[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Tue Jul 7 15:14:03 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- MF53: #48116, fix build with openssl 1.0
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.53r2=1.98.2.5.2.54diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.53
php-src/ext/openssl/openssl.c:1.98.2.5.2.54
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.53 Mon Apr 20 10:00:41 2009
+++ php-src/ext/openssl/openssl.c Tue Jul 7 15:14:03 2009
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.53 2009/04/20 10:00:41 mkoppanen Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.54 2009/07/07 15:14:03 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -227,8 +227,13 @@
static char default_ssl_conf_filename[MAXPATHLEN];
struct php_x509_request { /* {{{ */
- LHASH * global_config; /* Global SSL config */
- LHASH * req_config; /* SSL config for this request */
+#if OPENSSL_VERSION_NUMBER = 0x1002L
+ LHASH_OF(CONF_VALUE) * global_config; /* Global SSL config */
+ LHASH_OF(CONF_VALUE) * req_config; /* SSL config for this
request */
+#else
+ LHASH * global_config; /* Global SSL config */
+ LHASH * req_config; /* SSL config for this request */
+#endif
const EVP_MD * md_alg;
const EVP_MD * digest;
char* section_name,
@@ -406,12 +411,11 @@
}
/* }}} */
-static inline int php_openssl_config_check_syntax(
- const char * section_label,
- const char * config_filename,
- const char * section,
- LHASH * config TSRMLS_DC
- ) /* {{{ */
+#if OPENSSL_VERSION_NUMBER = 0x1002L
+static inline int php_openssl_config_check_syntax(const char * section_label,
const char * config_filename, const char * section, LHASH_OF(CONF_VALUE) *
config TSRMLS_DC) /* {{{ */
+#else
+static inline int php_openssl_config_check_syntax(const char * section_label,
const char * config_filename, const char * section, LHASH * config TSRMLS_DC)
/* {{{ */
+#endif
{
X509V3_CTX ctx;
@@ -866,7 +870,7 @@
if (in == NULL) {
return NULL;
}
- cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509,
PEM_STRING_X509, in, NULL, NULL, NULL);
+ cert = (X509 *) PEM_ASN1_read_bio((d2i_of_void *)d2i_X509,
PEM_STRING_X509, in, NULL, NULL, NULL);
BIO_free(in);
}
@@ -2479,8 +2483,7 @@
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
assert(pkey-pkey.rsa != NULL);
-
- if (NULL == pkey-pkey.rsa-p || NULL ==
pkey-pkey.rsa-q) {
+ if (pkey-pkey.rsa != NULL (NULL ==
pkey-pkey.rsa-p || NULL == pkey-pkey.rsa-q)) {
return 0;
}
break;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
mkoppanen Mon Apr 20 10:00:41 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
MFH: Closes #47991 SSL streams fail if error stack contains items
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.52r2=1.98.2.5.2.53diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.52
php-src/ext/openssl/openssl.c:1.98.2.5.2.53
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.52 Sun Mar 29 23:33:01 2009
+++ php-src/ext/openssl/openssl.c Mon Apr 20 10:00:41 2009
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.52 2009/03/29 23:33:01 scottmac Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.53 2009/04/20 10:00:41 mkoppanen Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -3894,6 +3894,7 @@
char *cipherlist = NULL;
int ok = 1;
+ ERR_clear_error();
/* look at context options in the stream and set appropriate
verification flags */
if (GET_VER_OPT(verify_peer) zval_is_true(*val)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
scottmacSun Mar 29 23:33:01 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
MFH Fix bug #47828 - Converting to UTF-8 can sometimes fail, check error
codes and avoid segfault.
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.51r2=1.98.2.5.2.52diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.51
php-src/ext/openssl/openssl.c:1.98.2.5.2.52
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.51 Wed Dec 31 11:17:41 2008
+++ php-src/ext/openssl/openssl.c Sun Mar 29 23:33:01 2009
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.51 2008/12/31 11:17:41 sebastian Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.52 2009/03/29 23:33:01 scottmac Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -301,7 +301,9 @@
str = X509_NAME_ENTRY_get_data(ne);
if (ASN1_STRING_type(str) != V_ASN1_UTF8STRING)
{
to_add_len =
ASN1_STRING_to_UTF8(to_add, str);
- add_next_index_stringl(subentries,
(char *)to_add, to_add_len, 1);
+ if (to_add_len != -1) {
+
add_next_index_stringl(subentries, (char *)to_add, to_add_len, 1);
+ }
} else {
to_add = ASN1_STRING_data(str);
to_add_len = ASN1_STRING_length(str);
@@ -317,7 +319,7 @@
} else {
zval_dtor(subentries);
FREE_ZVAL(subentries);
- if (obj_cnt str) {
+ if (obj_cnt str to_add_len -1) {
add_assoc_stringl(subitem, sname, (char
*)to_add, to_add_len, 1);
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sun Nov 30 21:39:58 2008 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- #44900, OpenSSL extension fails to link with OpenSSL 0.9.6 (5.2 only, 5.3+
requires a decent version)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.49r2=1.98.2.5.2.50diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.49
php-src/ext/openssl/openssl.c:1.98.2.5.2.50
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.49 Tue Nov 18 02:02:19 2008
+++ php-src/ext/openssl/openssl.c Sun Nov 30 21:39:57 2008
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.49 2008/11/18 02:02:19 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.50 2008/11/30 21:39:57 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -3535,7 +3535,9 @@
efree(sigbuf);
RETVAL_FALSE;
}
+#if OPENSSL_VERSION_NUMBER = 0x0090700fL
EVP_MD_CTX_cleanup(md_ctx);
+#endif
if (keyresource == -1) {
EVP_PKEY_free(pkey);
}
@@ -3575,7 +3577,9 @@
EVP_VerifyInit (md_ctx, mdtype);
EVP_VerifyUpdate (md_ctx, data, data_len);
err = EVP_VerifyFinal (md_ctx, (unsigned char *)signature,
signature_len, pkey);
+#if OPENSSL_VERSION_NUMBER = 0x0090700fL
EVP_MD_CTX_cleanup(md_ctx);
+#endif
if (keyresource == -1) {
EVP_PKEY_free(pkey);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem
Hello Pierre-Alain,
2nd try
Tuesday, November 18, 2008, 3:02:19 AM, you wrote:
pajoye Tue Nov 18 02:02:19 2008 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests bug41033.pem bug41033.phpt
bug41033pub.pem
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- MFH: #41033, enable signing with DSA keys
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.48r2=1.98.2.5.2.49diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.48
php-src/ext/openssl/openssl.c:1.98.2.5.2.49
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.48 Sun Oct 26 14:35:59 2008
+++ php-src/ext/openssl/openssl.c Tue Nov 18 02:02:19 2008
@@ -1224,7 +1229,15 @@
if (cert == NULL) {
goto clean_exit;
}
- RETVAL_LONG(check_cert(cainfo, cert, untrustedchain, purpose));
+
+ ret = check_cert(cainfo, cert, untrustedchain, purpose);
+
+if (ret != 0 ret != 1) {
+RETVAL_LONG(ret);
+} else {
+RETVAL_BOOL(ret);
Why not simply: RETVAL_BOOL(ret != 0 and ret != 1);
Best regards,
Marcus
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug41033.pem bug41033.phpt bug41033pub.pem
pajoye Tue Nov 18 02:02:19 2008 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests bug41033.pem bug41033.phpt
bug41033pub.pem
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- MFH: #41033, enable signing with DSA keys
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.48r2=1.98.2.5.2.49diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.48
php-src/ext/openssl/openssl.c:1.98.2.5.2.49
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.48 Sun Oct 26 14:35:59 2008
+++ php-src/ext/openssl/openssl.c Tue Nov 18 02:02:19 2008
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.48 2008/10/26 14:35:59 iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.49 2008/11/18 02:02:19 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -56,6 +56,7 @@
#define OPENSSL_ALGO_MD5 2
#define OPENSSL_ALGO_MD4 3
#define OPENSSL_ALGO_MD2 4
+#define OPENSSL_ALGO_DSS1 5
#define DEBUG_SMIME0
@@ -641,6 +642,9 @@
case OPENSSL_ALGO_MD2:
mdtype = (EVP_MD *) EVP_md2();
