[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Sun Jun 8 19:52:28 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: MFB Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.74 php4/ext/openssl/openssl.c:1.75 --- php4/ext/openssl/openssl.c:1.74 Mon Apr 28 18:42:21 2003 +++ php4/ext/openssl/openssl.c Sun Jun 8 19:52:28 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.74 2003/04/28 22:42:21 iliaa Exp $ */ +/* $Id: openssl.c,v 1.75 2003/06/08 23:52:28 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1956,7 +1956,7 @@ bio_out = BIO_new_file(filename, w); if (passphrase req.priv_key_encrypt) { - cipher = EVP_des_ede3_cbc(); + cipher = (EVP_CIPHER *) EVP_des_ede3_cbc(); } else { cipher = NULL; } @@ -2007,7 +2007,7 @@ bio_out = BIO_new(BIO_s_mem()); if (passphrase req.priv_key_encrypt) { - cipher = EVP_des_ede3_cbc(); + cipher = (EVP_CIPHER *) EVP_des_ede3_cbc(); } else { cipher = NULL; } @@ -2823,16 +2823,16 @@ switch (signature_algo) { case OPENSSL_ALGO_SHA1: - mdtype = EVP_sha1(); + mdtype = (EVP_MD *) EVP_sha1(); break; case OPENSSL_ALGO_MD5: - mdtype = EVP_md5(); + mdtype = (EVP_MD *) EVP_md5(); break; case OPENSSL_ALGO_MD4: - mdtype = EVP_md4(); + mdtype = (EVP_MD *) EVP_md4(); break; case OPENSSL_ALGO_MD2: - mdtype = EVP_md2(); + mdtype = (EVP_MD *) EVP_md2(); break; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
wez Mon Mar 31 12:58:28 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: Fix const warning Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.72 php4/ext/openssl/openssl.c:1.73 --- php4/ext/openssl/openssl.c:1.72 Sun Mar 30 17:29:21 2003 +++ php4/ext/openssl/openssl.c Mon Mar 31 12:58:28 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.72 2003/03/30 22:29:21 derick Exp $ */ +/* $Id: openssl.c,v 1.73 2003/03/31 17:58:28 wez Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -2302,7 +2302,7 @@ goto clean_exit; } - p7 = PKCS7_encrypt(recipcerts, infile, cipher, flags); + p7 = PKCS7_encrypt(recipcerts, infile, (EVP_CIPHER*)cipher, flags); if (p7 == NULL) { goto clean_exit; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
derick Sun Mar 30 17:25:22 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: - Added optional parameter to openssl_sign() to specify the hashing algorithm to use. (Patch by Scott [EMAIL PROTECTED]) @- Added optional parameter to openssl_sign() to specify the hashing @ algorithm to use. ([EMAIL PROTECTED], Derick) Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.70 php4/ext/openssl/openssl.c:1.71 --- php4/ext/openssl/openssl.c:1.70 Sat Mar 15 08:29:34 2003 +++ php4/ext/openssl/openssl.c Sun Mar 30 17:25:22 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.70 2003/03/15 13:29:34 wez Exp $ */ +/* $Id: openssl.c,v 1.71 2003/03/30 22:25:22 derick Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -45,6 +45,10 @@ #define DEFAULT_KEY_LENGTH 512 #define MIN_KEY_LENGTH 384 +#define OPENSSL_ALGO_SHA1 1 +#define OPENSSL_ALGO_MD5 2 +#define OPENSSL_ALGO_MD4 3 +#define OPENSSL_ALGO_MD2 4 #define DEBUG_SMIME0 @@ -565,6 +569,12 @@ REGISTER_LONG_CONSTANT(X509_PURPOSE_ANY, X509_PURPOSE_ANY, CONST_CS|CONST_PERSISTENT); #endif + /* signature algotithm constants */ + REGISTER_LONG_CONSTANT(OPENSSL_ALGO_SHA1, OPENSSL_ALGO_SHA1, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD5, OPENSSL_ALGO_MD5, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD4, OPENSSL_ALGO_MD4, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(OPENSSL_ALGO_MD2, OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT); + /* flags for S/MIME */ REGISTER_LONG_CONSTANT(PKCS7_DETACHED, PKCS7_DETACHED, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PKCS7_TEXT, PKCS7_TEXT, CONST_CS|CONST_PERSISTENT); @@ -2795,8 +2805,10 @@ long keyresource = -1; char * data;int data_len; EVP_MD_CTX md_ctx; + long signature_algo = OPENSSL_ALGO_SHA1; + EVP_MD *mdtype; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, szz, data, data_len, signature, key) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, szz|l, data, data_len, signature, key, signature_algo) == FAILURE) { return; } pkey = php_openssl_evp_from_zval(key, 0, , 0, keyresource TSRMLS_CC); @@ -2808,7 +2820,22 @@ siglen = EVP_PKEY_size(pkey); sigbuf = emalloc(siglen + 1); - EVP_SignInit(md_ctx, EVP_sha1()); + switch (signature_algo) { + case OPENSSL_ALGO_SHA1: + mdtype = EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = EVP_md2(); + break; + } + + EVP_SignInit(md_ctx, mdtype); EVP_SignUpdate(md_ctx, data, data_len); if (EVP_SignFinal (md_ctx, sigbuf, siglen, pkey)) { zval_dtor(signature); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
derick Sun Mar 30 17:29:21 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: - Typo and some whitespace Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.71 php4/ext/openssl/openssl.c:1.72 --- php4/ext/openssl/openssl.c:1.71 Sun Mar 30 17:25:22 2003 +++ php4/ext/openssl/openssl.c Sun Mar 30 17:29:21 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.71 2003/03/30 22:25:22 derick Exp $ */ +/* $Id: openssl.c,v 1.72 2003/03/30 22:29:21 derick Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -65,11 +65,11 @@ }; enum php_openssl_cipher_type { - PHP_OPENSSL_CIPHER_RC2_40, - PHP_OPENSSL_CIPHER_RC2_128, - PHP_OPENSSL_CIPHER_RC2_64, - PHP_OPENSSL_CIPHER_DES, - PHP_OPENSSL_CIPHER_3DES, + PHP_OPENSSL_CIPHER_RC2_40, + PHP_OPENSSL_CIPHER_RC2_128, + PHP_OPENSSL_CIPHER_RC2_64, + PHP_OPENSSL_CIPHER_DES, + PHP_OPENSSL_CIPHER_3DES, PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40 }; @@ -104,22 +104,21 @@ PHP_FE(openssl_csr_export_to_file, NULL) PHP_FE(openssl_csr_sign,NULL) - - PHP_FE(openssl_sign, arg2_force_ref) - PHP_FE(openssl_verify, NULL) - PHP_FE(openssl_seal, arg2and3_force_ref) - PHP_FE(openssl_open, arg2_force_ref) + PHP_FE(openssl_sign,arg2_force_ref) + PHP_FE(openssl_verify, NULL) + PHP_FE(openssl_seal,arg2and3_force_ref) + PHP_FE(openssl_open,arg2_force_ref) /* for S/MIME handling */ - PHP_FE(openssl_pkcs7_verify, NULL) - PHP_FE(openssl_pkcs7_decrypt, NULL) - PHP_FE(openssl_pkcs7_sign,NULL) - PHP_FE(openssl_pkcs7_encrypt, NULL) - - PHP_FE(openssl_private_encrypt,arg2_force_ref) - PHP_FE(openssl_private_decrypt,arg2_force_ref) - PHP_FE(openssl_public_encrypt, arg2_force_ref) - PHP_FE(openssl_public_decrypt, arg2_force_ref) + PHP_FE(openssl_pkcs7_verify,NULL) + PHP_FE(openssl_pkcs7_decrypt, NULL) + PHP_FE(openssl_pkcs7_sign, NULL) + PHP_FE(openssl_pkcs7_encrypt, NULL) + + PHP_FE(openssl_private_encrypt, arg2_force_ref) + PHP_FE(openssl_private_decrypt, arg2_force_ref) + PHP_FE(openssl_public_encrypt, arg2_force_ref) + PHP_FE(openssl_public_decrypt, arg2_force_ref) PHP_FE(openssl_error_string, NULL) {NULL, NULL, NULL} @@ -137,7 +136,7 @@ NULL, NULL, PHP_MINFO(openssl), -NO_VERSION_YET, + NO_VERSION_YET, STANDARD_MODULE_PROPERTIES }; /* }}} */ @@ -156,7 +155,7 @@ EVP_PKEY *pkey = (EVP_PKEY *)rsrc-ptr; assert(pkey != NULL); - + EVP_PKEY_free(pkey); } @@ -213,7 +212,7 @@ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * resourceval TSRMLS_DC); static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * passphrase, int makeresource, long * resourceval TSRMLS_DC); static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC); -static X509_STORE* setup_verify(zval * calist TSRMLS_DC); +static X509_STORE * setup_verify(zval * calist TSRMLS_DC); static STACK_OF(X509) * load_all_certs_from_file(char *certfile); static X509_REQ * php_openssl_csr_from_zval(zval ** val, int makeresource, long * resourceval TSRMLS_DC); static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req TSRMLS_DC); @@ -298,8 +297,9 @@ thestr -= 2; thetime.tm_year = atoi(thestr); - if (thetime.tm_year 68) + if (thetime.tm_year 68) { thetime.tm_year += 100; + } thetime.tm_isdst = -1; ret = mktime(thetime); @@ -351,7 +351,7 @@ str = CONF_get_string(req-req_config, NULL, oid_section); if (str == NULL) { return SUCCESS; - } + } sktmp = CONF_get_section(req-req_config, str); if (sktmp == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, problem loading oid section %s, str); @@ -401,10 +401,10 @@ SET_OPTIONAL_STRING_ARG(config_section_name, req-section_name, req); req-global_config = CONF_load(NULL, default_ssl_conf_filename, NULL); req-req_config = CONF_load(NULL, req-config_filename, NULL); - + if (req-req_config == NULL) { return FAILURE; - } + } /* read in the oids */ str = CONF_get_string(req-req_config, NULL, oid_file); @@ -419,13 +419,13 @@ return FAILURE; }
