[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c

2008-10-14 Thread Ilia Alshanetsky
iliaa   Tue Oct 14 23:40:25 2008 UTC

  Modified files:  (Branch: PHP_5_2)
/php-src/ext/opensslopenssl.c 
/php-srcNEWS 
  Log:
  
  MFB: Fixed bug #46271 (local_cert option is not resolved to full path)
  
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.46r2=1.98.2.5.2.47diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.46 
php-src/ext/openssl/openssl.c:1.98.2.5.2.47
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.46 Sun May  4 21:19:17 2008
+++ php-src/ext/openssl/openssl.c   Tue Oct 14 23:40:25 2008
@@ -20,7 +20,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.46 2008/05/04 21:19:17 colder Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.47 2008/10/14 23:40:25 iliaa Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -3918,30 +3918,33 @@
X509 *cert = NULL;
EVP_PKEY *key = NULL;
SSL *tmpssl;
+   char resolved_path_buff[MAXPATHLEN];
 
-   /* a certificate to use for authentication */
-   if (SSL_CTX_use_certificate_chain_file(ctx, certfile) != 1) {
-   php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to 
set local cert chain file `%s'; Check that your cafile/capath settings include 
details of your certificate and its issuer, certfile);
-   return NULL;
-   }
+   if (VCWD_REALPATH(certfile, resolved_path_buff)) {
+   /* a certificate to use for authentication */
+   if (SSL_CTX_use_certificate_chain_file(ctx, 
resolved_path_buff) != 1) {
+   php_error_docref(NULL TSRMLS_CC, E_WARNING, 
Unable to set local cert chain file `%s'; Check that your cafile/capath 
settings include details of your certificate and its issuer, certfile);
+   return NULL;
+   }
 
-   if (SSL_CTX_use_PrivateKey_file(ctx, certfile, 
SSL_FILETYPE_PEM) != 1) {
-   php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to 
set private key file `%s', certfile);
-   return NULL;
-   }
+   if (SSL_CTX_use_PrivateKey_file(ctx, 
resolved_path_buff, SSL_FILETYPE_PEM) != 1) {
+   php_error_docref(NULL TSRMLS_CC, E_WARNING, 
Unable to set private key file `%s', resolved_path_buff);
+   return NULL;
+   }
 
-   tmpssl = SSL_new(ctx);
-   cert = SSL_get_certificate(tmpssl);
+   tmpssl = SSL_new(ctx);
+   cert = SSL_get_certificate(tmpssl);
 
-   if (cert) {
-   key = X509_get_pubkey(cert);
-   EVP_PKEY_copy_parameters(key, 
SSL_get_privatekey(tmpssl));
-   EVP_PKEY_free(key);
-   }
-   SSL_free(tmpssl);
+   if (cert) {
+   key = X509_get_pubkey(cert);
+   EVP_PKEY_copy_parameters(key, 
SSL_get_privatekey(tmpssl));
+   EVP_PKEY_free(key);
+   }
+   SSL_free(tmpssl);
 
-   if (!SSL_CTX_check_private_key(ctx)) {
-   php_error_docref(NULL TSRMLS_CC, E_WARNING, Private 
key does not match certificate!);
+   if (!SSL_CTX_check_private_key(ctx)) {
+   php_error_docref(NULL TSRMLS_CC, E_WARNING, 
Private key does not match certificate!);
+   }
}
}
if (ok) {
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1256r2=1.2027.2.547.2.1257diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1256 php-src/NEWS:1.2027.2.547.2.1257
--- php-src/NEWS:1.2027.2.547.2.1256Tue Oct 14 17:43:19 2008
+++ php-src/NEWSTue Oct 14 23:40:25 2008
@@ -5,6 +5,7 @@
   using FETCH_CLASSTYPE). (Felipe)
 - Fixed bug #46274, #46249 (pdo_pgsql always fill in NULL for empty BLOB and 
   segfaults when returned by SELECT). (Felipe)
+- Fixed bug #46271 (local_cert option is not resolved to full path). (Ilia)
 - Fixed bug #46246 (difference between call_user_func(array($this, $method))
   and $this-$method()). (Dmitry)
 - Fixed bug #46139 (PDOStatement-setFetchMode() forgets FETCH_PROPS_LATE).