break;
+ case OPENSSL_ALGO_DSS1:
+ mdtype = (EVP_MD *) EVP_dss1();
+ break;
default:
return NULL;
break;
@@ -692,6 +696,7 @@
REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD5, OPENSSL_ALGO_MD5,
CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD4, OPENSSL_ALGO_MD4,
CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD2, OPENSSL_ALGO_MD2,
CONST_CS|CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(OPENSSL_ALGO_DSS1, OPENSSL_ALGO_DSS1,
CONST_CS|CONST_PERSISTENT);
/* flags for S/MIME */
REGISTER_LONG_CONSTANT(PKCS7_DETACHED, PKCS7_DETACHED,
CONST_CS|CONST_PERSISTENT);
@@ -1200,7 +1205,7 @@
STACK_OF(X509) * untrustedchain = NULL;
long purpose;
char * untrusted = NULL;
- int untrusted_len;
+ int untrusted_len, ret;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zl|a!s, zcert,
purpose, zcainfo, untrusted, untrusted_len)
== FAILURE) {
@@ -1224,7 +1229,15 @@
if (cert == NULL) {
goto clean_exit;
}
- RETVAL_LONG(check_cert(cainfo, cert, untrustedchain, purpose));
+
+ ret = check_cert(cainfo, cert, untrustedchain, purpose);
+
+if (ret != 0 ret != 1) {
+RETVAL_LONG(ret);
+} else {
+RETVAL_BOOL(ret);
+}
+
clean_exit:
if (certresource == 1 cert) {
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033.pem?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug41033.pem
+++ php-src/ext/openssl/tests/bug41033.pem
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug41033.phpt
+++ php-src/ext/openssl/tests/bug41033.phpt
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41033pub.pem?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug41033pub.pem
+++ php-src/ext/openssl/tests/bug41033pub.pem
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Mon Apr 7 10:44:03 2008 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: initialize variable http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.44r2=1.98.2.5.2.45diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.44 php-src/ext/openssl/openssl.c:1.98.2.5.2.45 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.44 Tue Jan 15 15:13:37 2008 +++ php-src/ext/openssl/openssl.c Mon Apr 7 10:44:03 2008 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.44 2008/01/15 15:13:37 rrichards Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.45 2008/04/07 10:44:03 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1962,7 +1962,7 @@ X509 * cert = NULL, *new_cert = NULL; X509_REQ * csr; EVP_PKEY * key = NULL, *priv_key = NULL; - long csr_resource, certresource, keyresource; + long csr_resource, certresource = 0, keyresource; int i; struct php_x509_request req; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Wed Aug 8 06:29:47 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- fix regression introduced with #4 (thx to tony and mattias for the
head up)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.40r2=1.98.2.5.2.41diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.40
php-src/ext/openssl/openssl.c:1.98.2.5.2.41
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.40 Mon Aug 6 19:49:45 2007
+++ php-src/ext/openssl/openssl.c Wed Aug 8 06:29:46 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.40 2007/08/06 19:49:45 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.41 2007/08/08 06:29:46 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1726,7 +1726,7 @@
/* Finally apply defaults from config file */
for(i = 0; i sk_CONF_VALUE_num(dn_sk); i++) {
int len;
- char buffer[200];
+ char buffer[200 + 1]; /*200 + \0 !*/
v = sk_CONF_VALUE_value(dn_sk, i);
type = v-name;
@@ -1743,7 +1743,7 @@
len = 200;
}
memcpy(buffer, type, len);
- buffer[len - 1] = '\0';
+ buffer[len] = '\0';
type = buffer;
/* Skip past any leading X. X: X, etc to allow for
multiple
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Aug 6 19:11:20 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- #4, truncate the _default to the buffer size (was 200 since day #1, we
don't need dynamic alloc here)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.38r2=1.98.2.5.2.39diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.38
php-src/ext/openssl/openssl.c:1.98.2.5.2.39
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.38 Wed Jul 11 12:18:14 2007
+++ php-src/ext/openssl/openssl.c Mon Aug 6 19:11:20 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.38 2007/07/11 12:18:14 dmitry Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.39 2007/08/06 19:11:20 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1739,7 +1739,9 @@
if (strcmp(_default, type + len) != 0) {
continue;
}
-
+ if (len 200) {
+ len = 200;
+ }
memcpy(buffer, type, len);
buffer[len] = '\0';
type = buffer;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Aug 6 19:49:45 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c Log: - #4, forgot this one (thanks mattias) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.39r2=1.98.2.5.2.40diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.39 php-src/ext/openssl/openssl.c:1.98.2.5.2.40 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.39 Mon Aug 6 19:11:20 2007 +++ php-src/ext/openssl/openssl.c Mon Aug 6 19:49:45 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.39 2007/08/06 19:11:20 pajoye Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.40 2007/08/06 19:49:45 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1743,7 +1743,7 @@ len = 200; } memcpy(buffer, type, len); - buffer[len] = '\0'; + buffer[len - 1] = '\0'; type = buffer; /* Skip past any leading X. X: X, etc to allow for multiple -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
I don't think it is imprtant fix.
Nobody uses non-sting pasphrases. :)
I found this bug in PHP6 where it was real stopper (because of unicode
passphrases) and then backported it to 5.2.
Thanks. Dmitry.
-Original Message-
From: Pierre [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 11, 2007 12:42 PM
To: Dmitry Stogov
Cc: php-cvs@lists.php.net
Subject: Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
Hi Dmitry,
Thanks for the fixes!
Can you add two NEWS entry please? (5_2)
On 7/11/07, Dmitry Stogov [EMAIL PROTECTED] wrote:
dmitry Wed Jul 11 07:26:52 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
Fixed crash on non-string passphrase
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.
5.2.35r2=1.98.2.5.2.36diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.35
php-src/ext/openssl/openssl.c:1.98.2.5.2.36
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.35 Tue Jun 19
22:09:49 2007
+++ php-src/ext/openssl/openssl.c Wed Jul 11 07:26:52 2007
@@ -20,7 +20,7 @@
+-
-+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.35 2007/06/19 22:09:49
iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.36 2007/07/11 07:26:52
dmitry Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -2256,6 +2256,7 @@
} else {
tmp = **zphrase;
zval_copy_ctor(tmp);
+ convert_to_string(tmp);
passphrase = Z_STRVAL(tmp);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
On 7/11/07, Dmitry Stogov [EMAIL PROTECTED] wrote: I don't think it is imprtant fix. Nobody uses non-sting pasphrases. :) I found this bug in PHP6 where it was real stopper (because of unicode passphrases) and then backported it to 5.2. If it changes / fixes a behaviors/bugs, it has be in the NEWS file, even if nobody uses it :) (for example, It is useful when one has to patch its php after a release) Thanks, --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Tue Jun 19 22:09:49 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
Fixed a memory leak inside load_all_certs_file()
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.34r2=1.98.2.5.2.35diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.34
php-src/ext/openssl/openssl.c:1.98.2.5.2.35
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.34 Sat May 19 22:05:08 2007
+++ php-src/ext/openssl/openssl.c Tue Jun 19 22:09:49 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.34 2007/05/19 22:05:08 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.35 2007/06/19 22:09:49 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1109,17 +1109,20 @@
}
if (php_openssl_safe_mode_chk(certfile TSRMLS_CC)) {
