clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 18:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
83,141 Commits 491 Branches 1,363 Tags 839 MiB
1b2afd478b
Commit Graph

719 Commits

Author SHA1 Message Date
Tjerk Meesters
a7dad26c4b Wildcards should only be used in the first name component; fixed comment style 2014-07-29 19:15:01 +08:00
Stanislav Malyshev
c41ca94824 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix missing type checks in various functions

Conflicts:
	ext/openssl/openssl.c
 2014-07-28 00:37:32 -07:00
Stanislav Malyshev
531be9662f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix missing type checks in various functions
 2014-07-28 00:34:27 -07:00
Stanislav Malyshev
b4a4db467b Fix missing type checks in various functions 2014-07-27 02:42:49 -07:00
Tjerk Meesters
38e714ece5 Fixed #67666 - Subject altName doesn't match wildcards 2014-07-24 14:36:31 +08:00
Lior Kaplan
cbcbf73fe8 Add ifdef on ecdh for single_ecdh_use 
Allows build with OpenSSL < 0.9.8
 2014-07-16 00:10:29 +03:00
Remi Collet
e9c9169e05 skip this test which fails without network 2014-06-20 06:45:16 +02:00
Remi Collet
fc36277eb6 Fix test on modern distro where old unsecure algo are disabled in openssl config. 
Testing recent algo should be enough to check this function.
 2014-06-16 09:42:55 +02:00
Stanislav Malyshev
3d9f922c03 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:50 -07:00
Stanislav Malyshev
4946dc1ab9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:16 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Chuan Ma
f413a77b3d Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:36:17 -07:00
Stanislav Malyshev
8bc82718ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66942: openssl_seal() memory leak
  ws fix

Conflicts:
	ext/openssl/openssl.c
 2014-04-14 13:35:24 -07:00
Chuan Ma
a186312832 Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:24:14 -07:00
Daniel Lowrey
0e023e9784 Bug #66840: Fix broken build when extension built separately 2014-04-13 15:17:50 -06:00
Remi Collet
89dc5924c9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fixed Bug #66833 Default digest algo is still MD5
  Fix 5.5.10 NEWS
 2014-03-14 09:52:47 +01:00
Remi Collet
e1d8c0a051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #66833 Default digest algo is still MD5
 2014-03-14 09:52:02 +01:00
Remi Collet
17f6391bf8 Fixed Bug #66833 Default digest algo is still MD5 
Switch to SHA1, which match internal openssl hardcoded algo.

In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value

Recent system reject MD5 digest, noticed in bug36732.phpt failure.

While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
 2014-03-14 09:50:15 +01:00
Lior Kaplan
f120463efe Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Typo fix: sicret -> secret
 2014-03-13 12:41:48 +02:00
Lior Kaplan
356c442558 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Typo fix: sicret -> secret
 2014-03-13 12:40:14 +02:00
Michael Meyer
737c187013 Typo fix: sicret -> secret 2014-03-13 12:37:25 +02:00
Remi Collet
518a6ed95b Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
 2014-03-06 10:16:30 +01:00
Remi Collet
7d5c11c235 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
 2014-03-06 10:16:16 +01:00
Remi Collet
721b9a7c8d Set default Digest Message to use SHA1 instead of MD5 in openssl tests 
as MD5 signature are now rejected by newer openssl Version.

Noticed in RHEL-7 and Fedora 21 build.
 2014-03-06 10:14:08 +01:00
Daniel Lowrey
fad14e3180 Add encrypted server SNI support 
- New "SNI_server_certs" context option maps host names to
  appropriate certs should client handshakes advertise the
  SNI extension:

    $ctx = stream_context_create(["ssl" => [
        "local_cert" => "/path/to/cert.pem",
        "SNI_server_certs" => [
            "domain1.com" => "/path/to/domain1.pem",
            "*.domain2.com" => "/path/to/domain2.pem",
            "domain3.com" => "/path/to/domain3.pem"
        ]
    ]]);