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c /ext/standard filestat.c php_filestat.h /ext/standard/tests/file 005_basic.phpt 005_error.phpt bug43137.phpt /main/streams plain_wrapp

2007-10-31 Thread Jani Taskinen
janiWed Oct 31 13:23:07 2007 UTC

  Added files: (Branch: PHP_5_2)
/php-src/ext/standard/tests/filebug43137.phpt 

  Modified files:  
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
/php-src/ext/standard   filestat.c php_filestat.h 
/php-src/ext/standard/tests/file005_basic.phpt 005_error.phpt 
/php-src/main/streams   plain_wrapper.c 
  Log:
  MFH: - Fixed Bug #43137 (rmdir() and rename() do not clear statcache)
  
  http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.992r2=1.2027.2.547.2.993diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.992 php-src/NEWS:1.2027.2.547.2.993
--- php-src/NEWS:1.2027.2.547.2.992 Wed Oct 31 12:58:24 2007
+++ php-src/NEWSWed Oct 31 13:23:05 2007
@@ -3,6 +3,7 @@
 ?? ??? 2007, PHP 5.2.5RC2
 - Added ability to control memory consumption between request using
   ZEND_MM_COMPACT environment variable. (Dmitry)
+- Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)
 
 18 Oct 2007, PHP 5.2.5RC1
 - Upgraded PCRE to version 7.3 (Nuno)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.41r2=1.98.2.5.2.42diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.41 
php-src/ext/openssl/openssl.c:1.98.2.5.2.42
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.41 Wed Aug  8 06:29:46 2007
+++ php-src/ext/openssl/openssl.c   Wed Oct 31 13:23:06 2007
@@ -20,7 +20,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.41 2007/08/08 06:29:46 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.42 2007/10/31 13:23:06 jani Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -46,6 +46,9 @@
 #include openssl/ssl.h
 #include openssl/pkcs12.h
 
+/* Common */
+#include time.h
+
 #define DEFAULT_KEY_LENGTH 512
 #define MIN_KEY_LENGTH 384
 
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/filestat.c?r1=1.136.2.8.2.14r2=1.136.2.8.2.15diff_format=u
Index: php-src/ext/standard/filestat.c
diff -u php-src/ext/standard/filestat.c:1.136.2.8.2.14 
php-src/ext/standard/filestat.c:1.136.2.8.2.15
--- php-src/ext/standard/filestat.c:1.136.2.8.2.14  Fri Sep 21 14:05:18 2007
+++ php-src/ext/standard/filestat.c Wed Oct 31 13:23:06 2007
@@ -16,7 +16,7 @@
+--+
  */
 
-/* $Id: filestat.c,v 1.136.2.8.2.14 2007/09/21 14:05:18 tony2001 Exp $ */
+/* $Id: filestat.c,v 1.136.2.8.2.15 2007/10/31 13:23:06 jani Exp $ */
 
 #include php.h
 #include safe_mode.h
@@ -698,14 +698,10 @@
 /* }}} */
 #endif
 
-/* {{{ proto void clearstatcache(void)
-   Clear file stat cache */
-PHP_FUNCTION(clearstatcache)
+/* {{{ php_clear_stat_cache()
+*/
+PHPAPI void php_clear_stat_cache(TSRMLS_D)
 {
-   if (ZEND_NUM_ARGS()) {
-   WRONG_PARAM_COUNT;
-   }
-
if (BG(CurrentStatFile)) {
efree(BG(CurrentStatFile));
BG(CurrentStatFile) = NULL;
@@ -718,6 +714,17 @@
 }
 /* }}} */
 
+/* {{{ proto void clearstatcache(void)
+   Clear file stat cache */
+PHP_FUNCTION(clearstatcache)
+{
+   if (ZEND_NUM_ARGS()) {
+   WRONG_PARAM_COUNT;
+   }
+   php_clear_stat_cache(TSRMLS_C);
+}
+/* }}} */
+
 #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK || 
(__t) == FS_LSTAT)
 #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS  || (__t) == FS_IS_W || (__t) 
== FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) == FS_IS_DIR || 
(__t) == FS_IS_LINK)
 #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t) == 
FS_IS_X)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/php_filestat.h?r1=1.24.2.4.2.1r2=1.24.2.4.2.2diff_format=u
Index: php-src/ext/standard/php_filestat.h
diff -u php-src/ext/standard/php_filestat.h:1.24.2.4.2.1 
php-src/ext/standard/php_filestat.h:1.24.2.4.2.2
--- php-src/ext/standard/php_filestat.h:1.24.2.4.2.1Mon Jan  1 09:36:08 2007
+++ php-src/ext/standard/php_filestat.h Wed Oct 31 13:23:06 2007
@@ -16,7 +16,7 @@
+--+
 */
 
-/* $Id: php_filestat.h,v 1.24.2.4.2.1 2007/01/01 09:36:08 sebastian Exp $ */
+/* $Id: php_filestat.h,v 1.24.2.4.2.2 2007/10/31 13:23:06 jani Exp $ */
 
 #ifndef PHP_FILESTAT_H
 #define PHP_FILESTAT_H
@@ -87,6 +87,7 @@
 typedef int php_stat_len;
 #endif
 
+PHPAPI void php_clear_stat_cache(TSRMLS_D);
 PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int 
type, zval *return_value TSRMLS_DC);
 
 /* Switches for various filestat functions: */
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/005_basic.phpt?r1=1.1.2.1r2=1.1.2.2diff_format=u
Index: php-src/ext/standard/tests/file/005_basic.phpt
diff -u php-src/ext/standard/tests/file/005_basic.phpt:1.1.2.1 
php-src/ext/standard/tests/file/005_basic.phpt:1.1.2.2
--- 

