clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

ported ext/openssl

Browse Source
This commit is contained in:
Anatol Belski 2014-08-19 19:27:37 +02:00
parent 1a5a113f95
commit 1899e6f9b9
2 changed files with 53 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
ext/openssl/openssl.c
View File

@ -849,7 +849,7 @@ static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */
else \
varname = defval
static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(long algo);
static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(php_int_t algo);
int openssl_spki_cleanup(const char *src, char *dest);
@ -906,7 +906,7 @@ static int php_openssl_parse_config(struct php_x509_request * req, zval * option
if (req->priv_key_encrypt && optional_args && (item = zend_hash_str_find(Z_ARRVAL_P(optional_args), "encrypt_key_cipher", sizeof("encrypt_key_cipher")-1)) != NULL
&& Z_TYPE_P(item) == IS_INT) {
long cipher_algo = Z_IVAL_P(item);
php_int_t cipher_algo = Z_IVAL_P(item);
const EVP_CIPHER* cipher = php_openssl_get_evp_cipher_from_algo(cipher_algo);
if (cipher == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown cipher algorithm for private key.");
@ -1012,7 +1012,7 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int see
}
/* }}} */
static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
static EVP_MD * php_openssl_get_evp_md_from_algo(php_int_t algo) { /* {{{ */
EVP_MD *mdtype;
switch (algo) {
@ -1058,7 +1058,7 @@ static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
}
/* }}} */
static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(long algo) { /* {{{ */
static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(php_int_t algo) { /* {{{ */
switch (algo) {
#ifndef OPENSSL_NO_RC2
case PHP_OPENSSL_CIPHER_RC2_40:
@ -1453,7 +1453,7 @@ PHP_FUNCTION(openssl_spki_new)
zend_string * s = NULL;
zend_resource *keyresource = NULL;
const char *spkac = "SPKAC=";
long algo = OPENSSL_ALGO_MD5;
php_int_t algo = OPENSSL_ALGO_MD5;
zval *method = NULL;
zval * zpkey = NULL;
@ -2137,11 +2137,11 @@ PHP_FUNCTION(openssl_x509_checkpurpose)
X509 * cert = NULL;
zend_resource *certresource = NULL;
STACK_OF(X509) * untrustedchain = NULL;
long purpose;
php_int_t purpose;
char * untrusted = NULL;
int untrusted_len = 0, ret;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zl|a!s", &zcert, &purpose, &zcainfo, &untrusted, &untrusted_len) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zi|a!s", &zcert, &purpose, &zcainfo, &untrusted, &untrusted_len) == FAILURE) {
return;
}
@ -2193,7 +2193,7 @@ static X509_STORE * setup_verify(zval * calist TSRMLS_DC)
X509_LOOKUP * dir_lookup, * file_lookup;
int ndirs = 0, nfiles = 0;
zval * item;
struct stat sb;
php_stat_t sb;
store = X509_STORE_new();
@ -2881,8 +2881,8 @@ PHP_FUNCTION(openssl_csr_export)
PHP_FUNCTION(openssl_csr_sign)
{
zval * zcert = NULL, *zcsr, *zpkey, *args = NULL;
long num_days;
long serial = 0L;
php_int_t num_days;
php_int_t serial = Z_I(0);
X509 * cert = NULL, *new_cert = NULL;
X509_REQ * csr;
EVP_PKEY * key = NULL, *priv_key = NULL;
@ -2890,7 +2890,7 @@ PHP_FUNCTION(openssl_csr_sign)
int i;
struct php_x509_request req;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zz!zl|a!l", &zcsr, &zcert, &zpkey, &num_days, &args, &serial) == FAILURE)
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zz!zi|a!i", &zcsr, &zcert, &zpkey, &num_days, &args, &serial) == FAILURE)
return;
RETVAL_FALSE;
@ -2949,6 +2949,7 @@ PHP_FUNCTION(openssl_csr_sign)
if (!X509_set_version(new_cert, 2))
goto cleanup;
ASN1_INTEGER_set(X509_get_serialNumber(new_cert), serial);
X509_set_subject_name(new_cert, X509_REQ_get_subject_name(csr));
@ -3770,7 +3771,7 @@ PHP_FUNCTION(openssl_pkey_get_details)
BIO *out;
unsigned int pbio_len;
