAILURE) { return; } - cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); if (cert == NULL) { RETURN_FALSE; } - key = php_openssl_evp_from_zval(zkey, 0, , 1, keyresource TSRMLS_CC); + key = php_openssl_evp_from_zval(zkey, 0, , 1, keyresource TSRMLS_CC); if (key) { RETVAL_BOOL(X509_check_private_key(cert, key)); } @@ -965,7 +965,7 @@ Returns an array of the fields/values of the CERT */ PHP_FUNCTION(openssl_x509_parse) { - zval * zcert; + zval ** zcert; X509 * cert = NULL; long certresource = -1; int i; @@ -976,10 +976,10 @@ ASN1_OCTET_STRING *extdata; char *extname; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|b, zcert, useshortnames) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Z|b, zcert, useshortnames) == FAILURE) { return; } - cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC); if (cert == NULL) { RETURN_FALSE; } @@ -1147,7 +1147,7 @@ Checks the CERT to see if it can be used for the purpose in purpose. cainfo holds information about trusted CAs */ PHP_FUNCTION(openssl_x509_checkpurpose) { - zval * zcert, * zcainfo = NULL; + zval ** zcert, *
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 002.phpt
tony2001Wed Aug 30 20:50:03 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests 002.phpt Modified files: /php-src/ext/opensslopenssl.c Log: MFH: fix segfault in openssl_seal(), add test http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.12r2=1.98.2.5.2.13diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.12 php-src/ext/openssl/openssl.c:1.98.2.5.2.13 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.12 Fri Aug 18 13:02:37 2006 +++ php-src/ext/openssl/openssl.c Wed Aug 30 20:50:03 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.12 2006/08/18 13:02:37 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.13 2006/08/30 20:50:03 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -3183,7 +3183,9 @@ pkeys = safe_emalloc(nkeys, sizeof(*pkeys), 0); eksl = safe_emalloc(nkeys, sizeof(*eksl), 0); eks = safe_emalloc(nkeys, sizeof(*eks), 0); + memset(eks, 0, sizeof(*eks) * nkeys); key_resources = safe_emalloc(nkeys, sizeof(long), 0); + memset(key_resources, 0, sizeof(*key_resources) * nkeys); /* get the public keys we are using to seal this data */ zend_hash_internal_pointer_reset_ex(pubkeysht, pos); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/002.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/002.phpt +++ php-src/ext/openssl/tests/002.phpt --TEST-- openssl_seal() tests --SKIPIF-- ?php if (!extension_loaded(openssl)) print skip; ? --FILE-- ?php $a = 1; $b = array(1); $c = array(1); $d = array(1); var_dump(openssl_seal($a, $b, $c, $d)); var_dump(openssl_seal($a, $a, $a, array())); var_dump(openssl_seal($c, $c, $c, 1)); var_dump(openssl_seal($b, $b, $b, )); echo Done\n; ? --EXPECTF-- Warning: openssl_seal(): not a public key (0th member of pubkeys) in %s on line %d bool(false) Warning: openssl_seal(): Fourth argument to openssl_seal() must be a non-empty array in %s on line %d bool(false) Warning: openssl_seal() expects parameter 1 to be string, array given in %s on line %d NULL Warning: openssl_seal() expects parameter 1 to be string, array given in %s on line %d NULL Done --UEXPECTF-- Warning: openssl_seal(): not a public key (0th member of pubkeys) in %s on line %d bool(false) Warning: openssl_seal(): Fourth argument to openssl_seal() must be a non-empty array in %s on line %d bool(false) Warning: openssl_seal() expects parameter 1 to be binary string, array given in %s on line %d NULL Warning: openssl_seal() expects parameter 1 to be binary string, array given in %s on line %d NULL Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 003.phpt