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c /ext/openssl/tests bug28382.phpt

2007-07-11 Thread Dmitry Stogov
dmitry  Wed Jul 11 12:18:14 2007 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
/php-src/ext/openssl/tests  bug28382.phpt 
  Log:
  mproced openssl_x509_parse() to return extensions in readable form
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.826r2=1.2027.2.547.2.827diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.826 php-src/NEWS:1.2027.2.547.2.827
--- php-src/NEWS:1.2027.2.547.2.826 Tue Jul 10 20:25:49 2007
+++ php-src/NEWSWed Jul 11 12:18:13 2007
@@ -6,6 +6,7 @@
 - Upgraded PCRE to version 7.2 (Nuno)
 - Updated timezone database to version 2007.6. (Derick)
 
+- Improced openssl_x509_parse() to return extensions in readable form. (Dmitry)
 - Improved fix for MOPB-03-2007. (Ilia)
 - Corrected fix for CVE-2007-2872. (Ilia)
 - Enabled statement cache for non-persistent OCI8 connections.
@@ -30,6 +31,7 @@
 - Added CURLOPT_PRIVATE  CURLINFO_PRIVATE constants. 
   (Andrey A. Belashkov, Tony)
 
+- Fixed crash in OpenSSL extension because of non-strin passphrase. (Dmitry)
 - Fixed var_export() to use the new H modifier so that it can generate
   parseable PHP code for floats, independent of the locale. (Derick)
 - Fixed regression introduced by the fix for the libgd bug #74. (Pierre)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.37r2=1.98.2.5.2.38diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.37 
php-src/ext/openssl/openssl.c:1.98.2.5.2.38
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.37 Wed Jul 11 07:36:12 2007
+++ php-src/ext/openssl/openssl.c   Wed Jul 11 12:18:14 2007
@@ -20,7 +20,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.37 2007/07/11 07:36:12 dmitry Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.38 2007/07/11 12:18:14 dmitry Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -999,8 +999,10 @@
char * tmpstr;
zval * subitem;
X509_EXTENSION *extension;
-   ASN1_OCTET_STRING *extdata;
char *extname;
+   BIO  *bio_out;
+   BUF_MEM *bio_buf;
+   char buf[256];
 
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Z|b, zcert, 
useshortnames) == FAILURE) {
return;
@@ -1082,9 +1084,20 @@
 
for (i = 0; i  X509_get_ext_count(cert); i++) {
extension = X509_get_ext(cert, i);
-   extdata = X509_EXTENSION_get_data(extension);
-   extname = (char 
*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
-   add_assoc_asn1_string(subitem, extname, extdata);
+   if (OBJ_obj2nid(X509_EXTENSION_get_object(extension)) != 
NID_undef) {
+   extname = (char 
*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
+   } else {
+   OBJ_obj2txt(buf, sizeof(buf)-1, 
X509_EXTENSION_get_object(extension), 1);
+   extname = buf;
+   }
+   bio_out = BIO_new(BIO_s_mem());
+   if (X509V3_EXT_print(bio_out, extension, 0, 0)) {
+   BIO_get_mem_ptr(bio_out, bio_buf);
+   add_assoc_stringl(subitem, extname, bio_buf-data, 
bio_buf-length, 1);
+   } else {
+   add_assoc_asn1_string(subitem, extname, 
X509_EXTENSION_get_data(extension));
+   }
+   BIO_free(bio_out);
}
add_assoc_zval(return_value, extensions, subitem);
 
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?r1=1.1.2.5r2=1.1.2.6diff_format=u
Index: php-src/ext/openssl/tests/bug28382.phpt
diff -u php-src/ext/openssl/tests/bug28382.phpt:1.1.2.5 
php-src/ext/openssl/tests/bug28382.phpt:1.1.2.6
--- php-src/ext/openssl/tests/bug28382.phpt:1.1.2.5 Wed May 30 15:40:26 2007
+++ php-src/ext/openssl/tests/bug28382.phpt Wed Jul 11 12:18:14 2007
@@ -14,25 +14,28 @@
 --EXPECTF--
 array(11) {
   [basicConstraints]=
-  string(2) %s
+  string(8) CA:FALSE
   [nsComment]=
-  string(40) %s
+  string(38) For Grid use only; request tag userTag
   [nsCertType]=
-  string(4) %s
+  string(30) SSL Client, SSL Server, S/MIME
   [crlDistributionPoints]=
-  string(56) %s
+  string(51) URI:http://mobile.blue-software.ro:90/ca/crl.shtml
+
   [nsCaPolicyUrl]=
-  string(40) %s
+  string(38) http://mobile.blue-software.ro:90/pub/;
   [subjectAltName]=
-  string(26) %s
+  string(28) email:[EMAIL PROTECTED]
   [subjectKeyIdentifier]=
-  string(22) %s
+  string(59) B0:A7:FF:F9:41:15:DE:23:39:BD:DD:31:0F:97:A0:B2:A2:74:E0:FC
   [authorityKeyIdentifier]=
-  string(159) %s
+  string(115) DirName:/C=RO/ST=Romania/L=Craiova/O=Sergiu/OU=Sergiu 
SRL/CN=Sergiu CA/[EMAIL PROTECTED]
+serial:00
+
   [keyUsage]=
-  string(4) %s
+  string(71) Digital Signature, Non Repudiation, Key Encipherment, Data 
Encipherment
   [nsBaseUrl]=
-  