char *pbio;
long ktype;
php_int_t ktype;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &key) == FAILURE) {
return;
@ -3867,7 +3868,7 @@ PHP_FUNCTION(openssl_pkey_get_details)
Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */
PHP_FUNCTION(openssl_pbkdf2)
{
long key_length = 0, iterations = 0;
php_int_t key_length = 0, iterations = 0;
char *password; int password_len;
char *salt; int salt_len;
char *method; int method_len = 0;
@ -3875,7 +3876,7 @@ PHP_FUNCTION(openssl_pbkdf2)
const EVP_MD *digest;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssll|s",
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssii|s",
&password, &password_len,
&salt, &salt_len,
&key_length, &iterations,
@ -3924,7 +3925,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
STACK_OF(X509) *others = NULL;
PKCS7 * p7 = NULL;
BIO * in = NULL, * datain = NULL, * dataout = NULL;
long flags = 0;
php_int_t flags = 0;
char * filename; int filename_len;
char * extracerts = NULL; int extracerts_len = 0;
char * signersfilename = NULL; int signersfilename_len = 0;
@ -3932,7 +3933,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
RETVAL_INT(-1);
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "pl|papp", &filename, &filename_len,
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "pi|papp", &filename, &filename_len,
&flags, &signersfilename, &signersfilename_len, &cainfo,
&extracerts, &extracerts_len, &datafilename, &datafilename_len) == FAILURE) {
return;
@ -4030,19 +4031,19 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
zval * zrecipcerts, * zheaders = NULL;
STACK_OF(X509) * recipcerts = NULL;
BIO * infile = NULL, * outfile = NULL;
long flags = 0;
php_int_t flags = 0;
PKCS7 * p7 = NULL;
zval * zcertval;
X509 * cert;
const EVP_CIPHER *cipher = NULL;
long cipherid = PHP_OPENSSL_CIPHER_DEFAULT;
php_int_t cipherid = PHP_OPENSSL_CIPHER_DEFAULT;
zend_string * strindex;
char * infilename = NULL; int infilename_len;
char * outfilename = NULL; int outfilename_len;
RETVAL_FALSE;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ppza!|ll", &infilename, &infilename_len,
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ppza!|ii", &infilename, &infilename_len,
&outfilename, &outfilename_len, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE)
return;
@ -4156,7 +4157,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
zval * hval;
X509 * cert = NULL;
EVP_PKEY * privkey = NULL;
long flags = PKCS7_DETACHED;
php_int_t flags = PKCS7_DETACHED;
PKCS7 * p7 = NULL;
BIO * infile = NULL, * outfile = NULL;
STACK_OF(X509) *others = NULL;
@ -4166,7 +4167,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
char * outfilename; int outfilename_len;
char * extracertsfilename = NULL; int extracertsfilename_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ppzza!|lp",
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ppzza!|ip",
&infilename, &infilename_len, &outfilename, &outfilename_len,
&zcert, &zprivkey, &zheaders, &flags, &extracertsfilename,
&extracertsfilename_len) == FAILURE) {
@ -4333,9 +4334,9 @@ PHP_FUNCTION(openssl_private_encrypt)
zend_resource *keyresource = NULL;
char * data;
int data_len;
long padding = RSA_PKCS1_PADDING;
php_int_t padding = RSA_PKCS1_PADDING;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|i", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
return;
}
RETVAL_FALSE;
@ -4389,12 +4390,12 @@ PHP_FUNCTION(openssl_private_decrypt)
zend_string *cryptedbuf = NULL;
unsigned char *crypttemp;
int successful = 0;
long padding = RSA_PKCS1_PADDING;
php_int_t padding = RSA_PKCS1_PADDING;
zend_resource *keyresource = NULL;
char * data;
int data_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|i", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