tony2001Wed Aug 30 21:51:07 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests 003.phpt Modified files: /php-src/ext/opensslopenssl.c Log: fix segfault/leak, add test http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.13r2=1.98.2.5.2.14diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.13 php-src/ext/openssl/openssl.c:1.98.2.5.2.14 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.13 Wed Aug 30 20:50:03 2006 +++ php-src/ext/openssl/openssl.c Wed Aug 30 21:51:06 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.13 2006/08/30 20:50:03 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.14 2006/08/30 21:51:06 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -807,7 +807,7 @@ } /* force it to be a string and check if it refers to a file */ - convert_to_string_ex(val); + convert_to_string(*val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, sizeof(file://) - 1) == 0) { /* read cert from the named file */ http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/003.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/003.phpt +++ php-src/ext/openssl/tests/003.phpt --TEST-- openssl_pkcs7_decrypt() and invalid parameters --SKIPIF-- ?php if (!extension_loaded(openssl)) print skip; ? --FILE-- ?php function myErrorHandler($errno, $errstr, $errfile, $errline) { var_dump($errstr); } set_error_handler(myErrorHandler); $a = 1; $b = 1; $c = new stdclass; $d = new stdclass; var_dump(openssl_pkcs7_decrypt($a, $b, $c, $d)); var_dump($c); var_dump(openssl_pkcs7_decrypt($b, $b, $b, $b)); var_dump(openssl_pkcs7_decrypt($a, $b, , )); var_dump(openssl_pkcs7_decrypt($a, $b, true, false)); var_dump(openssl_pkcs7_decrypt($a, $b, 0, 0)); echo Done\n; ? --EXPECTF-- string(57) Object of class stdClass could not be converted to string string(45) Object of class stdClass to string conversion string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) string(6) Object string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) Done --UEXPECTF-- unicode(64) Object of class stdClass could not be converted to binary string unicode(45) Object of class stdClass to string conversion unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) string(6) Object unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert bool(false) Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Fri Aug 18 13:02:37 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: fix #38486 (openssl extension does not build correctly) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.11r2=1.98.2.5.2.12diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.11 php-src/ext/openssl/openssl.c:1.98.2.5.2.12 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.11 Tue Aug 15 20:27:20 2006 +++ php-src/ext/openssl/openssl.c Fri Aug 18 13:02:37 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.11 2006/08/15 20:27:20 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.12 2006/08/18 13:02:37 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -70,7 +70,9 @@ OPENSSL_KEYTYPE_DSA, OPENSSL_KEYTYPE_DH, OPENSSL_KEYTYPE_DEFAULT = OPENSSL_KEYTYPE_RSA, +#ifdef EVP_PKEY_EC OPENSSL_KEYTYPE_EC = OPENSSL_KEYTYPE_DH +1 +#endif }; enum php_openssl_cipher_type { @@ -695,7 +697,9 @@ REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DSA, OPENSSL_KEYTYPE_DSA, CONST_CS|CONST_PERSISTENT); #endif REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DH, OPENSSL_KEYTYPE_DH, CONST_CS|CONST_PERSISTENT); +#ifdef EVP_PKEY_EC REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_EC, OPENSSL_KEYTYPE_EC, CONST_CS|CONST_PERSISTENT); +#endif /* Determine default SSL configuration file */ config_filename = getenv(OPENSSL_CONF); @@ -2327,9 +2331,11 @@ case EVP_PKEY_DH: ktype = OPENSSL_KEYTYPE_DH; break; +#ifdef EVP_PKEY_EC case EVP_PKEY_EC: ktype = OPENSSL_KEYTYPE_EC; break; +#endif default: ktype = -1; break; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sun Jul 30 09:18:07 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - silent compiler warnings (signess) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.4r2=1.98.2.5.2.5diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.4 php-src/ext/openssl/openssl.c:1.98.2.5.2.5 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.4 Sat Jul 29 