+ sk_X509_free(stack);
goto end;
}
if(!(in=BIO_new_file(certfile, r))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, error opening the
file, %s, certfile);
+ sk_X509_free(stack);
goto end;
}
/* This loads from a file, a stack of x509/crl/pkey sets */
if(!(sk=PEM_X509_INFO_read_bio(in, NULL, NULL, NULL))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, error reading the
file, %s, certfile);
+ sk_X509_free(stack);
goto end;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Thu Apr 5 07:10:07 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
fix ZTS build
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.30r2=1.98.2.5.2.31diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.30
php-src/ext/openssl/openssl.c:1.98.2.5.2.31
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.30 Wed Apr 4 22:00:51 2007
+++ php-src/ext/openssl/openssl.c Thu Apr 5 07:10:07 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.30 2007/04/04 22:00:51 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.31 2007/04/05 07:10:07 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1333,7 +1333,7 @@
sk_X509_free(sk);
}
-static STACK_OF(X509) * php_array_to_X509_sk(zval ** zcerts)
+static STACK_OF(X509) * php_array_to_X509_sk(zval ** zcerts TSRMLS_DC)
{
HashPosition hpos;
zval ** zcertval;
@@ -1436,7 +1436,7 @@
*/
if (args zend_hash_find(Z_ARRVAL_P(args), extracerts,
sizeof(extracerts), (void**)item) == SUCCESS)
- ca = php_array_to_X509_sk(item);
+ ca = php_array_to_X509_sk(item TSRMLS_CC);
/* end parse extra config */
/*PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509
*cert, STACK_OF(X509) *ca,
@@ -1510,7 +1510,7 @@
friendly_name = Z_STRVAL_PP(item);
if (args zend_hash_find(Z_ARRVAL_P(args), extracerts,
sizeof(extracerts), (void**)item) == SUCCESS)
- ca = php_array_to_X509_sk(item);
+ ca = php_array_to_X509_sk(item TSRMLS_CC);
/* end parse extra config */
p12 = PKCS12_create(pass, friendly_name, priv_key, cert, ca, 0, 0, 0,
0, 0);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
rrichards Thu Apr 5 18:08:42 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
fix win32 build
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.31r2=1.98.2.5.2.32diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.31
php-src/ext/openssl/openssl.c:1.98.2.5.2.32
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.31 Thu Apr 5 07:10:07 2007
+++ php-src/ext/openssl/openssl.c Thu Apr 5 18:08:42 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.31 2007/04/05 07:10:07 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.32 2007/04/05 18:08:42 rrichards Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1567,11 +1567,10 @@
if(d2i_PKCS12_bio(bio_in, p12)) {
if(PKCS12_parse(p12, pass, pkey, cert, ca)) {
-
+ BIO * bio_out;
+
zval_dtor(zout);
array_init(zout);
-
- BIO * bio_out;
bio_out = BIO_new(BIO_s_mem());
if (PEM_write_bio_X509(bio_out, cert)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Wed Apr 4 22:00:52 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- nuke c++ comments
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.29r2=1.98.2.5.2.30diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.29
php-src/ext/openssl/openssl.c:1.98.2.5.2.30
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.29 Wed Apr 4 21:24:01 2007
+++ php-src/ext/openssl/openssl.c Wed Apr 4 22:00:51 2007
@@ -20,7 +20,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.29 2007/04/04 21:24:01 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.30 2007/04/04 22:00:51 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1430,17 +1430,19 @@
/* parse extra config from args array, promote this to an extra
function */
if (args zend_hash_find(Z_ARRVAL_P(args), friendly_name,
sizeof(friendly_name), (void**)item) == SUCCESS)
friendly_name = Z_STRVAL_PP(item);
- // certpbe (default RC2-40)
- // keypbe (default 3DES)
- // friendly_caname
+ /* certpbe (default RC2-40)
+ keypbe (default 3DES)
+ friendly_caname
+ */
if (args zend_hash_find(Z_ARRVAL_P(args), extracerts,
sizeof(extracerts), (void**)item) == SUCCESS)
ca = php_array_to_X509_sk(item);
/* end parse extra config */
+ /*PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509
*cert, STACK_OF(X509) *ca,
+ int nid_key, int nid_cert, int iter,
int mac_iter, int keytype);*/
+
p12 = PKCS12_create(pass, friendly_name, priv_key, cert, ca, 0, 0, 0,
0, 0);
- //PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509
*cert, STACK_OF(X509) *ca,
-// int nid_key, int nid_cert, int iter,
int mac_iter, int keytype);
bio_out = BIO_new_file(filename, w);
if (bio_out) {
@@ -1506,9 +1508,6 @@
/* parse extra config from args array, promote this to an extra
function */
if (args zend_hash_find(Z_ARRVAL_P(args), friendly_name,
sizeof(friendly_name), (void**)item) == SUCCESS)
friendly_name = Z_STRVAL_PP(item);
- // certpbe (default RC2-40)
- // keypbe (default 3DES)
- // friendly_caname
if (args zend_hash_find(Z_ARRVAL_P(args), extracerts,
sizeof(extracerts), (void**)item) == SUCCESS)
ca = php_array_to_X509_sk(item);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 005.phpt bug38261.phpt
rrichards Sat Jan 20 22:08:29 2007 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests 005.phpt
Modified files:
/php-src/ext/opensslopenssl.c
/php-src/ext/openssl/tests bug38261.phpt
Log:
MFH: fix accessing public key from x509 resource
add test
fix test under win32
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.26r2=1.98.2.5.2.27diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.26
php-src/ext/openssl/openssl.c:1.98.2.5.2.27
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.26 Sun Jan 7 18:38:21 2007
+++ php-src/ext/openssl/openssl.c Sat Jan 20 22:08:29 2007
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.26 2007/01/07 18:38:21 iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.27 2007/01/20 22:08:29 rrichards Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1958,10 +1958,10 @@
/* got the key - return it */
return (EVP_PKEY*)what;
}
+ } else {
+ /* other types could be used here - eg: file pointers
and read in the data from them */
+ TMP_CLEAN;
}
-
- /* other types could be used here - eg: file pointers and read
in the data from them */
- TMP_CLEAN;
} else {
/* force it to be a string and check if it refers to a file */
/* passing non string values leaks, object uses toString, it
returns NULL
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38261.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u
Index: php-src/ext/openssl/tests/bug38261.phpt
diff -u php-src/ext/openssl/tests/bug38261.phpt:1.1.2.1
php-src/ext/openssl/tests/bug38261.phpt:1.1.2.2
--- php-src/ext/openssl/tests/bug38261.phpt:1.1.2.1 Sun Jul 30 16:26:19 2006
+++ php-src/ext/openssl/tests/bug38261.phpt Sat Jan 20 22:08:29 2007
@@ -27,8 +27,8 @@
bool(false)
bool(false)
-Warning: openssl_x509_parse() expects at least 1 parameter, 0 given in
%s/bug38261.php on line %d
+Warning: openssl_x509_parse() expects at least 1 parameter, 0 given in
%sbug38261.php on line %d
NULL
bool(false)
-Catchable fatal error: Object of class stdClass could not be converted to
string in %s/bug38261.php on line %d
+Catchable fatal error: Object of class stdClass could not be converted to
string in %sbug38261.php on line %d
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/005.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/005.phpt
+++ php-src/ext/openssl/tests/005.phpt
--TEST--
openSSL: read public key from x.509 resource
--SKIPIF--
?php
if (!extension_loaded(openssl)) die(skip);
?
--FILE--
?php
$dir = dirname(__FILE__);
$file_pub = $dir . '/bug37820cert.pem';
$file_key = $dir . '/bug37820key.pem';
$priv_key = file_get_contents($file_key);
$priv_key_id = openssl_get_privatekey($priv_key);
$x509 = openssl_x509_read(file_get_contents($file_pub));
$pub_key_id = openssl_get_publickey($x509);
$data = some custom data;
if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) {
echo openssl_sign failed.;
}
$ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
if ($ok == 1) {
echo Ok;
} elseif ($ok == 0) {
echo openssl_verify failed.;
}
?