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
wez Sat Mar 15 08:29:34 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: fix proto Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.69 php4/ext/openssl/openssl.c:1.70 --- php4/ext/openssl/openssl.c:1.69 Thu Mar 6 18:07:26 2003 +++ php4/ext/openssl/openssl.c Sat Mar 15 08:29:34 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.69 2003/03/06 23:07:26 ddhill Exp $ */ +/* $Id: openssl.c,v 1.70 2003/03/15 13:29:34 wez Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1587,7 +1587,7 @@ } /* }}} */ -/* {{{ proto bool openssl_csr_new(array dn, resource privkey [, array extraattribs, array configargs]) +/* {{{ proto bool openssl_csr_new(array dn, resource privkey [, array configargs, array extraattribs]) Generates a privkey and CSR */ PHP_FUNCTION(openssl_csr_new) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Fri Feb 28 12:23:48 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: Fixed compiler warnings. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.67 php4/ext/openssl/openssl.c:1.68 --- php4/ext/openssl/openssl.c:1.67 Thu Feb 27 13:16:34 2003 +++ php4/ext/openssl/openssl.c Fri Feb 28 12:23:45 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.67 2003/02/27 18:16:34 wez Exp $ */ +/* $Id: openssl.c,v 1.68 2003/02/28 17:23:45 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1922,7 +1922,7 @@ long key_resource = -1; EVP_PKEY * key; BIO * bio_out = NULL; - EVP_CIPHER * cipher; + const EVP_CIPHER * cipher; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zs|s!a!, zpkey, filename, filename_len, passphrase, passphrase_len, args) == FAILURE) { return; @@ -1977,7 +1977,7 @@ long key_resource = -1; EVP_PKEY * key; BIO * bio_out = NULL; - EVP_CIPHER * cipher; + const EVP_CIPHER * cipher; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz|s!a!, zpkey, out, passphrase, passphrase_len, args) == FAILURE) { return; @@ -2191,7 +2191,7 @@ HashPosition hpos; zval ** zcertval; X509 * cert; - EVP_CIPHER *cipher = NULL; + const EVP_CIPHER *cipher = NULL; long cipherid = PHP_OPENSSL_CIPHER_DEFAULT; uint strindexlen; ulong intindex; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c /ext/standard basic_functions.c file.c ftp_fopen_wrapper.c http_fopen_wrapper.c php_fopen_wrappers.h
wez Thu Feb 27 13:16:35 2003 EDT Modified files: /php4/ext/openssl openssl.c /php4/ext/standard basic_functions.c file.c ftp_fopen_wrapper.c http_fopen_wrapper.c php_fopen_wrappers.h Log: - Move https:// and ftps:// wrapper registration into the openssl module. - Expose the http:// and ftp:// wrappers as PHPAPI - Remove unused variables Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.66 php4/ext/openssl/openssl.c:1.67 --- php4/ext/openssl/openssl.c:1.66 Thu Feb 27 12:43:36 2003 +++ php4/ext/openssl/openssl.c Thu Feb 27 13:16:34 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.66 2003/02/27 17:43:36 wez Exp $ */ +/* $Id: openssl.c,v 1.67 2003/02/27 18:16:34 wez Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -30,6 +30,7 @@ /* PHP Includes */ #include ext/standard/file.h #include ext/standard/info.h +#include ext/standard/php_fopen_wrappers.h /* OpenSSL includes */ #include openssl/evp.h @@ -614,6 +615,9 @@ /* override the default tcp socket provider */ php_stream_xport_register(tcp, php_openssl_ssl_socket_factory