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c

2007-05-19 Thread Pierre-Alain Joye
pajoye  Sat May 19 22:05:08 2007 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
  Log:
  - #41423. PHP assumes wrongly that certain ciphers are enabled in OpenSSL
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.723r2=1.2027.2.547.2.724diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.723 php-src/NEWS:1.2027.2.547.2.724
--- php-src/NEWS:1.2027.2.547.2.723 Sat May 19 20:30:35 2007
+++ php-src/NEWSSat May 19 22:05:08 2007
@@ -21,6 +21,8 @@
 - Fixed segfault in strripos(). (Tony, Joxean Koret)
 - Fixed bug #41430 (Fatal error with negative values of maxlen parameter of 
   file_get_contents()). (Tony)
+- fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in 
+  OpenSSL) (Pierre)
 - Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). 
   (Tony, Dmitry)
 - Fixed bug #41403 (json_decode cannot decode floats if localeconv 
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.33r2=1.98.2.5.2.34diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.33 
php-src/ext/openssl/openssl.c:1.98.2.5.2.34
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.33 Sun May 13 17:37:32 2007
+++ php-src/ext/openssl/openssl.c   Sat May 19 22:05:08 2007
@@ -20,7 +20,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.33 2007/05/13 17:37:32 iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.34 2007/05/19 22:05:08 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -707,11 +707,15 @@
REGISTER_LONG_CONSTANT(OPENSSL_PKCS1_OAEP_PADDING, 
RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
 
/* Ciphers */
+#ifndef OPENSSL_NO_RC2
REGISTER_LONG_CONSTANT(OPENSSL_CIPHER_RC2_40, 
PHP_OPENSSL_CIPHER_RC2_40, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(OPENSSL_CIPHER_RC2_128, 
PHP_OPENSSL_CIPHER_RC2_128, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(OPENSSL_CIPHER_RC2_64, 
PHP_OPENSSL_CIPHER_RC2_64, CONST_CS|CONST_PERSISTENT);
+#endif
+#ifndef OPENSSL_NO_DES
REGISTER_LONG_CONSTANT(OPENSSL_CIPHER_DES, PHP_OPENSSL_CIPHER_DES, 
CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(OPENSSL_CIPHER_3DES, PHP_OPENSSL_CIPHER_3DES, 
CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_RSA, OPENSSL_KEYTYPE_RSA, 
CONST_CS|CONST_PERSISTENT);
@@ -2928,6 +2932,7 @@
 
/* sanity check the cipher */
switch (cipherid) {
+#ifndef OPENSSL_NO_RC2
case PHP_OPENSSL_CIPHER_RC2_40:
cipher = EVP_rc2_40_cbc();
break;
@@ -2937,12 +2942,17 @@
case PHP_OPENSSL_CIPHER_RC2_128:
cipher = EVP_rc2_cbc();
break;
+#endif
+
+#ifndef OPENSSL_NO_DES
case PHP_OPENSSL_CIPHER_DES:
cipher = EVP_des_cbc();
break;
case PHP_OPENSSL_CIPHER_3DES:
cipher = EVP_des_ede3_cbc();
break;
+#endif
+
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid 
cipher type `%ld', cipherid);
goto clean_exit;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c /ext/openssl/tests bug41353.phpt

2007-05-13 Thread Ilia Alshanetsky
iliaa   Sun May 13 17:37:33 2007 UTC

  Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests  bug41353.phpt 

  Modified files:  
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
  Log:
  
  Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input).
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.698r2=1.2027.2.547.2.699diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.698 php-src/NEWS:1.2027.2.547.2.699
--- php-src/NEWS:1.2027.2.547.2.698 Fri May 11 12:22:00 2007
+++ php-src/NEWSSun May 13 17:37:32 2007
@@ -8,6 +8,7 @@
 - Fixed altering $this via argument named this. (Dmitry)
 - Fixed PHP CLI to use the php.ini from the binary location. (Hannes)
 - Fixed segfault in strripos(). (Tony, Joxean Koret)
+- Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia)
 - Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony)
 - Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott)
 - Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.32r2=1.98.2.5.2.33diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.32 
php-src/ext/openssl/openssl.c:1.98.2.5.2.33
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.32 Thu Apr  5 18:08:42 2007
+++ php-src/ext/openssl/openssl.c   Sun May 13 17:37:32 2007
@@ -20,7 +20,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.32 2007/04/05 18:08:42 rrichards Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.33 2007/05/13 17:37:32 iliaa Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -1541,13 +1541,13 @@
 }
 /* }}} */
 