return;
}
RETVAL_FALSE;
@ -4455,11 +4456,11 @@ PHP_FUNCTION(openssl_public_encrypt)
zend_string *cryptedbuf;
int successful = 0;
zend_resource *keyresource = NULL;
long padding = RSA_PKCS1_PADDING;
php_int_t padding = RSA_PKCS1_PADDING;
char * data;
int data_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|l", &data, &data_len, &crypted, &key, &padding) == FAILURE)
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|i", &data, &data_len, &crypted, &key, &padding) == FAILURE)
return;
RETVAL_FALSE;
@ -4513,11 +4514,11 @@ PHP_FUNCTION(openssl_public_decrypt)
unsigned char *crypttemp;
int successful = 0;
zend_resource *keyresource = NULL;
long padding = RSA_PKCS1_PADDING;
php_int_t padding = RSA_PKCS1_PADDING;
char * data;
int data_len;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|i", &data, &data_len, &crypted, &key, &padding) == FAILURE) {
return;
}
RETVAL_FALSE;
@ -4603,7 +4604,7 @@ PHP_FUNCTION(openssl_sign)
int data_len;
EVP_MD_CTX md_ctx;
zval *method = NULL;
long signature_algo = OPENSSL_ALGO_SHA1;
php_int_t signature_algo = OPENSSL_ALGO_SHA1;
const EVP_MD *mdtype;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz/z|z", &data, &data_len, &signature, &key, &method) == FAILURE) {
@ -4666,7 +4667,7 @@ PHP_FUNCTION(openssl_verify)
char * data; int data_len;
char * signature; int signature_len;
zval *method = NULL;
long signature_algo = OPENSSL_ALGO_SHA1;
php_int_t signature_algo = OPENSSL_ALGO_SHA1;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|z", &data, &data_len, &signature, &signature_len, &key, &method) == FAILURE) {
return;
@ -5024,7 +5025,7 @@ static zend_bool php_openssl_validate_iv(char **piv, int *piv_len, int iv_requir
Encrypts given data with given method and key, returns raw or base64 encoded string */
PHP_FUNCTION(openssl_encrypt)
{
long options = 0;
php_int_t options = 0;
char *data, *method, *password, *iv = "";
int data_len, method_len, password_len, iv_len = 0, max_iv_len;
const EVP_CIPHER *cipher_type;
@ -5034,7 +5035,7 @@ PHP_FUNCTION(openssl_encrypt)
unsigned char *key;
zend_bool free_iv;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ls", &data, &data_len, &method, &method_len, &password, &password_len, &options, &iv, &iv_len) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|is", &data, &data_len, &method, &method_len, &password, &password_len, &options, &iv, &iv_len) == FAILURE) {
return;
}
cipher_type = EVP_get_cipherbyname(method);
@ -5104,7 +5105,7 @@ PHP_FUNCTION(openssl_encrypt)
Takes raw or base64 encoded string and dectupt it using given method and key */
PHP_FUNCTION(openssl_decrypt)
{
long options = 0;
php_int_t options = 0;
char *data, *method, *password, *iv = "";
int data_len, method_len, password_len, iv_len = 0;
const EVP_CIPHER *cipher_type;
@ -5115,7 +5116,7 @@ PHP_FUNCTION(openssl_decrypt)
zend_string *base64_str = NULL;
zend_bool free_iv;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ls", &data, &data_len, &method, &method_len, &password, &password_len, &options, &iv, &iv_len) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|is", &data, &data_len, &method, &method_len, &password, &password_len, &options, &iv, &iv_len) == FAILURE) {
return;
}
@ -5255,12 +5256,12 @@ PHP_FUNCTION(openssl_dh_compute_key)
Returns a string of the length specified filled with random pseudo bytes */
PHP_FUNCTION(openssl_random_pseudo_bytes)
{
long buffer_length;
php_int_t buffer_length;
zend_string *buffer = NULL;
zval *zstrong_result_returned = NULL;
int strong_result = 0;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|z/", &buffer_length, &zstrong_result_returned) == FAILURE) {
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "i|z/", &buffer_length, &zstrong_result_returned) == FAILURE) {