--EXPECTF--
Ok
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Sun Oct 15 21:09:24 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
fix compile warning
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.22r2=1.98.2.5.2.23diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.22
php-src/ext/openssl/openssl.c:1.98.2.5.2.23
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.22 Mon Oct 9 00:04:10 2006
+++ php-src/ext/openssl/openssl.c Sun Oct 15 21:09:24 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.22 2006/10/09 00:04:10 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.23 2006/10/15 21:09:24 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1059,7 +1059,7 @@
for (i = 0; i X509_get_ext_count(cert); i++) {
extension = X509_get_ext(cert, i);
extdata = X509_EXTENSION_get_data(extension);
- extname =
OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
+ extname = (char
*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
add_assoc_asn1_string(subitem, extname, extdata);
}
add_assoc_zval(return_value, extensions, subitem);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Mon Oct 9 00:04:10 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- fix possible segfault (see test 004) always exists and returns NULL on
error
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.21r2=1.98.2.5.2.22diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.21
php-src/ext/openssl/openssl.c:1.98.2.5.2.22
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.21 Sat Sep 16 12:05:12 2006
+++ php-src/ext/openssl/openssl.c Mon Oct 9 00:04:10 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.21 2006/09/16 12:05:12 nlopess Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.22 2006/10/09 00:04:10 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1890,8 +1890,8 @@
#define TMP_CLEAN \
if (Z_TYPE(tmp) == IS_STRING) {\
zval_dtor(tmp); \
- return NULL; \
- }
+ } \
+ return NULL;
if (resourceval) {
*resourceval = -1;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
nlopess Sat Sep 16 12:05:12 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
fix mem leak. hash keys dont need to be strdup'ed
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.20r2=1.98.2.5.2.21diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.20
php-src/ext/openssl/openssl.c:1.98.2.5.2.21
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.20 Tue Sep 12 10:53:59 2006
+++ php-src/ext/openssl/openssl.c Sat Sep 16 12:05:12 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.20 2006/09/12 10:53:59 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.21 2006/09/16 12:05:12 nlopess Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1059,7 +1059,7 @@
for (i = 0; i X509_get_ext_count(cert); i++) {
extension = X509_get_ext(cert, i);
extdata = X509_EXTENSION_get_data(extension);
- extname =
strdup(OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension;
+ extname =
OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
add_assoc_asn1_string(subitem, extname, extdata);
}
add_assoc_zval(return_value, extensions, subitem);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Tue Sep 12 10:54:00 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
remove a leftover
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.19r2=1.98.2.5.2.20diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.19
php-src/ext/openssl/openssl.c:1.98.2.5.2.20
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.19 Fri Sep 8 20:10:47 2006
+++ php-src/ext/openssl/openssl.c Tue Sep 12 10:53:59 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.19 2006/09/08 20:10:47 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.20 2006/09/12 10:53:59 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1905,7 +1905,7 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, key array
must be of the form array(0 = key, 1 = phrase));
return NULL;
}
- //convert_to_string_ex(zphrase);
+
if (Z_TYPE_PP(zphrase) == IS_STRING) {
passphrase = Z_STRVAL_PP(zphrase);
} else {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Thu Sep 7 14:11:06 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
Fixed memory leaks in openssl test #004
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.17r2=1.98.2.5.2.18diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.17
php-src/ext/openssl/openssl.c:1.98.2.5.2.18
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.17 Tue Sep 5 13:59:25 2006
+++ php-src/ext/openssl/openssl.c Thu Sep 7 14:11:05 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.17 2006/09/05 13:59:25 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.18 2006/09/07 14:11:05 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1780,6 +1780,7 @@
if (we_made_the_key) {
/* and a resource for
the private key */
+ zval_dtor(out_pkey);
ZVAL_RESOURCE(out_pkey,
zend_list_insert(req.priv_key, le_key));
req.priv_key = NULL; /*
make sure the cleanup code doesn't zap it! */
} else if (key_resource != -1) {
@@ -1882,7 +1883,16 @@
int free_cert = 0;
long cert_res = -1;
char * filename = NULL;
-
+ zval tmp;
+
+ Z_TYPE(tmp) = IS_NULL;
+
+#define TMP_CLEAN \
+ if (Z_TYPE(tmp) == IS_STRING) {\
+ zval_dtor(tmp); \
+ return NULL; \
+ }
+
if (resourceval) {
*resourceval = -1;
}
@@ -1895,13 +1905,19 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, key array
must be of the form array(0 = key, 1 = phrase));
return NULL;
}
- convert_to_string_ex(zphrase);
- passphrase = Z_STRVAL_PP(zphrase);
+ //convert_to_string_ex(zphrase);
+ if (Z_TYPE_PP(zphrase) == IS_STRING) {
+ passphrase = Z_STRVAL_PP(zphrase);
+ } else {
+ tmp = **zphrase;
+ zval_copy_ctor(tmp);
+ passphrase = Z_STRVAL(tmp);
+ }
/* now set val to be the key param and continue */
if (zend_hash_index_find(HASH_OF(*val), 0, (void **)val) ==
FAILURE) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, key array
must be of the form array(0 = key, 1 = phrase));
- return NULL;
+ TMP_CLEAN;
}
}
@@ -1911,7 +1927,7 @@
what = zend_fetch_resource(val TSRMLS_CC, -1, OpenSSL
X.509/key, type, 2, le_x509, le_key);
if (!what) {
- return NULL;
+ TMP_CLEAN;
}
if (resourceval) {
*resourceval = Z_LVAL_PP(val);
@@ -1928,28 +1944,30 @@
/* check whether it is actually a private key if
requested */
if (!public_key !is_priv) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
supplied key param is a public key);
- return NULL;
+ TMP_CLEAN;
}
if (public_key is_priv) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
Don't know how to get public key from this private key);
- return NULL;
+ TMP_CLEAN;
} else {
+ if (Z_TYPE(tmp) == IS_STRING) {
+ zval_dtor(tmp);
+ }
/* got the key - return it */
return (EVP_PKEY*)what;
}
}
/* other types could be used here - eg: file pointers and read
in the data from them */
-
- return NULL;
+ TMP_CLEAN;
} else {
/* force it to be a string and check if it refers to a file */
/* passing non string values leaks, object uses toString, it
returns NULL
* See bug38255.phpt
*/
if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) ==
IS_OBJECT)) {
- return NULL;
+ TMP_CLEAN;
}
convert_to_string_ex(val);
@@ -1970,7 +1988,7 @@
in = BIO_new_mem_buf(Z_STRVAL_PP(val),
Z_STRLEN_PP(val));
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Tue Sep 5 13:59:25 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
MFH: init variables
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.16r2=1.98.2.5.2.17diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.16
php-src/ext/openssl/openssl.c:1.98.2.5.2.17
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.16 Sun Sep 3 15:31:00 2006
+++ php-src/ext/openssl/openssl.c Tue Sep 5 13:59:25 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.16 2006/09/03 15:31:00 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.17 2006/09/05 13:59:25 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1339,7 +1339,8 @@
/* apply values from the dn hash */
zend_hash_internal_pointer_reset_ex(HASH_OF(dn), hpos);
while(zend_hash_get_current_data_ex(HASH_OF(dn), (void**)item,
hpos) == SUCCESS) {
- char * strindex; uint strindexlen;
+ char * strindex = NULL;
+ uint strindexlen = 0;
ulong intindex;
zend_hash_get_current_key_ex(HASH_OF(dn), strindex,
strindexlen, intindex, 0, hpos);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug28382.phpt bug36732.phpt