-/* {{{ proto bool openssl_pkcs12_read(mixed PKCS12, array certs, string pass)
+/* {{{ proto bool openssl_pkcs12_read(string PKCS12, array certs, string pass)
Parses a PKCS12 to an array */
 PHP_FUNCTION(openssl_pkcs12_read)
 {
-   zval *zp12 = NULL, *zout = NULL, *zextracerts, *zcert, *zpkey;
-   char * pass;
-   int pass_len;
+   zval *zout = NULL, *zextracerts, *zcert, *zpkey;
+   char *pass, *zp12;
+   int pass_len, zp12_len;
PKCS12 * p12 = NULL;
EVP_PKEY * pkey = NULL;
X509 * cert = NULL;
@@ -1555,14 +1555,14 @@
BIO * bio_in = NULL;
int i;
 
-   if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zzs, zp12, 
zout, pass, pass_len) == FAILURE)
+   if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, szs, zp12, 
zp12_len, zout, pass, pass_len) == FAILURE)
return;
 
RETVAL_FALSE;

bio_in = BIO_new(BIO_s_mem());

-   if(!BIO_write(bio_in, Z_STRVAL_P(zp12), Z_STRLEN_P(zp12)))
+   if(!BIO_write(bio_in, zp12, zp12_len))
goto cleanup;

if(d2i_PKCS12_bio(bio_in, p12)) {

http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41353.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug41353.phpt
+++ php-src/ext/openssl/tests/bug41353.phpt

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c

2006-11-15 Thread Pierre-Alain Joye
pajoye  Wed Nov 15 23:28:06 2006 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
  Log:
  - MFH: #39217, serialNumber might be -1 when the value is too big
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.365r2=1.2027.2.547.2.366diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.365 php-src/NEWS:1.2027.2.547.2.366
--- php-src/NEWS:1.2027.2.547.2.365 Wed Nov 15 18:34:56 2006
+++ php-src/NEWSWed Nov 15 23:28:05 2006
@@ -65,6 +65,8 @@
   of overloaded array). (Dmitry)
 - Fixed bug #39265 (Fixed path handling inside mod_files.sh). 
   (michal dot taborsky at gmail dot com, Ilia)
+- Fixed bug #39217 (serialNumber might be -1 when the value is too large)
+  (Pierre, Tony)
 - Fixed bug #39215 (Inappropriate close of stdin/stdout/stderr). (Wez,Ilia)
 - Fixed bug #39151 (Parse error in recursiveiteratoriterator.php). (Marcus)
 - Fixed bug #39121 (Incorrect return array handling in non-wsdl soap client).
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.23r2=1.98.2.5.2.24diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.23 
php-src/ext/openssl/openssl.c:1.98.2.5.2.24
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.23 Sun Oct 15 21:09:24 2006
+++ php-src/ext/openssl/openssl.c   Wed Nov 15 23:28:06 2006
@@ -18,7 +18,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.23 2006/10/15 21:09:24 tony2001 Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.24 2006/11/15 23:28:06 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -1003,7 +1003,8 @@

add_assoc_name_entry(return_value, issuer,
X509_get_issuer_name(cert), useshortnames TSRMLS_CC);
add_assoc_long(return_value, version, 
X509_get_version(cert));
-   add_assoc_long(return_value, serialNumber,
ASN1_INTEGER_get(X509_get_serialNumber(cert)));
+
+   add_assoc_string(return_value, serialNumber, i2s_ASN1_INTEGER(NULL, 
X509_get_serialNumber(cert)), 1); 
 
add_assoc_asn1_string(return_value, validFrom,
X509_get_notBefore(cert));
add_assoc_asn1_string(return_value, validTo,  
X509_get_notAfter(cert));