TSRMLS_CC); + + php_register_url_stream_wrapper(https, php_stream_http_wrapper TSRMLS_CC); + php_register_url_stream_wrapper(ftps, php_stream_ftp_wrapper TSRMLS_CC); return SUCCESS; } @@ -635,6 +639,9 @@ PHP_MSHUTDOWN_FUNCTION(openssl) { EVP_cleanup(); + + php_unregister_url_stream_wrapper(https TSRMLS_CC); + php_unregister_url_stream_wrapper(ftps TSRMLS_CC); php_stream_xport_unregister(ssl TSRMLS_CC); php_stream_xport_unregister(tls TSRMLS_CC); Index: php4/ext/standard/basic_functions.c diff -u php4/ext/standard/basic_functions.c:1.590 php4/ext/standard/basic_functions.c:1.591 --- php4/ext/standard/basic_functions.c:1.590 Thu Feb 27 12:43:37 2003 +++ php4/ext/standard/basic_functions.c Thu Feb 27 13:16:34 2003 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: basic_functions.c,v 1.590 2003/02/27 17:43:37 wez Exp $ */ +/* $Id: basic_functions.c,v 1.591 2003/02/27 18:16:34 wez Exp $ */ #include php.h #include php_streams.h @@ -1107,10 +1107,6 @@ #ifndef PHP_CURL_URL_WRAPPERS php_register_url_stream_wrapper(http, php_stream_http_wrapper TSRMLS_CC); php_register_url_stream_wrapper(ftp, php_stream_ftp_wrapper TSRMLS_CC); -# if HAVE_OPENSSL_EXT - php_register_url_stream_wrapper(https, php_stream_http_wrapper TSRMLS_CC); - php_register_url_stream_wrapper(ftps, php_stream_ftp_wrapper TSRMLS_CC); -# endif #endif #if HAVE_RES_SEARCH !(defined(__BEOS__)||defined(PHP_WIN32) || defined(NETWARE)) @@ -1135,10 +1131,6 @@ #ifndef PHP_CURL_URL_WRAPPERS php_unregister_url_stream_wrapper(http TSRMLS_CC); php_unregister_url_stream_wrapper(ftp TSRMLS_CC); -# if HAVE_OPENSSL_EXT - php_unregister_url_stream_wrapper(https TSRMLS_CC); - php_unregister_url_stream_wrapper(ftps TSRMLS_CC); -# endif #endif UNREGISTER_INI_ENTRIES(); Index: php4/ext/standard/file.c diff -u php4/ext/standard/file.c:1.316 php4/ext/standard/file.c:1.317 --- php4/ext/standard/file.c:1.316 Thu Feb 27 12:43:37 2003 +++ php4/ext/standard/file.cThu Feb 27 13:16:34 2003 @@ -21,7 +21,7 @@ +--+ */ -/* $Id: file.c,v 1.316 2003/02/27 17:43:37 wez Exp $ */ +/* $Id: file.c,v 1.317 2003/02/27 18:16:34 wez Exp $ */ /* Synced with php 3.0 revision 1.218 1999-06-16 [ssb] */ @@ -2246,8 +2246,6 @@ PHP_NAMED_FUNCTION(php_if_ftruncate) { zval **fp , **size; - short int ret; - int fd; php_stream *stream; if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, fp, size) == FAILURE) { Index: php4/ext/standard/ftp_fopen_wrapper.c diff -u php4/ext/standard/ftp_fopen_wrapper.c:1.46 php4/ext/standard/ftp_fopen_wrapper.c:1.47 --- php4/ext/standard/ftp_fopen_wrapper.c:1.46 Thu Feb 27 12:43:37 2003 +++ php4/ext/standard/ftp_fopen_wrapper.c Thu Feb 27 13:16:34 2003 @@ -17,7 +17,7 @@ | Hartmut Holzgraefe [EMAIL PROTECTED] | +--+ */ -/* $Id: ftp_fopen_wrapper.c,v 1.46 2003/02/27 17:43:37 wez Exp $ */ +/* $Id: ftp_fopen_wrapper.c,v 1.47 2003/02/27 18:16:34 wez Exp $ */ #include php.h #include php_globals.h @@ -123,7 +123,7 @@ FTP }; -php_stream_wrapper php_stream_ftp_wrapper ={ +PHPAPI php_stream_wrapper php_stream_ftp_wrapper = { ftp_stream_wops, NULL, 1 /* is_url */ Index: php4/ext/standard/http_fopen_wrapper.c diff -u php4/ext/standard/http_fopen_wrapper.c:1.67 php4/ext/standard/http_fopen_wrapper.c:1.68 --- php4/ext/standard/http_fopen_wrapper.c:1.67 Thu Feb 27
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Fri Jan 31 17:15:56 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: Fixed bug #21986 (openssl test failure). Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.63 php4/ext/openssl/openssl.c:1.64 --- php4/ext/openssl/openssl.c:1.63 Sat Jan 18 14:41:38 2003 +++ php4/ext/openssl/openssl.c Fri Jan 31 17:15:55 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.63 2003/01/18 19:41:38 iliaa Exp $ */ +/* $Id: openssl.c,v 1.64 2003/01/31 22:15:55 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1726,27 +1726,22 @@ } } else { /* we want the private key */ + BIO *in; + if (filename) { - BIO *in; if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { return NULL; } in = BIO_new_file(filename, r); - if (in == NULL) { - return NULL; - } - key = PEM_read_bio_PrivateKey(in, NULL,NULL, passphrase); - BIO_free(in); } else { - BIO *b = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val)); - if (b == NULL) { - return NULL; - } - key = (EVP_PKEY *) PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY, b, - NULL, NULL, passphrase); - BIO_free(b); + in = BIO_new_mem_buf(Z_STRVAL_PP(val), +Z_STRLEN_PP(val)); + } + + if (in == NULL) { + return NULL; } + key = PEM_read_bio_PrivateKey(in, NULL,NULL, passphrase); + BIO_free(in); } } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Sat Jan 4 18:31:54 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: CS fixes. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.61 php4/ext/openssl/openssl.c:1.62 --- php4/ext/openssl/openssl.c:1.61 Thu Jan 2 16:18:58 2003 +++ php4/ext/openssl/openssl.c Sat Jan 4 18:31:54 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.61 2003/01/02 21:18:58 iliaa Exp $ */ +/* $Id: openssl.c,v 1.62 2003/01/04 23:31:54 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -218,15 +218,14 @@ array_init(subitem); for (i = 0; i X509_NAME_entry_count(name); i++) { - ne = X509_NAME_get_entry(name, i); + ne = X509_NAME_get_entry(name, i); obj = X509_NAME_ENTRY_get_object(ne); str = X509_NAME_ENTRY_get_data(ne); nid = OBJ_obj2nid(obj); if (shortname) { sn = (char*)OBJ_nid2sn(nid); add_assoc_stringl(subitem, sn, str-data, str-length, 1); - } - else{ + } else { ln = (char*)OBJ_nid2ln(nid); add_assoc_stringl(subitem, ln, str-data, str-length, 1); } @@ -261,7 +260,6 @@ strbuf = estrdup(timestr-data); - memset(thetime, 0, sizeof(thetime)); /* we work backwards so that we can use atoi more easily */ @@ -336,9 +334,9 @@ int i; str = CONF_get_string(req-req_config, NULL, oid_section); - if (str == NULL) + if (str == NULL) { return SUCCESS; - + } sktmp = CONF_get_section(req-req_config, str); if (sktmp == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, problem loading oid section %s, str); @@ -347,8 +345,7 @@ for (i = 0; i sk_CONF_VALUE_num(sktmp); i++) { cnf = sk_CONF_VALUE_value(sktmp, i); if (OBJ_create(cnf-value, cnf-name, cnf-name) == NID_undef) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, problem creating object %s=%s, - cnf-name, cnf-value); + php_error_docref(NULL TSRMLS_CC, E_WARNING, problem creating +object %s=%s, cnf-name, cnf-value); return FAILURE; } } @@ -390,9 +387,9 @@ req-global_config = CONF_load(NULL, default_ssl_conf_filename, NULL); req-req_config = CONF_load(NULL, req-config_filename, NULL); - if (req-req_config == NULL) + if (req-req_config == NULL) { return FAILURE; - + } /* read in the oids */ str = CONF_get_string(req-req_config, NULL, oid_file); @@ -403,9 +400,9 @@ BIO_free(oid_bio); } } - if (add_oid_section(req TSRMLS_CC) == FAILURE) + if (add_oid_section(req TSRMLS_CC) == FAILURE) { return FAILURE; - + } SET_OPTIONAL_STRING_ARG(digest_alg, req-digest_name, CONF_get_string(req-req_config, req-section_name, default_md)); SET_OPTIONAL_STRING_ARG(x509_extensions, req-extensions_section, @@ -419,25 +416,28 @@ if (optional_args zend_hash_find(Z_ARRVAL_P(optional_args), encrypt_key, sizeof(encrypt_key), (void**)item) == SUCCESS) { req-priv_key_encrypt = Z_BVAL_PP(item); - } - else{ + } else { str = CONF_get_string(req-req_config, req-section_name, encrypt_rsa_key); - if (str == NULL) + if (str == NULL) { str = CONF_get_string(req-req_config, req-section_name, encrypt_key); - if (str strcmp(str, no) == 0) + } + if (str strcmp(str, no) == 0) { req-priv_key_encrypt = 0; - else + } else { req-priv_key_encrypt = 1; + } } - /* digest alg */ - if (req-digest_name == NULL) + if (req-digest_name == NULL) { req-digest_name = CONF_get_string(req-req_config, req-section_name, default_md); - if (req-digest_name) + } + if (req-digest_name) { req-digest = req-md_alg = EVP_get_digestbyname(req-digest_name); - if (req-md_alg == NULL) + } + if (req-md_alg == NULL) { req-md_alg = req-digest = EVP_md5(); + } PHP_SSL_CONFIG_SYNTAX_CHECK(extensions_section); @@ -448,9 +448,9 @@ return FAILURE; } - if (req-request_extensions_section == NULL) + if (req-request_extensions_section == NULL) { req-request_extensions_section =