23:03:55 2006 +++ php-src/ext/openssl/openssl.c Sun Jul 30 09:18:06 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.5 2006/07/30 09:18:06 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -268,7 +268,7 @@ obj_cnt++; ne = X509_NAME_get_entry(name, j); str = X509_NAME_ENTRY_get_data(ne); - add_next_index_stringl(subentries, str-data, str-length, 1); + add_next_index_stringl(subentries, (char *)str-data, str-length, 1); } last = j; } @@ -280,7 +280,7 @@ zval_dtor(subentries); FREE_ZVAL(subentries); if (obj_cnt) { - add_assoc_stringl(subitem, sname, str-data, str-length, 1); + add_assoc_stringl(subitem, sname, (char *)str-data, str-length, 1); } } } @@ -290,7 +290,7 @@ static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) /* {{{ */ { - add_assoc_stringl(val, key, str-data, str-length, 1); + add_assoc_stringl(val, key, (char *)str-data, str-length, 1); } /* }}} */ @@ -314,7 +314,7 @@ return (time_t)-1; } - strbuf = estrdup(timestr-data); + strbuf = estrdup((char *)timestr-data); memset(thetime, 0, sizeof(thetime)); @@ -982,7 +982,7 @@ add_assoc_long(return_value, validFrom_time_t, asn1_time_to_time_t(X509_get_notBefore(cert) TSRMLS_CC)); add_assoc_long(return_value, validTo_time_t, asn1_time_to_time_t(X509_get_notAfter(cert) TSRMLS_CC)); - tmpstr = X509_alias_get0(cert, NULL); + tmpstr = (char *)X509_alias_get0(cert, NULL); if (tmpstr) { add_assoc_string(return_value, alias, tmpstr, 1); } @@ -1298,8 +1298,8 @@ /* apply values from the dn hash */ zend_hash_internal_pointer_reset_ex(HASH_OF(dn), hpos); while(zend_hash_get_current_data_ex(HASH_OF(dn), (void**)item, hpos) == SUCCESS) { - char * strindex; int strindexlen; - long intindex; + char * strindex; uint strindexlen; + ulong intindex; zend_hash_get_current_key_ex(HASH_OF(dn), strindex, strindexlen, intindex, 0, hpos); @@ -1372,8 +1372,8 @@ if (attribs) { zend_hash_internal_pointer_reset_ex(HASH_OF(attribs), hpos); while(zend_hash_get_current_data_ex(HASH_OF(attribs), (void**)item, hpos) == SUCCESS) { - char * strindex; int strindexlen; - long intindex; + char * strindex; uint strindexlen; + ulong intindex; zend_hash_get_current_key_ex(HASH_OF(attribs), strindex, strindexlen, intindex, 0, hpos); convert_to_string_ex(item); @@ -2065,7 +2065,7 @@ } else { cipher = NULL; } - if (PEM_write_bio_PrivateKey(bio_out, key, cipher, passphrase, passphrase_len, NULL, NULL)) { + if (PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL)) { /* Success! * If returning the output as a string, do so now */ RETVAL_TRUE; @@ -2116,7 +2116,7 @@ } else { cipher = NULL; } - if (PEM_write_bio_PrivateKey(bio_out, key, cipher, passphrase, passphrase_len, NULL, NULL)) { + if (PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL)) { /* Success! * If returning the output as a string, do so now */ @@ -2676,7 +2676,7 @@ case EVP_PKEY_RSA: case EVP_PKEY_RSA2: successful =
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug28382.phpt bug28382cert.txt
pajoye Sun Jul 30 17:03:12 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug28382cert.txt bug28382.phpt Modified files: /php-src/ext/opensslopenssl.c Log: - #28382, add support for x509 extensions http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.6r2=1.98.2.5.2.7diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.6 php-src/ext/openssl/openssl.c:1.98.2.5.2.7 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.6 Sun Jul 30 16:26:19 2006 +++ php-src/ext/openssl/openssl.c Sun Jul 30 17:03:12 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.6 2006/07/30 16:26:19 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.7 2006/07/30 17:03:12 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -954,6 +954,9 @@ zend_bool useshortnames = 1; char * tmpstr; zval * subitem; + X509_EXTENSION *extension; + ASN1_OCTET_STRING *extdata; + char *extname; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|b, zcert, useshortnames) == FAILURE) { return; @@ -1028,6 +1031,18 @@ } add_assoc_zval(return_value, purposes, subitem); + MAKE_STD_ZVAL(subitem); + array_init(subitem); + + + for (i = 0; i X509_get_ext_count(cert); i++) { + extension = X509_get_ext(cert, i); + extdata = X509_EXTENSION_get_data(extension); + extname = strdup(OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension; + add_assoc_asn1_string(subitem, extname, extdata); + } + add_assoc_zval(return_value, extensions, subitem); + if (certresource == -1 cert) { X509_free(cert); } http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382cert.txt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug28382cert.txt +++ php-src/ext/openssl/tests/bug28382cert.txt -BEGIN CERTIFICATE- MIIEoDCCBAmgAwIBAgIBJzANBgkqhkiG9w0BAQQFADCBkDELMAkGA1UEBhMCUk8x EDAOBgNVBAgTB1JvbWFuaWExEDAOBgNVBAcTB0NyYWlvdmExDzANBgNVBAoTBlNl cmdpdTETMBEGA1UECxMKU2VyZ2l1IFNSTDESMBAGA1UEAxMJU2VyZ2l1IENBMSMw IQYJKoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTAeFw0wNDA1MTQxMzM0 NTZaFw0wNTA1MTQxMzM0NTZaMIGaMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9t YW5pYTEQMA4GA1UEBxMHQ3JhaW92YTETMBEGA1UEChMKU2VyZ2l1IFNSTDETMBEG A1UECxMKU2VyZ2l1IFNSTDEYMBYGA1UEAxMPU2VyZ2l1IHBlcnNvbmFsMSMwIQYJ KoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEApNj7XXz8T8FcLIWpBniPYom3QcT6T7u0xRPHqtqzj5oboBYp DJe5d354/y0gJTpiLt8+fTrPgWXnbHm3pOHgXzTcX6Arani0GDU0/xDi4VkCRGcS YqX2sJpcDzAbmK9UDMt3xf/O1B8AJan3RfO0Bm3ozTEPziLMkmsiYr5b/L8CAwEA AaOCAfwwggH4MAkGA1UdEwQCMAAwNQYJYIZIAYb4QgENBCgWJkZvciBHcmlkIHVz ZSBvbmx5OyByZXF1ZXN0IHRhZyB1c2VyVGFnMBEGCWCGSAGG+EIBAQQEAwIF4DA/ BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vbW9iaWxlLmJsdWUtc29mdHdhcmUucm86 OTAvY2EvY3JsLnNodG1sMDUGCWCGSAGG+EIBCAQoFiZodHRwOi8vbW9iaWxlLmJs dWUtc29mdHdhcmUucm86OTAvcHViLzAhBgNVHREEGjAYgRZzZXJnaXVAYmx1ZXNv ZnR3YXJlLnJvMB0GA1UdDgQWBBSwp//5QRXeIzm93TEPl6CyonTg/DCBpwYDVR0j BIGfMIGcoYGWpIGTMIGQMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9tYW5pYTEQ MA4GA1UEBxMHQ3JhaW92YTEPMA0GA1UEChMGU2VyZ2l1MRMwEQYDVQQLEwpTZXJn aXUgU1JMMRIwEAYDVQQDEwlTZXJnaXUgQ0ExIzAhBgkqhkiG9w0BCQEWFG5fc2Vy Z2l1QGhvdG1haWwuY29tggEAMAsGA1UdDwQEAwIE8DAjBglghkgBhvhCAQIEFhYU aHR0cDovLzYyLjIzMS45OC41Mi8wCwYDKgMEBAQ+52I0MA0GCSqGSIb3DQEBBAUA A4GBAIBIOJ+iiLyQfNJEY+IMefayQea0nmuXYY+F+L1DFjSC7xChytgYoPNnKkhh 3dWPtxbswiqKYUnGi6y3Hi4UhDsOaDW29t2S305hSc2qgjOiNtRYQIVYQ8EHG1k7 Fl63S7uCOhnVJt+4MnUK1N6/pwgsp+Z2GvEsDG1qCKnvNpf6 -END CERTIFICATE- http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug28382.phpt +++ php-src/ext/openssl/tests/bug28382.phpt --TEST-- #28382, openssl_x509_parse extensions support --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); ? --FILE-- ?php $cert = file_get_contents(dirname(__FILE__) . /bug28382cert.txt, rb); $ext = openssl_x509_parse($cert); var_dump($ext['extensions']); ? --EXPECTF-- array(11) { [basicConstraints]= string(2) %s [nsComment]= string(40) %s [nsCertType]= string(4) %s [crlDistributionPoints]= string(56) %s [nsCaPolicyUrl]= string(40) %s [subjectAltName]= string(26) %s [subjectKeyIdentifier]= string(22) %s [authorityKeyIdentifier]= string(159) %s [keyUsage]= string(4) %s [nsBaseUrl]= string(22) %s [UNDEF]= string(4) %s } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug36732.phpt
pajoye Mon Jul 31 00:33:41 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug36732.phpt Modified files: /php-src/ext/opensslopenssl.c Log: - #36732, add req_extensions support to openssl_csr_new and _sign (ben at psc dot edu) - fix leaks in openssl_csr_new and sign http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.7r2=1.98.2.5.2.8diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.7 php-src/ext/openssl/openssl.c:1.98.2.5.2.8 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.7 Sun Jul 30 17:03:12 2006 +++ php-src/ext/openssl/openssl.c Mon Jul 31 00:33:41 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.7 2006/07/30 17:03:12 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.8 2006/07/31 00:33:41 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -468,8 +468,8 @@ CONF_get_string(req-req_config, req-section_name, default_md)); SET_OPTIONAL_STRING_ARG(x509_extensions, req-extensions_section, CONF_get_string(req-req_config, req-section_name, x509_extensions)); - SET_OPTIONAL_STRING_ARG(req_extensions, req-extensions_section, - CONF_get_string(req-req_config, req-request_extensions_section, req_extensions)); + SET_OPTIONAL_STRING_ARG(req_extensions, req-request_extensions_section, + CONF_get_string(req-req_config, req-section_name, req_extensions)); SET_OPTIONAL_LONG_ARG(private_key_bits, req-priv_key_bits, CONF_get_number(req-req_config, req-section_name, default_bits)); @@ -509,9 +509,6 @@ return FAILURE; } - if (req-request_extensions_section == NULL) { - req-request_extensions_section = CONF_get_string(req-req_config, req-section_name, req_extensions); - } PHP_SSL_CONFIG_SYNTAX_CHECK(request_extensions_section); return SUCCESS; @@ -879,8 +876,6 @@ zend_bool notext = 1; BIO * bio_out; long certresource; - char * bio_mem_ptr; - long bio_mem_len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcert, zout, notext) == FAILURE) { return; @@ -897,12 +892,15 @@ if (!notext) { X509_print(bio_out, cert); } - PEM_write_bio_X509(bio_out, cert); + if (PEM_write_bio_X509(bio_out, cert)) { + BUF_MEM *bio_buf; - bio_mem_len = BIO_get_mem_data(bio_out, bio_mem_ptr); - ZVAL_STRINGL(zout, bio_mem_ptr, bio_mem_len, 1); + zval_dtor(zout); + BIO_get_mem_ptr(bio_out, bio_buf); + ZVAL_STRINGL(zout, bio_buf-data, bio_buf-length, 1); - RETVAL_TRUE; + RETVAL_TRUE; + } if (certresource == -1 cert) { X509_free(cert); @@ -1531,9 +1529,8 @@ zval * zcsr = NULL, *zout=NULL; zend_bool notext = 1; BIO * bio_out; + long csr_resource; - char * bio_mem_ptr; - long bio_mem_len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcsr, zout, notext) == FAILURE) { return; @@ -1552,12 +1549,16 @@ if (!notext) { X509_REQ_print(bio_out, csr); } - PEM_write_bio_X509_REQ(bio_out, csr); - bio_mem_len = BIO_get_mem_data(bio_out, bio_mem_ptr); - ZVAL_STRINGL(zout, bio_mem_ptr, bio_mem_len, 1); + if (PEM_write_bio_X509_REQ(bio_out, csr)) { + BUF_MEM *bio_buf; - RETVAL_TRUE; + BIO_get_mem_ptr(bio_out, bio_buf); + zval_dtor(zout); + ZVAL_STRINGL(zout, bio_buf-data, bio_buf-length, 1); + + RETVAL_TRUE; + } if (csr_resource == -1 csr) { X509_REQ_free(csr); @@ -1655,12 +1656,12 @@ if (!i) { goto cleanup; } - if (req.request_extensions_section) { + if (req.extensions_section) { X509V3_CTX ctx; X509V3_set_ctx(ctx, cert, new_cert, csr, NULL, 0); X509V3_set_conf_lhash(ctx, req.req_config); - if (!X509V3_EXT_add_conf(req.req_config, ctx, req.request_extensions_section, new_cert)) { + if (!X509V3_EXT_add_conf(req.req_config, ctx, req.extensions_section, new_cert)) { goto cleanup; } } http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug36732.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/bug36732.phpt +++ php-src/ext/openssl/tests/bug36732.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Mon Jul 31 03:41:20 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: Fixed compiler warning. http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.8r2=1.98.2.5.2.9diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.8 php-src/ext/openssl/openssl.c:1.98.2.5.2.9 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.8 Mon Jul 31 00:33:41 2006 +++ php-src/ext/openssl/openssl.c Mon Jul 31 03:41:19 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.8 2006/07/31 00:33:41 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.9 2006/07/31 03:41:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -238,7 +238,7 @@ char *sname; int nid; X509_NAME_ENTRY * ne; - ASN1_STRING * str; + ASN1_STRING * str = NULL; ASN1_OBJECT * obj; MAKE_STD_ZVAL(subitem); @@ -279,7 +279,7 @@ } else { zval_dtor(subentries); FREE_ZVAL(subentries); - if (obj_cnt) { + if (obj_cnt str) { add_assoc_stringl(subitem, sname, (char *)str-data, str-length, 1); } } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:33 