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c

2006-09-08 Thread Antony Dovgal
tony2001Fri Sep  8 20:10:47 2006 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
  Log:
  implement feature request #38731 (openssl_pkey_new does not support DSA key 
generation)
  patch by marci at balabit dot hu
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.238r2=1.2027.2.547.2.239diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.238 php-src/NEWS:1.2027.2.547.2.239
--- php-src/NEWS:1.2027.2.547.2.238 Wed Sep  6 17:25:57 2006
+++ php-src/NEWSFri Sep  8 20:10:46 2006
@@ -1,6 +1,8 @@
 'PHP
NEWS
 |||
 ?? Sep 2006, PHP 5.2.0RC4
+- Added DSA key generation support to openssl_pkey_new(), FR #38731
+  (marci at balabit dot hu, Tony)
 - Removed current working directory from the php.ini search path for CLI and
   readded it for other SAPIs (restore to pre 5.1.x behaviour). (Edin)
 - Fixed bug #38700 (SoapClient::__getTypes never returns). (Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.18r2=1.98.2.5.2.19diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.18 
php-src/ext/openssl/openssl.c:1.98.2.5.2.19
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.18 Thu Sep  7 14:11:05 2006
+++ php-src/ext/openssl/openssl.c   Fri Sep  8 20:10:47 2006
@@ -18,7 +18,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.18 2006/09/07 14:11:05 iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.19 2006/09/08 20:10:47 tony2001 Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -2051,9 +2051,27 @@
if ((req-priv_key = EVP_PKEY_new()) != NULL) {
switch(req-priv_key_type) {
case OPENSSL_KEYTYPE_RSA:
-   if (EVP_PKEY_assign_RSA(req-priv_key, 
RSA_generate_key(req-priv_key_bits, 0x10001, NULL, NULL)))
+   if (EVP_PKEY_assign_RSA(req-priv_key, 
RSA_generate_key(req-priv_key_bits, 0x10001, NULL, NULL))) {
return_val = req-priv_key;
+   }
+   break;
+#ifndef NO_DSA
+   case OPENSSL_KEYTYPE_DSA:
+   {
+   DSA *dsapar = 
DSA_generate_parameters(req-priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL);
+   if (dsapar) {
+   DSA_set_method(dsapar, 
DSA_get_default_method());
+   if (DSA_generate_key(dsapar)) {
+   if 
(EVP_PKEY_assign_DSA(req-priv_key, dsapar)) {
+   return_val = 
req-priv_key;
+   }
+   } else {
+   DSA_free(dsapar);
+   }
+   }
+   }
break;
+#endif
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING, 
Unsupported private key type);
}

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c php_openssl.h

2006-08-15 Thread Pierre-Alain Joye
pajoye  Tue Aug 15 20:27:20 2006 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslphp_openssl.h openssl.c 
  Log:
  - add openssl_csr_get_subject() and openssl_csr_get_public_key()
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.205r2=1.2027.2.547.2.206diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.205 php-src/NEWS:1.2027.2.547.2.206
--- php-src/NEWS:1.2027.2.547.2.205 Tue Aug 15 20:13:47 2006
+++ php-src/NEWSTue Aug 15 20:27:20 2006
@@ -29,6 +29,7 @@
   . Added openssl_pkey_get_details, returns the details of a key
   . Added x509 v3 extensions support
   . Added a new constant OPENSSL_KEYTYPE_EC
+  . Added openssl_csr_get_subject() and openssl_csr_get_public_key()
 
 - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
 - Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/php_openssl.h?r1=1.16.2.1.2.1r2=1.16.2.1.2.2diff_format=u
Index: php-src/ext/openssl/php_openssl.h
diff -u php-src/ext/openssl/php_openssl.h:1.16.2.1.2.1 
php-src/ext/openssl/php_openssl.h:1.16.2.1.2.2
--- php-src/ext/openssl/php_openssl.h:1.16.2.1.2.1  Tue Aug 15 00:38:04 2006
+++ php-src/ext/openssl/php_openssl.h   Tue Aug 15 20:27:20 2006
@@ -17,7 +17,7 @@
+--+
  */
 
-/* $Id: php_openssl.h,v 1.16.2.1.2.1 2006/08/15 00:38:04 pajoye Exp $ */
+/* $Id: php_openssl.h,v 1.16.2.1.2.2 2006/08/15 20:27:20 pajoye Exp $ */
 
 #ifndef PHP_OPENSSL_H
 #define PHP_OPENSSL_H
@@ -67,7 +67,8 @@
 PHP_FUNCTION(openssl_csr_export);
 PHP_FUNCTION(openssl_csr_export_to_file);
 PHP_FUNCTION(openssl_csr_sign);
-
+PHP_FUNCTION(openssl_csr_get_subject);
+PHP_FUNCTION(openssl_csr_get_public_key);
 #else
 
 #define phpext_openssl_ptr NULL
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.10r2=1.98.2.5.2.11diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.10 
php-src/ext/openssl/openssl.c:1.98.2.5.2.11
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.10 Tue Aug 15 00:38:04 2006
+++ php-src/ext/openssl/openssl.c   Tue Aug 15 20:27:20 2006
@@ -18,7 +18,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.10 2006/08/15 00:38:04 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.11 2006/08/15 20:27:20 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -113,6 +113,8 @@
PHP_FE(openssl_csr_export,  second_arg_force_ref)
PHP_FE(openssl_csr_export_to_file,  NULL)
PHP_FE(openssl_csr_sign,NULL)
+   PHP_FE(openssl_csr_get_subject, NULL)
+   PHP_FE(openssl_csr_get_public_key,  NULL)
 
PHP_FE(openssl_sign,second_arg_force_ref)
PHP_FE(openssl_verify,  NULL)
@@ -248,9 +250,13 @@
ASN1_STRING * str = NULL;
ASN1_OBJECT * obj;
 