- Prefixing a "*." will utilize the matching cert if a client
  requests the primary host name or any subdomain thereof. So
  in the above example our "domain2.pem" will be used for both
  requests to "domain2.com" -and- "subdomain.domain2.com"
- The "SNI_server_certs" ctx option has no effect for client
  streams.
- SNI support is enabled by default as of 5.6 for both servers
  and clients. Servers must specify the "SNI_server_certs" array
  to actually use the SNI extension, though.
- If the `"SNI_enabled" => false` ctx option is also passed then
  "SNI_server_certs" has no effect.
- While supporting SNI by itself is enough to successfully
  negotiate the TLS handshake with many clients, servers MUST
  still specify a "local_cert" ctx option or run the risk of
  connection failures from clients that do not support the SNI
  extension.
 2014-03-05 10:03:33 -07:00
datibbaw
020e161966 Raise timeout to 2s, reworded ssl timeout warning 2014-03-05 10:03:23 -07:00
Daniel Lowrey
27849c998a Refactor + reorganize openssl files 
- All streams-related code now lives in xp_ssl.c. Previously
  stream code was split across both openssl.c and xp_ssl.c
- Folded superfluous php_openssl_structs.h into xp_ssl.c
- Server-specific options now set on SSL_CTX instead of SSL
- Deprecate SNI_server_name ctx option
- Miscellaneous refactoring
 2014-03-05 10:03:11 -07:00
Daniel Lowrey
c126c16479 Capture peer cert even if verify fails 
Previously the "capture_peer_cert" SSL context option only
captured the peer's certificate if the verification routine
succeeded.

By also capturing the on verify failure applications have the
ability to parse the cert and ask users whether they wish to
proceed given the information presented by the peer.
 2014-03-02 10:35:52 -07:00
Chris Wright
e8995c8cb0 Windows cert verify improvements + leak fixes 
- Clean up properly at all fail points in native Windows peer
  verification routine
- Bring certificate usages and chain flags into line with chromium
  implementation in windows environments
 2014-03-02 10:30:21 -07:00
Anatol Belski
2c1385b7f5 remove pcntl leftover from the test code 2014-02-27 15:50:17 +01:00
Daniel Lowrey
d0a6f8c68e Deprecate CN_match in favor of peer_name in SSL contexts 2014-02-26 13:20:06 -07:00
Anatol Belski
9ab73c52ab restored that test part in ext/openssl to enable notify/wait 2014-02-26 13:37:20 +01:00
Anatol Belski
bcff8d1b26 remove echo 2014-02-26 12:41:36 +01:00
Anatol Belski
56cbe04381 fix stdin reading in new openssl tests 2014-02-26 11:27:24 +01:00
Anatol Belski
82a98f6e52 kick redundant include 
this is already present from php.h
 2014-02-26 11:23:43 +01:00
Daniel Lowrey
2bc0dbab44 Prevent implicit function declaration when TLSEXT unavailable 2014-02-25 19:12:33 -07:00
Daniel Lowrey
bab017ddfd Remove test case invalidated by openssl.cafile accessibility change 2014-02-25 13:02:13 -07:00
Daniel Lowrey
bd95716b8e Merge branch 'windowsPeerVerification' of https://github.com/DaveRandom/php-src into PHP-5.6 
* 'windowsPeerVerification' of https://github.com/DaveRandom/php-src:
  Update openssl tests with new server/client test harness
  Add peer certificate verification on windows
 2014-02-25 12:43:52 -07:00
Daniel Lowrey
f8fe09dcef Tolerate non-standard newlines when parsing stream CA files 2014-02-25 09:59:13 -07:00
Daniel Lowrey
a4c7ab8399 Remove openssl tests that shouldn't have survived last merge 
These are .phpt files I meant to remove with the last batch as
the same functionality is now covered in other tests and these
are no longer needed.
 2014-02-25 09:59:13 -07:00
Daniel Lowrey
47b5873c5d Change openssl directives to PHP_INI_PERDIR 
Because openssl.cafile and openssl.capath have implications for
security these directives have been changed to PHP_INI_PERDIR
(previously PHP_INI_ALL)
 2014-02-25 09:59:13 -07:00
Chris Wright
d6fb7b8f2e Update openssl tests with new server/client test harness 2014-02-25 16:51:50 +00:00
Chris Wright
480e4f8541 Add peer certificate verification on windows 
Peer certificate verification on Windows using the native certificate store and the Windows API
 2014-02-25 16:51:49 +00:00
Anatol Belski
5b6ef90bc0 fix linkage 
"extern inline" looks like tricky case for portability, but extern
is required with VS. So reduce the case to a starndard one to avoid
unporbatibily.
 2014-02-21 23:09:16 +01:00
Daniel Lowrey
c3d76441d5 Fix build against older OpenSSL libs 2014-02-21 12:16:23 -07:00
Daniel Lowrey
5389d0963c Merge branch 'reneg-limit' of https://github.com/rdlowrey/php-src into PHP-5.6 
* 'reneg-limit' of https://github.com/rdlowrey/php-src:
  Mitigate client-initiated SSL renegotiation DoS
 2014-02-21 09:13:55 -07:00
Daniel Lowrey
b6edbd5897 Mitigate client-initiated SSL renegotiation DoS 2014-02-21 06:31:56 -07:00
Anatol Belski
f51555ca58 C89 compat 2014-02-21 11:23:42 +01:00
Daniel Lowrey
9f94e0b51c Improve OpenSSL compile flag compatibility, minor updates 2014-02-20 17:23:34 -07:00
Daniel Lowrey
3a9829af20 Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests 2014-02-20 17:10:06 -07:00
Daniel Lowrey
d0c9207cff Improve server forward secrecy, refactor client SNI 2014-02-20 17:10:06 -07:00
Daniel Lowrey
742fc5fb35 Add 'honor_cipher_order' server context option 2014-02-20 17:10:06 -07:00
Daniel Lowrey
081c8e9d92 Add 'capture_session_meta' context option 2014-02-20 17:10:06 -07:00
Daniel Lowrey
b98b093d73 Disable TLS compression by default in both clients and servers 2014-02-20 17:10:06 -07:00
Daniel Lowrey
b9ba011c0f Release ssl buffers 2014-02-20 17:10:06 -07:00
Daniel Lowrey
df6bfe3be2 Add openssl_get_cert_locations() function 2014-02-20 17:10:06 -07:00
Daniel Lowrey
258d04df5c Explicitly set cert verify depth if not specified 2014-02-20 17:10:06 -07:00
Daniel Lowrey
225f534b1a Strengthen default cipher list 2014-02-20 17:10:06 -07:00
Daniel Lowrey
e272225e2a Merge branch 'bug-65538' of https://github.com/rdlowrey/php-src into PHP-5.6 
* 'bug-65538' of https://github.com/rdlowrey/php-src:
  Add tests for Bug #65538
  Fix Bug #65538 (cafile now supports stream wrappers)
 2014-02-19 04:17:33 -07:00
Daniel Lowrey
d9036d14f7 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Skip failing tests when EC unavailable (RHEL)
 2014-02-19 04:01:57 -07:00
Daniel Lowrey
a7d3606650 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Skip failing tests when EC unavailable (RHEL)