pajoye Sun Sep 3 15:31:01 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/opensslopenssl.c /php-src/ext/openssl/tests bug28382.phpt bug36732.phpt Log: - add OPENSSL_VERSION_TEXT and OPENSSL_VERSION_NUMBER constants - skip tests if openssl version 0.9.7j (known to work) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.15r2=1.98.2.5.2.16diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.15 php-src/ext/openssl/openssl.c:1.98.2.5.2.16 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.15 Thu Aug 31 13:48:16 2006 +++ php-src/ext/openssl/openssl.c Sun Sep 3 15:31:00 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.15 2006/08/31 13:48:16 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.16 2006/09/03 15:31:00 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -651,6 +651,9 @@ * openSSL callbacks */ ssl_stream_data_index = SSL_get_ex_new_index(0, PHP stream index, NULL, NULL, NULL); + REGISTER_STRING_CONSTANT(OPENSSL_VERSION_TEXT, OPENSSL_VERSION_TEXT, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_NUMBER, CONST_CS|CONST_PERSISTENT); + /* purposes for cert purpose checking */ REGISTER_LONG_CONSTANT(X509_PURPOSE_SSL_CLIENT, X509_PURPOSE_SSL_CLIENT, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT(X509_PURPOSE_SSL_SERVER, X509_PURPOSE_SSL_SERVER, CONST_CS|CONST_PERSISTENT); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u Index: php-src/ext/openssl/tests/bug28382.phpt diff -u php-src/ext/openssl/tests/bug28382.phpt:1.1.2.2 php-src/ext/openssl/tests/bug28382.phpt:1.1.2.3 --- php-src/ext/openssl/tests/bug28382.phpt:1.1.2.2 Sun Jul 30 17:03:12 2006 +++ php-src/ext/openssl/tests/bug28382.phpt Sun Sep 3 15:31:00 2006 @@ -3,6 +3,7 @@ --SKIPIF-- ?php if (!extension_loaded(openssl)) die(skip); +if (OPENSSL_VERSION_NUMBER0x009070af) die(skip); ? --FILE-- ?php http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug36732.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u Index: php-src/ext/openssl/tests/bug36732.phpt diff -u php-src/ext/openssl/tests/bug36732.phpt:1.1.2.1 php-src/ext/openssl/tests/bug36732.phpt:1.1.2.2 --- php-src/ext/openssl/tests/bug36732.phpt:1.1.2.1 Mon Jul 31 00:33:41 2006 +++ php-src/ext/openssl/tests/bug36732.phpt Sun Sep 3 15:31:00 2006 @@ -2,7 +2,8 @@ #36732, add support for req_extensions in openss_csr_new and sign --SKIPIF-- ?php -if (!extension_loaded(openssl)) die(skip); +if (!extension_loaded(openssl)) die(skip); +if (OPENSSL_VERSION_NUMBER 0x009070af) die(skip); ? --FILE-- ?php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Thu Aug 31 13:48:16 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
MFH: fix problem with mixed arguments accepted as zval* causing
leaks/segfaults when converting to other types
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.14r2=1.98.2.5.2.15diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.14
php-src/ext/openssl/openssl.c:1.98.2.5.2.15
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.14 Wed Aug 30 21:51:06 2006
+++ php-src/ext/openssl/openssl.c Thu Aug 31 13:48:16 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.14 2006/08/30 21:51:06 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.15 2006/08/31 13:48:16 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -807,7 +807,7 @@
}
/* force it to be a string and check if it refers to a file */
- convert_to_string(*val);
+ convert_to_string_ex(val);
if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://,
sizeof(file://) - 1) == 0) {
/* read cert from the named file */
@@ -847,19 +847,19 @@
PHP_FUNCTION(openssl_x509_export_to_file)
{
X509 * cert;
- zval * zcert = NULL;
+ zval ** zcert;
zend_bool notext = 1;
BIO * bio_out;
long certresource;
char * filename;
int filename_len;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rs|b, zcert,
filename, filename_len, notext) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zs|b, zcert,
filename, filename_len, notext) == FAILURE) {
return;
}
RETVAL_FALSE;
- cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
+ cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
if (cert == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, cannot get cert
from parameter 1);
return;
@@ -892,17 +892,17 @@
PHP_FUNCTION(openssl_x509_export)
{
X509 * cert;
- zval * zcert = NULL, *zout=NULL;
+ zval ** zcert, *zout;
zend_bool notext = 1;
BIO * bio_out;
long certresource;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcert,
zout, notext) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zz|b, zcert,
zout, notext) == FAILURE) {
return;
}
RETVAL_FALSE;
- cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
+ cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
if (cert == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, cannot get cert
from parameter 1);
return;
@@ -933,21 +933,21 @@
Checks if a private key corresponds to a CERT */
PHP_FUNCTION(openssl_x509_check_private_key)
{
- zval * zcert, *zkey;
+ zval ** zcert, **zkey;
X509 * cert = NULL;
EVP_PKEY * key = NULL;
long certresource = -1, keyresource = -1;
RETVAL_FALSE;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, zcert,
zkey) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ZZ, zcert,
zkey) == FAILURE) {
return;
}
- cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
+ cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
if (cert == NULL) {
RETURN_FALSE;
}
- key = php_openssl_evp_from_zval(zkey, 0, , 1, keyresource
TSRMLS_CC);
+ key = php_openssl_evp_from_zval(zkey, 0, , 1, keyresource TSRMLS_CC);
if (key) {
RETVAL_BOOL(X509_check_private_key(cert, key));
}
@@ -965,7 +965,7 @@
Returns an array of the fields/values of the CERT */
PHP_FUNCTION(openssl_x509_parse)
{
- zval * zcert;
+ zval ** zcert;
X509 * cert = NULL;
long certresource = -1;
int i;
@@ -976,10 +976,10 @@
ASN1_OCTET_STRING *extdata;
char *extname;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|b, zcert,
useshortnames) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Z|b, zcert,
useshortnames) == FAILURE) {
return;
}
- cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
+ cert = php_openssl_x509_from_zval(zcert, 0, certresource TSRMLS_CC);
if (cert == NULL) {
RETURN_FALSE;
}
@@ -1147,7 +1147,7 @@
Checks the CERT to see if it can be used for the purpose in purpose. cainfo
holds information about trusted CAs */
PHP_FUNCTION(openssl_x509_checkpurpose)
{
- zval * zcert, * zcainfo = NULL;
+ zval ** zcert, *
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 002.phpt
tony2001Wed Aug 30 20:50:03 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests 002.phpt Modified files: /php-src/ext/opensslopenssl.c Log: MFH: fix segfault in openssl_seal(), add test http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.12r2=1.98.2.5.2.13diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.12 php-src/ext/openssl/openssl.c:1.98.2.5.2.13 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.12 Fri Aug 18 13:02:37 2006 +++ php-src/ext/openssl/openssl.c Wed Aug 30 20:50:03 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.98.2.5.2.12 2006/08/18 13:02:37 tony2001 Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.13 2006/08/30 20:50:03 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -3183,7 +3183,9 @@ pkeys = safe_emalloc(nkeys, sizeof(*pkeys), 0); eksl = safe_emalloc(nkeys, sizeof(*eksl), 0); eks = safe_emalloc(nkeys, sizeof(*eks), 0); + memset(eks, 0, sizeof(*eks) * nkeys); key_resources = safe_emalloc(nkeys, sizeof(long), 0); + memset(key_resources, 0, sizeof(*key_resources) * nkeys); /* get the public keys we are using to seal this data */ zend_hash_internal_pointer_reset_ex(pubkeysht, pos); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/002.phpt?view=markuprev=1.1 Index: php-src/ext/openssl/tests/002.phpt +++ php-src/ext/openssl/tests/002.phpt --TEST-- openssl_seal() tests --SKIPIF-- ?php if (!extension_loaded(openssl)) print skip; ? --FILE-- ?php $a = 1; $b = array(1); $c = array(1); $d = array(1); var_dump(openssl_seal($a, $b, $c, $d)); var_dump(openssl_seal($a, $a, $a, array())); var_dump(openssl_seal($c, $c, $c, 1)); var_dump(openssl_seal($b, $b, $b, )); echo Done\n; ? --EXPECTF-- Warning: openssl_seal(): not a public key (0th member of pubkeys) in %s on line %d bool(false) Warning: openssl_seal(): Fourth argument to openssl_seal() must be a non-empty array in %s on line %d bool(false) Warning: openssl_seal() expects parameter 1 to be string, array given in %s on line %d NULL Warning: openssl_seal() expects parameter 1 to be string, array given in %s on line %d NULL Done --UEXPECTF-- Warning: openssl_seal(): not a public key (0th member of pubkeys) in %s on line %d bool(false) Warning: openssl_seal(): Fourth argument to openssl_seal() must be a non-empty array in %s on line %d bool(false) Warning: openssl_seal() expects parameter 1 to be binary string, array given in %s on line %d NULL Warning: openssl_seal() expects parameter 1 to be binary string, array given in %s on line %d NULL Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests 003.phpt
tony2001Wed Aug 30 21:51:07 2006 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests 003.phpt
Modified files:
/php-src/ext/opensslopenssl.c
Log:
fix segfault/leak, add test
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.13r2=1.98.2.5.2.14diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.13
php-src/ext/openssl/openssl.c:1.98.2.5.2.14
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.13 Wed Aug 30 20:50:03 2006
+++ php-src/ext/openssl/openssl.c Wed Aug 30 21:51:06 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.13 2006/08/30 20:50:03 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.14 2006/08/30 21:51:06 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -807,7 +807,7 @@
}
/* force it to be a string and check if it refers to a file */
- convert_to_string_ex(val);
+ convert_to_string(*val);
if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://,
sizeof(file://) - 1) == 0) {
/* read cert from the named file */
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/003.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/003.phpt
+++ php-src/ext/openssl/tests/003.phpt
--TEST--
openssl_pkcs7_decrypt() and invalid parameters
--SKIPIF--
?php if (!extension_loaded(openssl)) print skip; ?
--FILE--
?php
function myErrorHandler($errno, $errstr, $errfile, $errline) {
var_dump($errstr);
}
set_error_handler(myErrorHandler);
$a = 1;
$b = 1;
$c = new stdclass;
$d = new stdclass;
var_dump(openssl_pkcs7_decrypt($a, $b, $c, $d));
var_dump($c);
var_dump(openssl_pkcs7_decrypt($b, $b, $b, $b));
var_dump(openssl_pkcs7_decrypt($a, $b, , ));
var_dump(openssl_pkcs7_decrypt($a, $b, true, false));
var_dump(openssl_pkcs7_decrypt($a, $b, 0, 0));
echo Done\n;
?