-   MAKE_STD_ZVAL(subitem);
-   array_init(subitem);
-
+   if (key != NULL) {
+   MAKE_STD_ZVAL(subitem);
+   array_init(subitem);
+   } else {
+   subitem = val;
+   }
+   
for (i = 0; i  X509_NAME_entry_count(name); i++) {
ne  = X509_NAME_get_entry(name, i);
obj = X509_NAME_ENTRY_get_object(ne);
@@ -291,7 +297,9 @@
}
}
}
-   zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void *)subitem, 
sizeof(subitem), NULL);
+   if (key != NULL) {
+   zend_hash_update(HASH_OF(val), key, strlen(key) + 1, (void 
*)subitem, sizeof(subitem), NULL);
+   }
 }
 /* }}} */
 
@@ -1527,8 +1535,6 @@
 }
 /* }}} */
 
-
-
 /* {{{ proto bool openssl_csr_export(resource csr, string out [, bool 
notext=true])
Exports a CSR to file or a var */
 PHP_FUNCTION(openssl_csr_export)
@@ -1789,6 +1795,61 @@
 }
 /* }}} */
 
+/* {{{ proto mixed openssl_csr_get_subject(mixed csr)
+   Returns the subject of a CERT or FALSE on error */
+PHP_FUNCTION(openssl_csr_get_subject)
+{
+   zval * zcsr;
+   zend_bool use_shortnames = 1;
+   long csr_resource;
+   X509_NAME * subject;
+   X509_REQ * csr;
+
+   if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|b, zcsr, 
use_shortnames) == FAILURE) {
+   return;
+   }
+
+   csr = php_openssl_csr_from_zval(zcsr, 0, csr_resource TSRMLS_CC);
+
+   if (csr == NULL) {
+   RETURN_FALSE;
+   }
+
+   subject = X509_REQ_get_subject_name(csr);
+
+   array_init(return_value);
+   add_assoc_name_entry(return_value, NULL, subject, use_shortnames 
TSRMLS_CC);
+   return;
+}
+/* }}} */
+
+/* {{{ proto mixed openssl_csr_get_public_key(mixed csr)
+   Returns the subject of a CERT or FALSE on error */

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c php_openssl.h

2006-08-14 Thread Pierre-Alain Joye
pajoye  Tue Aug 15 00:38:04 2006 UTC

  Modified files:  (Branch: PHP_5_2)
/php-srcNEWS 
/php-src/ext/opensslopenssl.c php_openssl.h 
  Log:
  - add OPENSSL_KEYTYPE_EC constant
  - openssl_pkey_get_details(), returns the key details
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.202r2=1.2027.2.547.2.203diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.202 php-src/NEWS:1.2027.2.547.2.203
--- php-src/NEWS:1.2027.2.547.2.202 Mon Aug 14 20:11:52 2006
+++ php-src/NEWSTue Aug 15 00:38:04 2006
@@ -26,9 +26,9 @@
 
 - Improved OpenSSL extension: (Pierre)
   . Added support for all supported algorithms in openssl_verify
-  . Implement #36732 (req/x509 extensions support for openssl_csr_new and
-openssl_csr_sign) (ben at psc dot edu, Pierre)
-  . Implement #28382 (openssl_x509_parse() extensions support)
+  . Added openssl_pkey_get_details, returns the details of a key
+  . Added x509 v3 extensions support
+  . Added a new constant OPENSSL_KEYTYPE_EC
 
 - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
 - Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
@@ -106,8 +106,11 @@
   destruction). (Ilia)
 - Fixed bug #37265 (Added missing safe_mode  open_basedir checks to
   imap_body()). (Ilia)
+- Implement #36732 (req/x509 extensions support for openssl_csr_new and
+  openssl_csr_sign) (ben at psc dot edu, Pierre)
 - Fixed bug #35973 (Error ORA-24806 occurs when trying to fetch a NCLOB 
   field). (Tony)
+- Implement #28382 (openssl_x509_parse() extensions support) (Pierre)
 
 24 Jul 2006, PHP 5.2.0RC1
 - Updated bundled MySQL client library to version 5.0.22 in the Windows
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.9r2=1.98.2.5.2.10diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.9 
php-src/ext/openssl/openssl.c:1.98.2.5.2.10
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.9  Mon Jul 31 03:41:19 2006
+++ php-src/ext/openssl/openssl.c   Tue Aug 15 00:38:04 2006
@@ -18,7 +18,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.9 2006/07/31 03:41:19 iliaa Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.10 2006/08/15 00:38:04 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -60,11 +60,17 @@
ZEND_ARG_PASS_INFO(1)
ZEND_END_ARG_INFO();
 