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Thu Jan 2 16:18:58 2003 EDT Modified files: /php4/ext/openssl openssl.c Log: Fixed a small memory leak when a NULL variable is passed to openssl_csr_sign() as the first argument. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.60 php4/ext/openssl/openssl.c:1.61 --- php4/ext/openssl/openssl.c:1.60 Tue Dec 31 11:07:09 2002 +++ php4/ext/openssl/openssl.c Thu Jan 2 16:18:58 2003 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.60 2002/12/31 16:07:09 sebastian Exp $ */ +/* $Id: openssl.c,v 1.61 2003/01/02 21:18:58 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1310,8 +1310,9 @@ return (X509_REQ*)what; } return NULL; + } else if (Z_TYPE_PP(val) != IS_STRING) { + return NULL; } - convert_to_string_ex(val); if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, 7) == 0) filename = Z_STRVAL_PP(val) + 7; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
helly Thu Dec 12 07:18:43 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: typeconversion is needed here for cygwin Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.55 php4/ext/openssl/openssl.c:1.56 --- php4/ext/openssl/openssl.c:1.55 Wed Dec 11 02:29:50 2002 +++ php4/ext/openssl/openssl.c Thu Dec 12 07:18:43 2002 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.55 2002/12/11 07:29:50 iliaa Exp $ */ +/* $Id: openssl.c,v 1.56 2002/12/12 12:18:43 helly Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -298,7 +298,7 @@ ** the value of timezone - 3600 seconds. Otherwise, we need to overcorrect and ** set the adjustment to the main timezone + 3600 seconds. */ - gmadjust = -(thetime.tm_isdst ? timezone - 3600 : timezone + 3600); + gmadjust = -(thetime.tm_isdst ? (long)timezone - 3600 : (long)timezone + 3600); #endif ret += gmadjust; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
helly Thu Dec 12 09:12:42 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: php_error - php_error_docref conversion fix (noticed by derick) Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.57 php4/ext/openssl/openssl.c:1.58 --- php4/ext/openssl/openssl.c:1.57 Thu Dec 12 08:42:22 2002 +++ php4/ext/openssl/openssl.c Thu Dec 12 09:12:41 2002 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.57 2002/12/12 13:42:22 wez Exp $ */ +/* $Id: openssl.c,v 1.58 2002/12/12 14:12:41 helly Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -255,7 +255,7 @@ long gmadjust = 0; if (timestr-length 13) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, %extension author too lazy to parse %s correctly, timestr-data); + php_error_docref(NULL TSRMLS_CC, E_WARNING, extension author too lazy +to parse %s correctly, timestr-data); return (time_t)-1; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
wez Tue Dec 10 17:18:57 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: use php_error_docref and tidy up some WS/coding standards. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.52 php4/ext/openssl/openssl.c:1.53 --- php4/ext/openssl/openssl.c:1.52 Sun Nov 10 00:19:39 2002 +++ php4/ext/openssl/openssl.c Tue Dec 10 17:18:57 2002 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.52 2002/11/10 05:19:39 iliaa Exp $ */ +/* $Id: openssl.c,v 1.53 2002/12/10 22:18:57 wez Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -216,12 +216,12 @@ MAKE_STD_ZVAL(subitem); array_init(subitem); - for (i = 0; i X509_NAME_entry_count(name); i++) { + for (i = 0; i X509_NAME_entry_count(name); i++) { ne = X509_NAME_get_entry(name, i); obj = X509_NAME_ENTRY_get_object(ne); str = X509_NAME_ENTRY_get_data(ne); nid = OBJ_obj2nid(obj); - if (shortname) { + if (shortname) { sn = (char*)OBJ_nid2sn(nid); add_assoc_stringl(subitem, sn, str-data, str-length, 1); } @@ -253,8 +253,8 @@ char * thestr; long gmadjust = 0; - if (timestr-length 13) { - zend_error(E_WARNING, %s(): extension author too lazy to parse %s correctly, get_active_function_name(TSRMLS_C), timestr-data); + if (timestr-length 13) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, %extension author too +lazy to parse %s correctly, timestr-data); return (time_t)-1; } @@ -317,9 +317,8 @@ X509V3_set_ctx_test(ctx); X509V3_set_conf_lhash(ctx, config); - if (!X509V3_EXT_add_conf(config, ctx, (char *)section, NULL)) { - zend_error(E_WARNING, %s(): Error loading %s section %s of %s, - get_active_function_name(TSRMLS_C), + if (!X509V3_EXT_add_conf(config, ctx, (char *)section, NULL)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Error loading %s section +%s of %s, section_label, section, config_filename); @@ -340,16 +339,14 @@ return SUCCESS; sktmp = CONF_get_section(req-req_config, str); - if (sktmp == NULL) { - zend_error(E_WARNING, %s(): problem loading oid section %s, - get_active_function_name(TSRMLS_C), str); + if (sktmp == NULL) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, problem loading oid +section %s, str); return FAILURE; } - for (i = 0; i sk_CONF_VALUE_num(sktmp); i++) { + for (i = 0; i sk_CONF_VALUE_num(sktmp); i++) { cnf = sk_CONF_VALUE_value(sktmp, i); - if (OBJ_create(cnf-value, cnf-name, cnf-name) == NID_undef) { - zend_error(E_WARNING, %s(): problem creating object %s=%s, - get_active_function_name(TSRMLS_C), + if (OBJ_create(cnf-value, cnf-name, cnf-name) == NID_undef) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, problem creating +object %s=%s, cnf-name, cnf-value); return FAILURE; } @@ -400,7 +397,7 @@ str = CONF_get_string(req-req_config, NULL, oid_file); if (str !php_openssl_safe_mode_chk(str TSRMLS_CC)) { BIO *oid_bio = BIO_new_file(str, r); - if (oid_bio){ + if (oid_bio) { OBJ_create_objects(oid_bio); BIO_free(oid_bio); } @@ -419,7 +416,7 @@ SET_OPTIONAL_LONG_ARG(private_key_type, req-priv_key_type, OPENSSL_KEYTYPE_DEFAULT); - if (optional_args zend_hash_find(Z_ARRVAL_P(optional_args), encrypt_key, sizeof(encrypt_key), (void**)item) == SUCCESS) { + if (optional_args zend_hash_find(Z_ARRVAL_P(optional_args), encrypt_key, +sizeof(encrypt_key), (void**)item) == SUCCESS) { req-priv_key_encrypt = Z_BVAL_PP(item); } else{ @@ -445,9 +442,8 @@ /* set the string mask */ str = CONF_get_string(req-req_config, req-section_name, string_mask); - if (str !ASN1_STRING_set_default_mask_asc(str)) { - zend_error(E_WARNING, %s(): Invalid global string mask setting %s, - get_active_function_name(TSRMLS_C), str); + if (str !ASN1_STRING_set_default_mask_asc(str)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid global string +mask setting %s, str); return FAILURE; } @@
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Tue Dec 10 21:30:00 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: Fix ZTS build Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.53 php4/ext/openssl/openssl.c:1.54 --- php4/ext/openssl/openssl.c:1.53 Tue Dec 10 17:18:57 2002 +++ php4/ext/openssl/openssl.c Tue Dec 10 21:29:59 2002 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.53 2002/12/10 22:18:57 wez Exp $ */ +/* $Id: openssl.c,v 1.54 2002/12/11 02:29:59 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -478,6 +478,8 @@ *egdsocket = 0; *seeded = 0; + TSRMLS_FETCH(); + #ifdef WINDOWS RAND_screen(); #endif @@ -503,6 +505,9 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int seeded) { char buffer[MAXPATHLEN]; + + TSRMLS_FETCH(); + if (egdsocket || !seeded) { /* if we did not manage to read the seed file, we should not write * a low-entropy seed file back */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Wed Dec 11 02:29:51 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: ZTS fix. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.54 php4/ext/openssl/openssl.c:1.55 --- php4/ext/openssl/openssl.c:1.54 Tue Dec 10 21:29:59 2002 +++ php4/ext/openssl/openssl.c Wed Dec 11 02:29:50 2002 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.54 2002/12/11 02:29:59 iliaa Exp $ */ +/* $Id: openssl.c,v 1.55 2002/12/11 07:29:50 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -475,10 +475,10 @@ { char buffer[MAXPATHLEN]; + TSRMLS_FETCH(); + *egdsocket = 0; *seeded = 0; - - TSRMLS_FETCH(); #ifdef WINDOWS RAND_screen(); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php4 /ext/openssl openssl.c