--EXPECTF--
string(57) Object of class stdClass could not be converted to string
string(45) Object of class stdClass to string conversion
string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
string(6) Object
string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
string(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
Done
--UEXPECTF--
unicode(64) Object of class stdClass could not be converted to binary string
unicode(45) Object of class stdClass to string conversion
unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
string(6) Object
unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
unicode(66) openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert
bool(false)
Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
tony2001Fri Aug 18 13:02:37 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
fix #38486 (openssl extension does not build correctly)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.11r2=1.98.2.5.2.12diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.11
php-src/ext/openssl/openssl.c:1.98.2.5.2.12
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.11 Tue Aug 15 20:27:20 2006
+++ php-src/ext/openssl/openssl.c Fri Aug 18 13:02:37 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.11 2006/08/15 20:27:20 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.12 2006/08/18 13:02:37 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -70,7 +70,9 @@
OPENSSL_KEYTYPE_DSA,
OPENSSL_KEYTYPE_DH,
OPENSSL_KEYTYPE_DEFAULT = OPENSSL_KEYTYPE_RSA,
+#ifdef EVP_PKEY_EC
OPENSSL_KEYTYPE_EC = OPENSSL_KEYTYPE_DH +1
+#endif
};
enum php_openssl_cipher_type {
@@ -695,7 +697,9 @@
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DSA, OPENSSL_KEYTYPE_DSA,
CONST_CS|CONST_PERSISTENT);
#endif
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DH, OPENSSL_KEYTYPE_DH,
CONST_CS|CONST_PERSISTENT);
+#ifdef EVP_PKEY_EC
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_EC, OPENSSL_KEYTYPE_EC,
CONST_CS|CONST_PERSISTENT);
+#endif
/* Determine default SSL configuration file */
config_filename = getenv(OPENSSL_CONF);
@@ -2327,9 +2331,11 @@
case EVP_PKEY_DH:
ktype = OPENSSL_KEYTYPE_DH;
break;
+#ifdef EVP_PKEY_EC
case EVP_PKEY_EC:
ktype = OPENSSL_KEYTYPE_EC;
break;
+#endif
default:
ktype = -1;
break;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sun Jul 30 09:18:07 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- silent compiler warnings (signess)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.4r2=1.98.2.5.2.5diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.4
php-src/ext/openssl/openssl.c:1.98.2.5.2.5
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.4 Sat Jul 29 23:03:55 2006
+++ php-src/ext/openssl/openssl.c Sun Jul 30 09:18:06 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.5 2006/07/30 09:18:06 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -268,7 +268,7 @@
obj_cnt++;
ne = X509_NAME_get_entry(name, j);
str = X509_NAME_ENTRY_get_data(ne);
- add_next_index_stringl(subentries, str-data,
str-length, 1);
+ add_next_index_stringl(subentries, (char
*)str-data, str-length, 1);
}
last = j;
}
@@ -280,7 +280,7 @@
zval_dtor(subentries);
FREE_ZVAL(subentries);
if (obj_cnt) {
- add_assoc_stringl(subitem, sname, str-data,
str-length, 1);
+ add_assoc_stringl(subitem, sname, (char
*)str-data, str-length, 1);
}
}
}
@@ -290,7 +290,7 @@
static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str)
/* {{{ */
{
- add_assoc_stringl(val, key, str-data, str-length, 1);
+ add_assoc_stringl(val, key, (char *)str-data, str-length, 1);
}
/* }}} */
@@ -314,7 +314,7 @@
return (time_t)-1;
}
- strbuf = estrdup(timestr-data);
+ strbuf = estrdup((char *)timestr-data);
memset(thetime, 0, sizeof(thetime));
@@ -982,7 +982,7 @@
add_assoc_long(return_value, validFrom_time_t,
asn1_time_to_time_t(X509_get_notBefore(cert) TSRMLS_CC));
add_assoc_long(return_value, validTo_time_t,
asn1_time_to_time_t(X509_get_notAfter(cert) TSRMLS_CC));
- tmpstr = X509_alias_get0(cert, NULL);
+ tmpstr = (char *)X509_alias_get0(cert, NULL);
if (tmpstr) {
add_assoc_string(return_value, alias, tmpstr, 1);
}
@@ -1298,8 +1298,8 @@
/* apply values from the dn hash */
zend_hash_internal_pointer_reset_ex(HASH_OF(dn), hpos);
while(zend_hash_get_current_data_ex(HASH_OF(dn), (void**)item,
hpos) == SUCCESS) {
- char * strindex; int strindexlen;
- long intindex;
+ char * strindex; uint strindexlen;
+ ulong intindex;
zend_hash_get_current_key_ex(HASH_OF(dn), strindex,
strindexlen, intindex, 0, hpos);
@@ -1372,8 +1372,8 @@
if (attribs) {
zend_hash_internal_pointer_reset_ex(HASH_OF(attribs),
hpos);
while(zend_hash_get_current_data_ex(HASH_OF(attribs),
(void**)item, hpos) == SUCCESS) {
- char * strindex; int strindexlen;
- long intindex;
+ char * strindex; uint strindexlen;
+ ulong intindex;
zend_hash_get_current_key_ex(HASH_OF(attribs),
strindex, strindexlen, intindex, 0, hpos);
convert_to_string_ex(item);
@@ -2065,7 +2065,7 @@
} else {
cipher = NULL;
}
- if (PEM_write_bio_PrivateKey(bio_out, key, cipher, passphrase,
passphrase_len, NULL, NULL)) {
+ if (PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned
char *)passphrase, passphrase_len, NULL, NULL)) {
/* Success!
* If returning the output as a string, do so now */
RETVAL_TRUE;
@@ -2116,7 +2116,7 @@
} else {
cipher = NULL;
}
- if (PEM_write_bio_PrivateKey(bio_out, key, cipher, passphrase,
passphrase_len, NULL, NULL)) {
+ if (PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned
char *)passphrase, passphrase_len, NULL, NULL)) {
/* Success!
* If returning the output as a string, do so now */
@@ -2676,7 +2676,7 @@
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
successful =
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug28382.phpt bug28382cert.txt
pajoye Sun Jul 30 17:03:12 2006 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests bug28382cert.txt bug28382.phpt
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- #28382, add support for x509 extensions
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.6r2=1.98.2.5.2.7diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.6
php-src/ext/openssl/openssl.c:1.98.2.5.2.7
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.6 Sun Jul 30 16:26:19 2006
+++ php-src/ext/openssl/openssl.c Sun Jul 30 17:03:12 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.6 2006/07/30 16:26:19 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.7 2006/07/30 17:03:12 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -954,6 +954,9 @@
zend_bool useshortnames = 1;
char * tmpstr;
zval * subitem;
+ X509_EXTENSION *extension;
+ ASN1_OCTET_STRING *extdata;
+ char *extname;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|b, zcert,
useshortnames) == FAILURE) {
return;
@@ -1028,6 +1031,18 @@
}
add_assoc_zval(return_value, purposes, subitem);
+ MAKE_STD_ZVAL(subitem);
+ array_init(subitem);
+
+
+ for (i = 0; i X509_get_ext_count(cert); i++) {
+ extension = X509_get_ext(cert, i);
+ extdata = X509_EXTENSION_get_data(extension);
+ extname =
strdup(OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension;
+ add_assoc_asn1_string(subitem, extname, extdata);
+ }
+ add_assoc_zval(return_value, extensions, subitem);
+
if (certresource == -1 cert) {
X509_free(cert);
}
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382cert.txt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug28382cert.txt
+++ php-src/ext/openssl/tests/bug28382cert.txt
-BEGIN CERTIFICATE-
MIIEoDCCBAmgAwIBAgIBJzANBgkqhkiG9w0BAQQFADCBkDELMAkGA1UEBhMCUk8x
EDAOBgNVBAgTB1JvbWFuaWExEDAOBgNVBAcTB0NyYWlvdmExDzANBgNVBAoTBlNl
cmdpdTETMBEGA1UECxMKU2VyZ2l1IFNSTDESMBAGA1UEAxMJU2VyZ2l1IENBMSMw
IQYJKoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTAeFw0wNDA1MTQxMzM0
NTZaFw0wNTA1MTQxMzM0NTZaMIGaMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9t
YW5pYTEQMA4GA1UEBxMHQ3JhaW92YTETMBEGA1UEChMKU2VyZ2l1IFNSTDETMBEG
A1UECxMKU2VyZ2l1IFNSTDEYMBYGA1UEAxMPU2VyZ2l1IHBlcnNvbmFsMSMwIQYJ
KoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApNj7XXz8T8FcLIWpBniPYom3QcT6T7u0xRPHqtqzj5oboBYp
DJe5d354/y0gJTpiLt8+fTrPgWXnbHm3pOHgXzTcX6Arani0GDU0/xDi4VkCRGcS
YqX2sJpcDzAbmK9UDMt3xf/O1B8AJan3RfO0Bm3ozTEPziLMkmsiYr5b/L8CAwEA
AaOCAfwwggH4MAkGA1UdEwQCMAAwNQYJYIZIAYb4QgENBCgWJkZvciBHcmlkIHVz
ZSBvbmx5OyByZXF1ZXN0IHRhZyB1c2VyVGFnMBEGCWCGSAGG+EIBAQQEAwIF4DA/
BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vbW9iaWxlLmJsdWUtc29mdHdhcmUucm86
OTAvY2EvY3JsLnNodG1sMDUGCWCGSAGG+EIBCAQoFiZodHRwOi8vbW9iaWxlLmJs
dWUtc29mdHdhcmUucm86OTAvcHViLzAhBgNVHREEGjAYgRZzZXJnaXVAYmx1ZXNv
ZnR3YXJlLnJvMB0GA1UdDgQWBBSwp//5QRXeIzm93TEPl6CyonTg/DCBpwYDVR0j
BIGfMIGcoYGWpIGTMIGQMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9tYW5pYTEQ
MA4GA1UEBxMHQ3JhaW92YTEPMA0GA1UEChMGU2VyZ2l1MRMwEQYDVQQLEwpTZXJn
aXUgU1JMMRIwEAYDVQQDEwlTZXJnaXUgQ0ExIzAhBgkqhkiG9w0BCQEWFG5fc2Vy
Z2l1QGhvdG1haWwuY29tggEAMAsGA1UdDwQEAwIE8DAjBglghkgBhvhCAQIEFhYU
aHR0cDovLzYyLjIzMS45OC41Mi8wCwYDKgMEBAQ+52I0MA0GCSqGSIb3DQEBBAUA
A4GBAIBIOJ+iiLyQfNJEY+IMefayQea0nmuXYY+F+L1DFjSC7xChytgYoPNnKkhh
3dWPtxbswiqKYUnGi6y3Hi4UhDsOaDW29t2S305hSc2qgjOiNtRYQIVYQ8EHG1k7
Fl63S7uCOhnVJt+4MnUK1N6/pwgsp+Z2GvEsDG1qCKnvNpf6
-END CERTIFICATE-
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug28382.phpt
+++ php-src/ext/openssl/tests/bug28382.phpt
--TEST--
#28382, openssl_x509_parse extensions support
--SKIPIF--
?php
if (!extension_loaded(openssl)) die(skip);
?