+/* FIXME: Use the openssl constants instead of
+ * enum. It is now impossible to match real values
+ * against php constants. Also sorry to break the
+ * enum principles here, BC...
+ */
 enum php_openssl_key_type {
OPENSSL_KEYTYPE_RSA,
OPENSSL_KEYTYPE_DSA,
OPENSSL_KEYTYPE_DH,
-   OPENSSL_KEYTYPE_DEFAULT = OPENSSL_KEYTYPE_RSA
+   OPENSSL_KEYTYPE_DEFAULT = OPENSSL_KEYTYPE_RSA,
+   OPENSSL_KEYTYPE_EC = OPENSSL_KEYTYPE_DH +1
 };
 
 enum php_openssl_cipher_type {
@@ -87,6 +93,7 @@
PHP_FE(openssl_pkey_export_to_file, NULL)
PHP_FE(openssl_pkey_get_private,NULL)
PHP_FE(openssl_pkey_get_public, NULL)
+   PHP_FE(openssl_pkey_get_details,NULL)
 
PHP_FALIAS(openssl_free_key,openssl_pkey_free,  
NULL)
PHP_FALIAS(openssl_get_privatekey,  openssl_pkey_get_private,   
NULL)
@@ -680,6 +687,7 @@
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DSA, OPENSSL_KEYTYPE_DSA, 
CONST_CS|CONST_PERSISTENT);
 #endif
REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_DH, OPENSSL_KEYTYPE_DH, 
CONST_CS|CONST_PERSISTENT);
+   REGISTER_LONG_CONSTANT(OPENSSL_KEYTYPE_EC, OPENSSL_KEYTYPE_EC, 
CONST_CS|CONST_PERSISTENT);
 
/* Determine default SSL configuration file */
config_filename = getenv(OPENSSL_CONF);
@@ -2216,6 +2224,61 @@
 
 /* }}} */
 
+/* {{{ proto resource openssl_pkey_get_details(resource key)
+   returns an array with the key details (bits, pkey, type)*/
+PHP_FUNCTION(openssl_pkey_get_details)
+{
+   zval *key;
+   EVP_PKEY *pkey;
+   BIO *out;
+   unsigned int pbio_len;
+   char *pbio;
+   long ktype;
+
+   if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, r, key) == 
FAILURE) {
+   return;
+   }
+   ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, key, -1, OpenSSL key, le_key);
+   if (!pkey) {
+   RETURN_FALSE;
+   }
+   out = BIO_new(BIO_s_mem());
+   PEM_write_bio_PUBKEY(out, pkey);
+   pbio_len = BIO_get_mem_data(out, pbio);
+
+   array_init(return_value);
+   add_assoc_long(return_value, bits, EVP_PKEY_bits(pkey));
+   add_assoc_stringl(return_value, key, pbio, pbio_len, 1);
+   /*TODO: Use the real values once the openssl constants are used 
+* See the enum at the top of this file
+*/
+   switch (EVP_PKEY_type(pkey-type)) {
+   case EVP_PKEY_RSA:
+   case EVP_PKEY_RSA2:
+

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl openssl.c /ext/openssl/tests bug38261.phpt

2006-07-30 Thread Pierre-Alain Joye
pajoye  Sun Jul 30 16:26:19 2006 UTC

  Added files: (Branch: PHP_5_2)
/php-src/ext/openssl/tests  bug38261.phpt 

  Modified files:  
/php-srcNEWS 
/php-src/ext/opensslopenssl.c 
  Log:
  - 38261: openssl_x509_parse leaks with invalid certs
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.163r2=1.2027.2.547.2.164diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.163 php-src/NEWS:1.2027.2.547.2.164
--- php-src/NEWS:1.2027.2.547.2.163 Sun Jul 30 11:19:56 2006
+++ php-src/NEWSSun Jul 30 16:26:19 2006
@@ -19,6 +19,7 @@
 - Fixed phpinfo() cutoff of variables at \0. (Ilia)
 - Fixed a bug in the filter extension that prevented magic_quotes_gpc from
   being applied when RAW filter is used. (Ilia)
+- Fixed bug #38261 (openssl_x509_parse() leaks with invalid cert) (Pierre)
 - Fixed bug #38255 (openssl possible leaks while passing keys) (Pierre)
 - Fixed bug #38253 (PDO produces segfault with default fetch mode). (Tony)
 - Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST).
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.5r2=1.98.2.5.2.6diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.5 
php-src/ext/openssl/openssl.c:1.98.2.5.2.6
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.5  Sun Jul 30 09:18:06 2006
+++ php-src/ext/openssl/openssl.c   Sun Jul 30 16:26:19 2006
@@ -18,7 +18,7 @@
+--+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.5 2006/07/30 09:18:06 pajoye Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.6 2006/07/30 16:26:19 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include config.h
@@ -784,6 +784,11 @@
 
return NULL;
}
+
+   if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) {
+   return NULL;
+   }
+
/* force it to be a string and check if it refers to a file */
convert_to_string_ex(val);
 

http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug38261.phpt?view=markuprev=1.1
Index: php-src/ext/openssl/tests/bug38261.phpt
+++ php-src/ext/openssl/tests/bug38261.phpt

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php