Conflicts:
	ext/openssl/openssl.c
 2014-02-19 04:01:08 -07:00
Daniel Lowrey
633f898f15 Skip failing tests when EC unavailable (RHEL) 2014-02-19 03:57:37 -07:00
Daniel Lowrey
4e4d319e62 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed broken build when EC unavailable
 2014-02-17 19:38:49 -05:00
Daniel Lowrey
bd9aa181dc Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed broken build when EC unavailable
 2014-02-17 19:38:30 -05:00
Daniel Lowrey
a80cec1190 Fixed broken build when EC unavailable 2014-02-17 18:55:39 -05:00
Daniel Lowrey
2a83295b14 Add tests for Bug #65538 2014-02-16 09:20:43 -07:00
Daniel Lowrey
c7220dc6c5 Fix Bug #65538 (cafile now supports stream wrappers) 2014-02-16 08:47:37 -07:00
Daniel Lowrey
b60cb2b88a Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:20:01 -07:00
Daniel Lowrey
65adb74984 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:15:24 -07:00
mk-j
19524fc6fe Fix for bug66501 - "key type not supported in this PHP build" 2014-02-14 18:11:46 -07:00
Daniel Lowrey
ce8dc0ede2 Bug #47030 (separate host and peer verification) 2014-02-14 15:17:30 -07:00
Daniel Lowrey
f073588e75 Fix test broken if openssl is compiled without sslv2 2014-02-14 13:39:02 -07:00
Daniel Lowrey
8582353700 Fix segfault accessing context when no context assigned 2014-02-14 10:24:08 -07:00
Daniel Lowrey
99fa59054d Fixed SNI failure from missing Z_STRVAL_PP 2014-02-04 19:11:56 -07:00
Daniel Lowrey
05c309f2d8 Remove #if PHP_VERSION_ID version checks 2014-02-01 08:01:13 -07:00
Daniel Lowrey
58293fb533 Use master-agnostic zend_is_true checks 2014-01-31 14:18:31 -07:00
Daniel Lowrey
43432c12f1 Fixed build breakage from b4b4d9697f 2014-01-29 17:57:59 -07:00
Daniel Lowrey
b4b4d9697f Verify peers by default in client socket operations 2014-01-28 10:05:56 -07:00
Daniel Lowrey
68883318aa Prevent invalid SAN peer verification on null byte prefix attack 2014-01-27 14:51:22 -07:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Anatol Belski
39a2dcdeac Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #65486 mysqli_poll() is broken on Win x64
 2013-12-12 10:46:21 +01:00
Anatol Belski
da62fd5ed8 Fixed bug #65486 mysqli_poll() is broken on Win x64 
While this issue is visible in mysqli_poll() functions, the cause
lays deeper in the stream to socket casting API. On Win x64 the
SOCKET datatype is a 64 or 32 bit unsigned, while on Linux/Unix-like
it's 32 bit signed integer. The game of casting 32 bit var to/from
64 bit pointer back and forth is the best way to break it.