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #38255, fails on array as well http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.1r2=1.98.2.5.2.2diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.1 php-src/ext/openssl/openssl.c:1.98.2.5.2.2 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.1 Sat Jul 29 22:10:49 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:33 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1836,7 +1836,8 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL + || Z_TYPE_PP(val) == IS_ARRAY) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:55 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - MFH: make the test more obvious and add an explanation http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.3r2=1.98.2.5.2.4diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.3 php-src/ext/openssl/openssl.c:1.98.2.5.2.4 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.3 Sat Jul 29 22:52:48 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:55 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1847,8 +1847,10 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ - if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL - || Z_TYPE_PP(val) == IS_ARRAY) { + /* passing non string values leaks, object uses toString, it returns NULL +* See bug38255.phpt +*/ + if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { return NULL; } convert_to_string_ex(val); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:10:49 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - fix leak when the key is not a valid key (like false or an array) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5r2=1.98.2.5.2.1diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5 php-src/ext/openssl/openssl.c:1.98.2.5.2.1 --- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -577,6 +577,30 @@ } return SUCCESS; } + +static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */ + EVP_MD *mdtype; + + switch (algo) { + case OPENSSL_ALGO_SHA1: + mdtype = (EVP_MD *) EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = (EVP_MD *) EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = (EVP_MD *) EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = (EVP_MD *) EVP_md2(); + break; + default: + return NULL; + break; + } + return mdtype; +} +/* }}} */ /* }}} */ /* {{{ PHP_MINIT_FUNCTION @@ -1812,6 +1836,9 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + return NULL; + } convert_to_string_ex(val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, sizeof(file://) - 1) == 0) { @@ -2872,7 +2899,7 @@ } /* }}} */ -/* {{{ proto bool openssl_sign(string data, string signature, mixed key) +/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int signature_alg]) Signs data */ PHP_FUNCTION(openssl_sign) { @@ -2896,23 +2923,10 @@ RETURN_FALSE; } - switch (signature_algo) { - case OPENSSL_ALGO_SHA1: - mdtype = (EVP_MD *) EVP_sha1(); - break; - case OPENSSL_ALGO_MD5: - mdtype = (EVP_MD *) EVP_md5(); - break; - case OPENSSL_ALGO_MD4: - mdtype = (EVP_MD *) EVP_md4(); - break; - case OPENSSL_ALGO_MD2: - mdtype = (EVP_MD *) EVP_md2(); - break; - default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); - RETURN_FALSE; - break; + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; } siglen = EVP_PKEY_size(pkey); @@ -2943,21 +2957,29 @@ EVP_PKEY *pkey; int err; EVP_MD_CTX md_ctx; + EVP_MD *mdtype; long keyresource = -1; char * data;int data_len; char * signature; int signature_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data, data_len, signature, signature_len, key) == FAILURE) { + long signature_algo = OPENSSL_ALGO_SHA1; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data, data_len, signature, signature_len, key, signature_algo) == FAILURE) { return; } - + + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature algorithm.); + RETURN_FALSE; + } + pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param cannot be coerced into