return;
}

30
ext/openssl/xp_ssl.c
View File

@ -89,9 +89,9 @@ typedef struct _php_openssl_sni_cert_t {
/* Provides leaky bucket handhsake renegotiation rate-limiting */
typedef struct _php_openssl_handshake_bucket_t {
long prev_handshake;
long limit;
long window;
php_int_t prev_handshake;
php_int_t limit;
php_int_t window;
float tokens;
unsigned should_close;
} php_openssl_handshake_bucket_t;
@ -146,7 +146,7 @@ static int handle_ssl_error(php_stream *stream, int nr_bytes, zend_bool is_init
int err = SSL_get_error(sslsock->ssl_handle, nr_bytes);
char esbuf[512];
smart_str ebuf = {0};
unsigned long ecode;
php_uint_t ecode;
int retry = 1;
switch(err) {
@ -230,7 +230,7 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) /* {{{ */
SSL *ssl;
int err, depth, ret;
zval *val;
unsigned long allowed_depth = OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH;
php_uint_t allowed_depth = OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH;
TSRMLS_FETCH();
@ -254,7 +254,7 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) /* {{{ */
/* check the depth */
GET_VER_OPT_LONG("verify_depth", allowed_depth);
if ((unsigned long)depth > allowed_depth) {
if ((php_uint_t)depth > allowed_depth) {
ret = 0;
X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_CHAIN_TOO_LONG);
}
@ -880,7 +880,7 @@ static int set_local_cert(SSL_CTX *ctx, php_stream *stream TSRMLS_DC) /* {{{ */
}
/* }}} */
static const SSL_METHOD *php_select_crypto_method(long method_value, int is_client TSRMLS_DC) /* {{{ */
static const SSL_METHOD *php_select_crypto_method(php_int_t method_value, int is_client TSRMLS_DC) /* {{{ */
{
if (method_value == STREAM_CRYPTO_METHOD_SSLv2) {
#ifndef OPENSSL_NO_SSL2
@ -918,9 +918,9 @@ static const SSL_METHOD *php_select_crypto_method(long method_value, int is_clie
}
/* }}} */
static long php_get_crypto_method_ctx_flags(long method_flags TSRMLS_DC) /* {{{ */
static php_int_t php_get_crypto_method_ctx_flags(php_int_t method_flags TSRMLS_DC) /* {{{ */
{
long ssl_ctx_options = SSL_OP_ALL;
php_int_t ssl_ctx_options = SSL_OP_ALL;
#ifndef OPENSSL_NO_SSL2
if (!(method_flags & STREAM_CRYPTO_METHOD_SSLv2)) {
@ -956,7 +956,7 @@ static void limit_handshake_reneg(const SSL *ssl) /* {{{ */
php_stream *stream;
php_openssl_netstream_data_t *sslsock;
struct timeval now;
long elapsed_time;
php_int_t elapsed_time;
stream = php_openssl_get_stream_from_ssl_handle(ssl);
sslsock = (php_openssl_netstream_data_t*)stream->abstract;
@ -1025,8 +1025,8 @@ static void info_callback(const SSL *ssl, int where, int ret) /* {{{ */
static void init_server_reneg_limit(php_stream *stream, php_openssl_netstream_data_t *sslsock) /* {{{ */
{
zval *val;
long limit = OPENSSL_DEFAULT_RENEG_LIMIT;
long window = OPENSSL_DEFAULT_RENEG_WINDOW;
php_int_t limit = OPENSSL_DEFAULT_RENEG_LIMIT;
php_int_t window = OPENSSL_DEFAULT_RENEG_WINDOW;
if (PHP_STREAM_CONTEXT(stream) &&
NULL != (val = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream),
@ -1255,7 +1255,7 @@ static int enable_server_sni(php_stream *stream, php_openssl_netstream_data_t *s
zval *val;
zval *current;
zend_string *key;
ulong key_index;
php_uint_t key_index;
int i = 0;
char resolved_path_buff[MAXPATHLEN];
SSL_CTX *ctx;
@ -2167,13 +2167,13 @@ php_stream_ops php_openssl_socket_ops = {
php_openssl_sockop_set_option,
};
static long get_crypto_method(php_stream_context *ctx, long crypto_method)
static php_int_t get_crypto_method(php_stream_context *ctx, php_int_t crypto_method)
{
zval *val;
if (ctx && (val = php_stream_context_get_option(ctx, "ssl", "crypto_method")) != NULL) {
convert_to_int_ex(val);
crypto_method = (long)Z_IVAL_P(val);
crypto_method = (php_int_t)Z_IVAL_P(val);
crypto_method |= STREAM_CRYPTO_IS_CLIENT;
}