Further more, while socket and file descriptors are always integers
on Linux, those are different things using different APIs on Windows.
Even though using integer instead of SOCKET might work on Windows, this
issue might need to be revamped more carefully later. By this time
this patch is tested well with phpt and apps and shows no regressions,
neither in mysqli_poll() nor in any other parts.
 2013-12-12 10:17:01 +01:00
Anatol Belski
e9efc16660 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:33:37 +01:00
Anatol Belski
b6bcae5c10 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:33:16 +01:00
Anatol Belski
ff89066b3d Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:32:49 +01:00
Anatol Belski
6f739318fd fix dir separator in cve-2013-6420 test 2013-12-11 13:31:29 +01:00
Stanislav Malyshev
293984ac33 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:36:06 -08:00
Stanislav Malyshev
41cd533298 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:35:26 -08:00
Stanislav Malyshev
71daf3229b Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse

Conflicts:
	configure.in
	main/php_version.h
 2013-12-10 11:34:35 -08:00
Stanislav Malyshev
c1224573c7 Fix CVE-2013-6420 - memory corruption in openssl_x509_parse 2013-12-10 11:03:49 -08:00
Michael Wallner
c86862cb3c Merge branch 'openssl_compile_warning_fix' of https://github.com/bukka/php-src 
* 'openssl_compile_warning_fix' of https://github.com/bukka/php-src:
  Fix compiler warnings in openssl.c
 2013-10-18 12:03:02 +02:00
Michael Wallner
b95f9fa0aa previous revert killed that file 2013-10-17 15:32:18 +02:00
Michael Wallner
3f2fba4c34 Merge branch 'updated_tls_support' of https://github.com/rdlowrey/php-src 
* 'updated_tls_support' of https://github.com/rdlowrey/php-src:
  Added support for TLSv1.1 and TLSv1.2

Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 15:27:15 +02:00
Michael Wallner
dd3a4c303b Merge branch 'PHP-5.5' 
* PHP-5.5:
  Revert "TLS news"
  Revert "Added support for TLSv1.1 and TLSv1.2"
 2013-10-17 15:22:07 +02:00
Michael Wallner
8aaecef524 Revert "Added support for TLSv1.1 and TLSv1.2" 
This reverts commit 2aaa3d538a.
 2013-10-17 15:20:38 +02:00
Michael Wallner
ad0a85b9e2 fix ws 2013-10-17 15:09:28 +02:00
Michael Wallner
5a7ca69e56 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Added support for TLSv1.1 and TLSv1.2

Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 14:53:50 +02:00
Daniel Lowrey
2aaa3d538a Added support for TLSv1.1 and TLSv1.2 
Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 14:49:44 +02:00
Jakub Zelenka
c092d286fc Fix compiler warnings in openssl.c 2013-10-13 15:52:39 +01:00
Daniel Lowrey
9d57243794 Fixes broken zts build (recent openssl changes) 2013-10-12 22:28:15 +02:00
Michael Wallner
e2d123a720 C89 2013-10-09 17:16:25 +02:00
Michael Wallner
c85c50e35c Merge branch 'san_peer_matching' of https://github.com/rdlowrey/php-src 
* 'san_peer_matching' of https://github.com/rdlowrey/php-src:
  Changed return types to zend_bool, renamed test
  Added SAN matching during peer verification
 2013-10-09 17:09:03 +02:00
Daniel Lowrey
a40dd6e963 Changed return types to zend_bool, renamed test 2013-10-09 09:55:36 -04:00
Michael Wallner
302b9d4e5c Merge branch 'PHP-5.5' 
* PHP-5.5:
  C89 compatibility
 2013-10-09 12:30:51 +02:00
Michael Wallner
3b3c57e79e Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  C89 compatibility
 2013-10-09 12:30:42 +02:00
Michael Wallner
22700890d4 C89 compatibility 2013-10-09 12:30:31 +02:00
Michael Wallner
29d5ff75d5 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fixed segfault when built with OpenSSL >= 1.0.1
  fixing a minor typo in CODING_STANDARDS document
  FIX BUG #65219 - Typo correction
  FIX BUG #65219 - USE DB not being sent for FreeTDS version < 0.92 FreeTDS <0.92 does not support DBSETLDBNAME option and therefore will not work with SQL Azure. Fallback to dbuse command in letter versions.
 2013-10-09 09:18:29 +02:00
Michael Wallner
36fb4ed968 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed segfault when built with OpenSSL >= 1.0.1
  fixing a minor typo in CODING_STANDARDS document
  FIX BUG #65219 - Typo correction
  FIX BUG #65219 - USE DB not being sent for FreeTDS version < 0.92 FreeTDS <0.92 does not support DBSETLDBNAME option and therefore will not work with SQL Azure. Fallback to dbuse command in letter versions.
 2013-10-09 09:17:48 +02:00
Daniel Lowrey
b026993a74 Fixed segfault when built with OpenSSL >= 1.0.1 
(PR #481)
 2013-10-09 09:17:25 +02:00
Daniel Lowrey
2ddefbd2b3 Added support for TLSv1.1 and TLSv1.2 2013-10-08 14:09:17 -04:00
Daniel Lowrey
1970b96443 Added SAN matching during peer verification 2013-10-08 12:37:44 -04:00
Michael Wallner
ea0578e223 Merge branch 'ssl-streams-crypto-method' of https://github.com/mj/php-src 
* 'ssl-streams-crypto-method' of https://github.com/mj/php-src:
  Add unit test that covers setting the crypto method.
  Streams for ssl:// transports can now be configured to use a specific crypto method (SSLv3, SSLv2 etc.) by calling
 2013-10-08 16:10:00 +02:00
Michael Wallner
8300ced2f7 Merge branch 'bug65729' of https://github.com/datibbaw/php-src 
* 'bug65729' of https://github.com/datibbaw/php-src:
  DNS name comparison is now case insensitive.
  Use zend_bool as return value for _match()
  Added two more test cases for CN matching.
  yay, reduced one variable
  Fixed bug that would lead to out of bounds memory access
  added better wildcard matching for CN
 2013-10-08 15:58:28 +02:00
datibbaw
6106896440 DNS name comparison is now case insensitive. 2013-10-08 10:07:54 +08:00
Tjerk Meesters
39c0daeb71 Use zend_bool as return value for _match() 2013-10-07 23:04:24 +08:00
Tjerk Meesters
674dd73f8c Added two more test cases for CN matching. 2013-10-07 22:10:05 +08:00
datibbaw
955bc1d91b Using SUCCESS and FAILURE for return values 
Using zend_bool for boolean arguments and return values
Reduced one level of zval indirection where possible
 2013-10-07 15:38:48 +08:00
Martin Jansen
047877e810 Add unit test that covers setting the crypto method. 2013-10-04 21:55:29 +02:00
Tjerk Meesters
e45eacd8fa show method in error message 2013-09-30 21:21:56 +08:00
datibbaw
edd93f3452 Support string and array for peer fingerprint matching 2013-09-27 14:13:11 +08:00
Tjerk Meesters
69bdc5aca8 who put that stupid newline there? 2013-09-23 23:42:31 +08:00
Tjerk Meesters
1c7cabb2ca add md5 and sha1 fingerprint tests 2013-09-23 23:29:17 +08:00
Tjerk Meesters
2bfc5a253b Renamed to be more descriptive of what it does 2013-09-23 00:51:17 +08:00
Martin Jansen
ce2789558a Streams for ssl:// transports can now be configured to use a specific 
crypto method (SSLv3, SSLv2 etc.) by calling

stream_context_set_option($ctx, "ssl", "crypto_method", $crypto_method)

where $crypto_method can be one of STREAM_CRYPTO_METHOD_SSLv2_CLIENT,
STREAM_CRYPTO_METHOD_SSLv3_CLIENT, STREAM_CRYPTO_METHOD_SSLv23_CLIENT
or STREAM_CRYPTO_METHOD_TLS_CLIENT. SSLv23 remains the default crypto
method.