a public key); RETURN_FALSE; } - EVP_VerifyInit (md_ctx, EVP_sha1()); + EVP_VerifyInit (md_ctx, mdtype); EVP_VerifyUpdate (md_ctx, data, data_len); err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:52:48 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - vi happiness++ http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.2r2=1.98.2.5.2.3diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.2 php-src/ext/openssl/openssl.c:1.98.2.5.2.3 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.2 Sat Jul 29 22:39:33 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:52:48 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -156,10 +156,11 @@ static int le_csr; static int ssl_stream_data_index; -int php_openssl_get_x509_list_id(void) +int php_openssl_get_x509_list_id(void) /* {{{ */ { return le_x509; } +/* }}} */ /* {{{ resource destructors */ static void php_pkey_free(zend_rsrc_list_entry *rsrc TSRMLS_DC) @@ -202,7 +203,7 @@ /* true global; readonly after module startup */ static char default_ssl_conf_filename[MAXPATHLEN]; -struct php_x509_request { +struct php_x509_request { /* {{{ */ LHASH * global_config; /* Global SSL config */ LHASH * req_config; /* SSL config for this request */ const EVP_MD * md_alg; @@ -219,7 +220,7 @@ EVP_PKEY * priv_key; }; - +/* }}} */ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * resourceval TSRMLS_DC); static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * passphrase, int makeresource, long * resourceval TSRMLS_DC); @@ -230,7 +231,7 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req TSRMLS_DC); -static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) +static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) /* {{{ */ { zval *subitem, *subentries; int i, j = -1, last = -1, obj_cnt = 0; @@ -285,13 +286,15 @@ } zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void *)subitem, sizeof(subitem), NULL); } +/* }}} */ -static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) +static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) /* {{{ */ { add_assoc_stringl(val, key, str-data, str-length, 1); } +/* }}} */ -static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) +static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */ { /* This is how the time string is formatted: @@ -359,12 +362,14 @@ return ret; } +/* }}} */ static inline int php_openssl_config_check_syntax( const char * section_label, const char * config_filename, const char * section, - LHASH * config TSRMLS_DC) + LHASH * config TSRMLS_DC + ) /* {{{ */ { X509V3_CTX ctx; @@ -379,8 +384,9 @@ } return SUCCESS; } +/* }}} */ -static int add_oid_section(struct php_x509_request * req TSRMLS_DC) +static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */ { char * str; STACK_OF(CONF_VALUE) * sktmp; @@ -405,6 +411,7 @@ } return SUCCESS; } +/* }}} */ #define PHP_SSL_REQ_INIT(req) memset(req, 0, sizeof(*req)) #define PHP_SSL_REQ_DISPOSE(req) php_openssl_dispose_config(req TSRMLS_CC) @@ -431,7 +438,7 @@ struct php_x509_request * req, zval * optional_args TSRMLS_DC - ) + ) /* {{{ */ { char * str; zval ** item; @@ -509,8 +516,9 @@ return SUCCESS; } +/* }}} */ -static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC) +static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC) /* {{{ */ { if (req-priv_key) { EVP_PKEY_free(req-priv_key); @@ -525,8 +533,9 @@ req-req_config = NULL; } } +/* }}} */ -static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *seeded) +static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *seeded) /* {{{ */ { char buffer[MAXPATHLEN]; @@ -556,8 +565,9 @@ *seeded = 1; return SUCCESS; } +/* }}} */ -static int php_openssl_write_rand_file(const char * file, int egdsocket, int seeded) +static int php_openssl_write_rand_file(const char * file, int egdsocket, int seeded) /* {{{ */ { char buffer[MAXPATHLEN]; @@ -577,6 +587,7 @@ } return SUCCESS; } +/* }}} */ static EVP_MD * php_openssl_get_evp_md_from_algo(long algo)