iliaa Sun Nov 10 00:19:39 2002 EDT Modified files: /php4/ext/openssl openssl.c Log: Fixed bug #19935. Made OpenSSL file system operations abide by safe_mode open_basedir restrictions. Index: php4/ext/openssl/openssl.c diff -u php4/ext/openssl/openssl.c:1.51 php4/ext/openssl/openssl.c:1.52 --- php4/ext/openssl/openssl.c:1.51 Sat Aug 10 16:19:46 2002 +++ php4/ext/openssl/openssl.c Sun Nov 10 00:19:39 2002 -18,7 +18,7 +--+ */ -/* $Id: openssl.c,v 1.51 2002/08/10 20:19:46 wez Exp $ */ +/* $Id: openssl.c,v 1.52 2002/11/10 05:19:39 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h -158,6 +158,20 } /* }}} */ +/* {{{ openssl safe_mode open_basedir checks */ +inline static int php_openssl_safe_mode_chk(char *filename TSRMLS_DC) +{ + if (PG(safe_mode) (!php_checkuid(filename, NULL, +CHECKUID_CHECK_FILE_AND_DIR))) { + return -1; + } + if (php_check_open_basedir(filename TSRMLS_CC)) { + return -1; + } + + return 0; +} +/* }}} */ + /* {{{ openssl - PHP bridging */ /* true global; readonly after module startup */ static char default_ssl_conf_filename[MAXPATHLEN]; -384,8 +398,8 /* read in the oids */ str = CONF_get_string(req-req_config, NULL, oid_file); - if (str){ - BIO * oid_bio = BIO_new_file(str, r); + if (str !php_openssl_safe_mode_chk(str TSRMLS_CC)) { + BIO *oid_bio = BIO_new_file(str, r); if (oid_bio){ OBJ_create_objects(oid_bio); BIO_free(oid_bio); -654,6 +668,10 /* read cert from the named file */ BIO *in; + if (php_openssl_safe_mode_chk(Z_STRVAL_PP(val) + 7 TSRMLS_CC)) { + return NULL; + } + in = BIO_new_file(Z_STRVAL_PP(val) + 7, r); if (in == NULL) return NULL; -705,6 +723,10 return; } + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + return; + } + bio_out = BIO_new_file(filename, w); if (bio_out){ if (!notext) -900,6 +922,10 goto end; } + if (php_openssl_safe_mode_chk(certfile TSRMLS_CC)) { + goto end; + } + if(!(in=BIO_new_file(certfile, r))) { zend_error(E_WARNING, %s(): error opening the file, %s, get_active_function_name(TSRMLS_C), certfile); goto end; -1286,8 +1312,12 if (Z_STRLEN_PP(val) 7 memcmp(Z_STRVAL_PP(val), file://, 7) == 0) filename = Z_STRVAL_PP(val) + 7; - if (filename) + if (filename) { + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + return NULL; + } in = BIO_new_file(filename, r); + } else in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val)); -1320,6 +1350,10 return; } + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + return; + } + bio_out = BIO_new_file(filename, w); if (bio_out){ if (!notext) -1669,7 +1703,11 else{ /* we want the private key */ if (filename) { - BIO *in = BIO_new_file(filename, r); + BIO *in; + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + return NULL; + } + in = BIO_new_file(filename, r); if (in == NULL) return NULL; key = PEM_read_bio_PrivateKey(in, NULL,NULL, passphrase); -1793,6 +1831,10 RETURN_FALSE; } + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + RETURN_FALSE; + } + PHP_SSL_REQ_INIT(req); if (PHP_SSL_REQ_PARSE(req, args) == SUCCESS) -1972,6 +2014,10 if (!store) goto clean_exit; + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { + goto clean_exit; + } + in = BIO_new_file(filename, (flags PKCS7_BINARY) ? rb : r); if (in == NULL) goto clean_exit; -1990,8 +2036,14 RETVAL_TRUE; - if (signersfilename){ - BIO * certout = BIO_new_file(signersfilename, w); + if (signersfilename) { + BIO *certout; + + if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) { +