--FILE--
?php
$cert = file_get_contents(dirname(__FILE__) . /bug28382cert.txt, rb);
$ext = openssl_x509_parse($cert);
var_dump($ext['extensions']);
?
--EXPECTF--
array(11) {
[basicConstraints]=
string(2) %s
[nsComment]=
string(40) %s
[nsCertType]=
string(4) %s
[crlDistributionPoints]=
string(56) %s
[nsCaPolicyUrl]=
string(40) %s
[subjectAltName]=
string(26) %s
[subjectKeyIdentifier]=
string(22) %s
[authorityKeyIdentifier]=
string(159) %s
[keyUsage]=
string(4) %s
[nsBaseUrl]=
string(22) %s
[UNDEF]=
string(4) %s
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c /ext/openssl/tests bug36732.phpt
pajoye Mon Jul 31 00:33:41 2006 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests bug36732.phpt
Modified files:
/php-src/ext/opensslopenssl.c
Log:
- #36732, add req_extensions support to openssl_csr_new and _sign
(ben at psc dot edu)
- fix leaks in openssl_csr_new and sign
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.7r2=1.98.2.5.2.8diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.7
php-src/ext/openssl/openssl.c:1.98.2.5.2.8
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.7 Sun Jul 30 17:03:12 2006
+++ php-src/ext/openssl/openssl.c Mon Jul 31 00:33:41 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.7 2006/07/30 17:03:12 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.8 2006/07/31 00:33:41 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -468,8 +468,8 @@
CONF_get_string(req-req_config, req-section_name,
default_md));
SET_OPTIONAL_STRING_ARG(x509_extensions, req-extensions_section,
CONF_get_string(req-req_config, req-section_name,
x509_extensions));
- SET_OPTIONAL_STRING_ARG(req_extensions, req-extensions_section,
- CONF_get_string(req-req_config,
req-request_extensions_section, req_extensions));
+ SET_OPTIONAL_STRING_ARG(req_extensions,
req-request_extensions_section,
+ CONF_get_string(req-req_config, req-section_name,
req_extensions));
SET_OPTIONAL_LONG_ARG(private_key_bits, req-priv_key_bits,
CONF_get_number(req-req_config, req-section_name,
default_bits));
@@ -509,9 +509,6 @@
return FAILURE;
}
- if (req-request_extensions_section == NULL) {
- req-request_extensions_section =
CONF_get_string(req-req_config, req-section_name, req_extensions);
- }
PHP_SSL_CONFIG_SYNTAX_CHECK(request_extensions_section);
return SUCCESS;
@@ -879,8 +876,6 @@
zend_bool notext = 1;
BIO * bio_out;
long certresource;
- char * bio_mem_ptr;
- long bio_mem_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcert,
zout, notext) == FAILURE) {
return;
@@ -897,12 +892,15 @@
if (!notext) {
X509_print(bio_out, cert);
}
- PEM_write_bio_X509(bio_out, cert);
+ if (PEM_write_bio_X509(bio_out, cert)) {
+ BUF_MEM *bio_buf;
- bio_mem_len = BIO_get_mem_data(bio_out, bio_mem_ptr);
- ZVAL_STRINGL(zout, bio_mem_ptr, bio_mem_len, 1);
+ zval_dtor(zout);
+ BIO_get_mem_ptr(bio_out, bio_buf);
+ ZVAL_STRINGL(zout, bio_buf-data, bio_buf-length, 1);
- RETVAL_TRUE;
+ RETVAL_TRUE;
+ }
if (certresource == -1 cert) {
X509_free(cert);
@@ -1531,9 +1529,8 @@
zval * zcsr = NULL, *zout=NULL;
zend_bool notext = 1;
BIO * bio_out;
+
long csr_resource;
- char * bio_mem_ptr;
- long bio_mem_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, rz|b, zcsr,
zout, notext) == FAILURE) {
return;
@@ -1552,12 +1549,16 @@
if (!notext) {
X509_REQ_print(bio_out, csr);
}
- PEM_write_bio_X509_REQ(bio_out, csr);
- bio_mem_len = BIO_get_mem_data(bio_out, bio_mem_ptr);
- ZVAL_STRINGL(zout, bio_mem_ptr, bio_mem_len, 1);
+ if (PEM_write_bio_X509_REQ(bio_out, csr)) {
+ BUF_MEM *bio_buf;
- RETVAL_TRUE;
+ BIO_get_mem_ptr(bio_out, bio_buf);
+ zval_dtor(zout);
+ ZVAL_STRINGL(zout, bio_buf-data, bio_buf-length, 1);
+
+ RETVAL_TRUE;
+ }
if (csr_resource == -1 csr) {
X509_REQ_free(csr);
@@ -1655,12 +1656,12 @@
if (!i) {
goto cleanup;
}
- if (req.request_extensions_section) {
+ if (req.extensions_section) {
X509V3_CTX ctx;
X509V3_set_ctx(ctx, cert, new_cert, csr, NULL, 0);
X509V3_set_conf_lhash(ctx, req.req_config);
- if (!X509V3_EXT_add_conf(req.req_config, ctx,
req.request_extensions_section, new_cert)) {
+ if (!X509V3_EXT_add_conf(req.req_config, ctx,
req.extensions_section, new_cert)) {
goto cleanup;
}
}
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug36732.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug36732.phpt
+++ php-src/ext/openssl/tests/bug36732.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
iliaa Mon Jul 31 03:41:20 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
Fixed compiler warning.