This change makes it possible to fopen() SSL URLs that are only
provided using SSL v3.
 2013-09-21 21:26:40 +02:00
Tjerk Meesters
a820c3d6ba yay, reduced one variable 2013-09-21 20:42:52 +08:00
Tjerk Meesters
8e847b5845 Fixed bug that would lead to out of bounds memory access 2013-09-21 19:38:09 +08:00
Tjerk Meesters
521a5c9568 don't leak cert on errors, return null on zpp failure 2013-09-21 18:24:00 +08:00
Tjerk Meesters
8915c3fb4f added better wildcard matching for CN 2013-09-21 16:45:20 +08:00
Tjerk Meesters
a97aec16c0 Added test case for openssl_x509_digest() 2013-09-20 23:29:04 +08:00
Tjerk Meesters
574fe449dc removed the byref result 2013-09-20 22:50:30 +08:00
datibbaw
ce13f9fa32 indentation fail 2013-09-20 16:59:44 +08:00
datibbaw
b2881db9a9 added option for hash function 2013-09-20 16:56:50 +08:00
datibbaw
5cff92fb12 added option for raw output 2013-09-20 15:45:41 +08:00
datibbaw
b8f9a20286 added openssl_x509_digest(), output is binary sha1 2013-09-20 15:04:52 +08:00
Christopher Jones
24288eb4d1 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Remove compile warning:
      warning: unused variable ‘j’ [-Wunused-variable]
 2013-08-19 17:58:53 -07:00
Christopher Jones
1a00b9bd26 Remove compile warning: 
warning: unused variable ‘j’ [-Wunused-variable]
 2013-08-19 17:58:42 -07:00
Christopher Jones
5697aa5728 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Remove compile warnings:
      warning: variable ‘lastch’ set but not used [-Wunused-but-set-variable]
      warning: variable ‘buf’ set but not used [-Wunused-but-set-variable]
  Remove compile warning: variable ‘streamp’ set but not used [-Wunused-but-set-variable]
  Remove compile warnings:
      variable ‘obj_cnt’ set but not used [-Wunused-but-set-variable]
      unused variable ‘last’ [-Wunused-variable]
      unused variable ‘j’ [-Wunused-variable]
  Remove compile warning "variable ‘mekeylen’ set but not used"
 2013-08-19 17:51:04 -07:00
Christopher Jones
cf7f50748a Remove compile warnings: 
variable ‘obj_cnt’ set but not used [-Wunused-but-set-variable]
  unused variable ‘last’ [-Wunused-variable]
  unused variable ‘j’ [-Wunused-variable]
 2013-08-19 17:44:36 -07:00
Stanislav Malyshev
cfe5833579 Merge branch 'PHP-5.5' 
* PHP-5.5:
  fix using wrong buffer pointer
 2013-08-19 01:07:50 -07:00
Stanislav Malyshev
8e0f110099 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix using wrong buffer pointer
 2013-08-19 01:04:19 -07:00
Stanislav Malyshev
cf96aa155e Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  fix using wrong buffer pointer
 2013-08-19 01:03:18 -07:00
Stanislav Malyshev
c1c49d6e39 fix using wrong buffer pointer 2013-08-19 01:02:12 -07:00
Stanislav Malyshev
12c2a8a5eb Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix for php bug #64802 includes test case
 2013-08-18 16:55:03 -07:00
Stanislav Malyshev
bd29ff7c38 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for php bug #64802 includes test case

Conflicts:
	ext/openssl/openssl.c
 2013-08-18 15:45:17 -07:00
Mark Jones
9973658a44 Fix for php bug #64802 includes test case 2013-08-18 15:42:37 -07:00
Christopher Jones
ac03b67e6a Remove unused variable 2013-08-14 21:21:17 -07:00
Christopher Jones
3c166c4758 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/gmp/gmp.c
 2013-08-14 20:47:00 -07:00
Christopher Jones
39612afc72 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/dba/libinifile/inifile.c
 2013-08-14 20:43:25 -07:00