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.8r2=1.98.2.5.2.9diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.8
php-src/ext/openssl/openssl.c:1.98.2.5.2.9
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.8 Mon Jul 31 00:33:41 2006
+++ php-src/ext/openssl/openssl.c Mon Jul 31 03:41:19 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.8 2006/07/31 00:33:41 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.9 2006/07/31 03:41:19 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -238,7 +238,7 @@
char *sname;
int nid;
X509_NAME_ENTRY * ne;
- ASN1_STRING * str;
+ ASN1_STRING * str = NULL;
ASN1_OBJECT * obj;
MAKE_STD_ZVAL(subitem);
@@ -279,7 +279,7 @@
} else {
zval_dtor(subentries);
FREE_ZVAL(subentries);
- if (obj_cnt) {
+ if (obj_cnt str) {
add_assoc_stringl(subitem, sname, (char
*)str-data, str-length, 1);
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:39:33 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- #38255, fails on array as well
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.1r2=1.98.2.5.2.2diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.1
php-src/ext/openssl/openssl.c:1.98.2.5.2.2
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.1 Sat Jul 29 22:10:49 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:39:33 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1836,7 +1836,8 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
+ || Z_TYPE_PP(val) == IS_ARRAY) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 23:03:55 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- MFH: make the test more obvious and add an explanation
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.3r2=1.98.2.5.2.4diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.3
php-src/ext/openssl/openssl.c:1.98.2.5.2.4
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.3 Sat Jul 29 22:52:48 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 23:03:55 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.4 2006/07/29 23:03:55 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -1847,8 +1847,10 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
- if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL
- || Z_TYPE_PP(val) == IS_ARRAY) {
+ /* passing non string values leaks, object uses toString, it
returns NULL
+* See bug38255.phpt
+*/
+ if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) ==
IS_OBJECT)) {
return NULL;
}
convert_to_string_ex(val);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:10:49 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- fix leak when the key is not a valid key (like false or an array)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5r2=1.98.2.5.2.1diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5
php-src/ext/openssl/openssl.c:1.98.2.5.2.1
--- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -577,6 +577,30 @@
}
return SUCCESS;
}
+
+static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ EVP_MD *mdtype;
+
+ switch (algo) {
+ case OPENSSL_ALGO_SHA1:
+ mdtype = (EVP_MD *) EVP_sha1();
+ break;
+ case OPENSSL_ALGO_MD5:
+ mdtype = (EVP_MD *) EVP_md5();
+ break;
+ case OPENSSL_ALGO_MD4:
+ mdtype = (EVP_MD *) EVP_md4();
+ break;
+ case OPENSSL_ALGO_MD2:
+ mdtype = (EVP_MD *) EVP_md2();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ return mdtype;
+}
+/* }}} */
/* }}} */
/* {{{ PHP_MINIT_FUNCTION
@@ -1812,6 +1836,9 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ return NULL;
+ }
convert_to_string_ex(val);
if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://,
sizeof(file://) - 1) == 0) {
@@ -2872,7 +2899,7 @@
}
/* }}} */
-/* {{{ proto bool openssl_sign(string data, string signature, mixed key)
+/* {{{ proto bool openssl_sign(string data, string signature, mixed key[, int
signature_alg])
Signs data */
PHP_FUNCTION(openssl_sign)
{
@@ -2896,23 +2923,10 @@
RETURN_FALSE;
}
- switch (signature_algo) {
- case OPENSSL_ALGO_SHA1:
- mdtype = (EVP_MD *) EVP_sha1();
- break;
- case OPENSSL_ALGO_MD5:
- mdtype = (EVP_MD *) EVP_md5();
- break;
- case OPENSSL_ALGO_MD4:
- mdtype = (EVP_MD *) EVP_md4();
- break;
- case OPENSSL_ALGO_MD2:
- mdtype = (EVP_MD *) EVP_md2();
- break;
- default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
signature algorithm.);
- RETURN_FALSE;
- break;
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
}
siglen = EVP_PKEY_size(pkey);
@@ -2943,21 +2957,29 @@
EVP_PKEY *pkey;
int err;
EVP_MD_CTX md_ctx;
+ EVP_MD *mdtype;
long keyresource = -1;
char * data;int data_len;
char * signature; int signature_len;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz, data,
data_len, signature, signature_len, key) == FAILURE) {
+ long signature_algo = OPENSSL_ALGO_SHA1;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ssz|l, data,
data_len, signature, signature_len, key, signature_algo) == FAILURE) {
return;
}
-
+
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown signature
algorithm.);
+ RETURN_FALSE;
+ }
+
pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, keyresource
TSRMLS_CC);
if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied key param
cannot be coerced into a public key);
RETURN_FALSE;
}
- EVP_VerifyInit (md_ctx, EVP_sha1());
+ EVP_VerifyInit (md_ctx, mdtype);
EVP_VerifyUpdate (md_ctx, data, data_len);
err = EVP_VerifyFinal (md_ctx, signature, signature_len, pkey);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/openssl openssl.c
pajoye Sat Jul 29 22:52:48 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c
Log:
- vi happiness++
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.2r2=1.98.2.5.2.3diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.2
php-src/ext/openssl/openssl.c:1.98.2.5.2.3
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.2 Sat Jul 29 22:39:33 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:52:48 2006
@@ -18,7 +18,7 @@
+--+
*/
-/* $Id: openssl.c,v 1.98.2.5.2.2 2006/07/29 22:39:33 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.3 2006/07/29 22:52:48 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include config.h
@@ -156,10 +156,11 @@
static int le_csr;
static int ssl_stream_data_index;
-int php_openssl_get_x509_list_id(void)
+int php_openssl_get_x509_list_id(void) /* {{{ */
{
return le_x509;
}
+/* }}} */
/* {{{ resource destructors */
static void php_pkey_free(zend_rsrc_list_entry *rsrc TSRMLS_DC)
@@ -202,7 +203,7 @@
/* true global; readonly after module startup */
static char default_ssl_conf_filename[MAXPATHLEN];
-struct php_x509_request {
+struct php_x509_request { /* {{{ */
LHASH * global_config; /* Global SSL config */
LHASH * req_config; /* SSL config for this request */
const EVP_MD * md_alg;
@@ -219,7 +220,7 @@
EVP_PKEY * priv_key;
};
-
+/* }}} */
static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long *
resourceval TSRMLS_DC);
static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char
* passphrase, int makeresource, long * resourceval TSRMLS_DC);
@@ -230,7 +231,7 @@
static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request *
req TSRMLS_DC);
-static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int
shortname TSRMLS_DC)
+static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int
shortname TSRMLS_DC) /* {{{ */
{
zval *subitem, *subentries;
int i, j = -1, last = -1, obj_cnt = 0;
@@ -285,13 +286,15 @@
}
zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void *)subitem,
sizeof(subitem), NULL);
}
+/* }}} */
-static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str)
+static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str)
/* {{{ */
{
add_assoc_stringl(val, key, str-data, str-length, 1);
}
+/* }}} */
-static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC)
+static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */
{
/*
This is how the time string is formatted:
@@ -359,12 +362,14 @@
return ret;
}
+/* }}} */
static inline int php_openssl_config_check_syntax(
const char * section_label,
const char * config_filename,
const char * section,
- LHASH * config TSRMLS_DC)
+ LHASH * config TSRMLS_DC
+ ) /* {{{ */
{
X509V3_CTX ctx;
@@ -379,8 +384,9 @@
}
return SUCCESS;
}
+/* }}} */
-static int add_oid_section(struct php_x509_request * req TSRMLS_DC)
+static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */
{
char * str;
STACK_OF(CONF_VALUE) * sktmp;
@@ -405,6 +411,7 @@
}
return SUCCESS;
}
+/* }}} */
#define PHP_SSL_REQ_INIT(req) memset(req, 0, sizeof(*req))
#define PHP_SSL_REQ_DISPOSE(req) php_openssl_dispose_config(req
TSRMLS_CC)
@@ -431,7 +438,7 @@
struct php_x509_request * req,
zval * optional_args
TSRMLS_DC
- )
+ ) /* {{{ */
{
char * str;
zval ** item;
@@ -509,8 +516,9 @@
return SUCCESS;
}
+/* }}} */
-static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC)
+static void php_openssl_dispose_config(struct php_x509_request * req
TSRMLS_DC) /* {{{ */
{
if (req-priv_key) {
EVP_PKEY_free(req-priv_key);
@@ -525,8 +533,9 @@
req-req_config = NULL;
}
}
+/* }}} */
-static int php_openssl_load_rand_file(const char * file, int *egdsocket, int
*seeded)
+static int php_openssl_load_rand_file(const char * file, int *egdsocket, int
*seeded) /* {{{ */
{
char buffer[MAXPATHLEN];
@@ -556,8 +565,9 @@
*seeded = 1;
return SUCCESS;
}
+/* }}} */
-static int php_openssl_write_rand_file(const char * file, int egdsocket, int
seeded)
+static int php_openssl_write_rand_file(const char * file, int egdsocket, int
seeded) /* {{{ */
{
char buffer[MAXPATHLEN];
@@ -577,6 +587,7 @@
}
return SUCCESS;
}
+/* }}} */
static EVP_MD * php_openssl_get_evp_md_from_algo(long algo)
