Tjerk Meesters
2ff3dafccf
Fixed #69882 : OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
...
Squashed commit of the following:
commit a64c1d9bc4
Author: Tomasz Sawicki <falundir@gmail.com>
Date: Wed Jun 24 08:49:37 2015 +0200
Fix #69882 : OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
The "key values mismatch" error is triggered in openssl_pkcs12_read by
PKCS12_parse, because it uses X509_check_private_key to separate main
certificate (which corresponds to private key) from extra certificates.
Extra certificates usually comes first (p12 contents are reversed as
stack) and X509_check_private_key triggers X509_R_KEY_VALUES_MISMATCH
error.
The fix pops "key values mismatch" error from OpenSSL error stack for
each extra certificate if there are any.
2015-06-26 05:33:28 +08:00
Rasmus Lerdorf
741382d968
Remove SSLv3 test dependencies
...
SSLv3 is going away. Debian8 already ships with an openssl
with no SSLv3 support which was causing these tests to fail.
Conflicts:
ext/openssl/tests/session_meta_capture.phpt
2015-05-05 10:40:55 +02:00
Remi Collet
342acbe1c6
skip test when xml not available
2015-04-17 15:20:22 +02:00
Daniel Lowrey
81f356b4ae
Fix Bug #69402 : Reading empty SSL stream hangs until timeout
2015-04-14 09:25:11 -06:00
Leigh
a04ab4b54b
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Add RAND_egd check for compiling against LibreSSL
2015-03-27 13:26:48 +01:00
Leigh
1b2d58a364
Add RAND_egd check for compiling against LibreSSL
2015-03-27 13:24:36 +01:00
Daniel Lowrey
c661121459
Don't block on crypto data inside stream_select()
2015-03-11 09:44:07 -06:00
Daniel Lowrey
3f6b12795c
Fix bug# 69215 (Crypto servers should send client CA list)
2015-03-10 18:13:10 -06:00
Daniel Lowrey
69691cc8ca
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix crypto stream timeout regressions
2015-03-09 15:55:33 -06:00
Daniel Lowrey
bbfd4a5e62
Fix crypto stream timeout regressions
2015-03-09 15:53:26 -06:00
Daniel Lowrey
0928bad9ac
Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly)
2015-03-06 11:29:56 -07:00
Daniel Lowrey
e82878a200
Update test to run locally instead of remotely
2015-03-05 22:00:38 -07:00
Chris Wright
e7df9d710c
Fix stream_select() issue with OpenSSL buffer
...
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed
Addresses bug #65137
https://bugs.php.net/bug.php?id=65137
Conflicts:
ext/openssl/xp_ssl.c
2015-03-05 17:18:14 -07:00
Daniel Lowrey
ca24d19a89
Really fix zts this time
2015-03-05 14:09:25 -07:00
Daniel Lowrey
c985ec737d
Fix ZTS
2015-03-05 12:19:15 -07:00
Daniel Lowrey
010f17534f
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix ZTS build
2015-03-05 12:13:33 -07:00
Daniel Lowrey
e892f5382f
Fix ZTS build
2015-03-05 12:12:55 -07:00
Daniel Lowrey
5939de35a8
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix bug #67403 (Add signatureType to openssl_x509_parse)
5.5.24 now
Conflicts:
configure.in
main/php_version.h
2015-03-05 10:21:32 -07:00
Daniel Lowrey
94140afa69
Fix bug #67403 (Add signatureType to openssl_x509_parse)
2015-03-05 10:09:06 -07:00
Daniel Lowrey
65a9a5ca12
Fixed bug #68265 (SAN match fails with trailing DNS dot)
2015-03-04 23:55:42 -07:00
Daniel Lowrey
1de1ff75f5
Merge branch 'PHP-5.6' of https://github.com/bjori/php-src into PHP-5.6
...
* 'PHP-5.6' of https://github.com/bjori/php-src :
hexadecimal is case*in*sensitive
2015-03-04 22:55:22 -07:00
Daniel Lowrey
5dcace058a
Fixed bug #68879 (IP Address fields in subjectAltNames not used)
2015-03-04 22:39:25 -07:00
Daniel Lowrey
ca766e0787
Fix broken test
2015-03-04 22:37:07 -07:00
Hannes Magnusson
3c2c029bfd
hexadecimal is case*in*sensitive
2015-03-04 16:03:45 -08:00
Daniel Lowrey
241f3c34b8
Fixed bug #68920 (use strict peer_fingerprint input checks)
2015-03-04 12:47:46 -07:00
Xinchen Hui
8309988111
Fixed bug #68912 (Segmentation fault at openssl_spki_new)
2015-02-16 14:16:52 +08:00
Anatol Belski
b3d28d14d6
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
fix condition
2015-02-13 13:40:10 +01:00
Anatol Belski
5ff77b005b
fix condition
2015-02-13 13:39:46 +01:00
Daniel Lowrey
fb2314798e
Merge branch 'PHP-5.5' into PHP-5.6
...
Conflicts:
ext/openssl/xp_ssl.c
2015-02-09 11:44:09 -05:00
Daniel Lowrey
1eef4f2a0c
Miscellaneous cleanup
2015-02-09 11:42:17 -05:00
Brad Broerman
dddbe0fc33
Update xp_ssl.c
...
Added TSRMLS_CC to php_openssl_sockop_io calls.
2015-02-04 10:13:36 -05:00
Brad Broerman
1482ed2d56
reneg and should_close are not yet members of sslsock. Removing...
2015-01-28 22:36:41 -05:00
Brad Broerman
fd4641696c
Updated with SSL fixes (backported from trunk)
2015-01-28 00:04:20 -05:00
Xinchen Hui
0579e8278d
bump year
2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
Daniel Lowrey
80a337bba1
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Update NEWS
Fixed bug #55618 (use case-insensitive cert name matching)
2015-01-14 18:04:41 +01:00
Daniel Lowrey
e2fe8e164f
Fixed bug #55618 (use case-insensitive cert name matching)
2015-01-14 18:02:50 +01:00
Remi Collet
181f34f375
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
fix perms
2014-12-16 08:37:56 +01:00
Remi Collet
9c4de388c6
fix perms
2014-12-16 08:37:48 +01:00
Stanislav Malyshev
8c08124c0e
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Adds test cases for openssl EC improvements
Adds better handling of EC keys: OPENSSL_KEYTYPE_EC
2014-11-30 18:24:23 -08:00
Dominic Luechinger
6048ac32b4
Adds test cases for openssl EC improvements
2014-11-30 18:17:48 -08:00
Dominic Luechinger
5d1cc7d135
Adds better handling of EC keys: OPENSSL_KEYTYPE_EC
...
When working with elliptic curve and openssl some functions are not
aware of the different handling.
Improvements:
- Fixes export of EC private keys
- Adds curve information to openssl_pkey_get_details
Conflicts:
ext/openssl/openssl.c
2014-11-30 18:02:55 -08:00
Anatol Belski
1552d6ae7b
disable ext/openssl/tests/stream_server_reneg_limit.phpt for windows
...
This is using the openssl binary which, despite it's contained in the
deps, would probably miss all it's environment. It is just prone to
failure and thus is not worth it.
2014-11-28 12:24:32 +01:00
Dominic Luechinger
437ab7f1f4
Minor fix: Missing quotes in openssl test case for bug bug64802
2014-11-23 15:15:49 -08:00
Ferenc Kovacs
feadaaed56
Revert "Merge branch 'PHP-5.5' into PHP-5.6"
...
This reverts commit 98e67add15
, reversing
changes made to 2cdc1a2b74
.
2014-10-15 19:34:07 +02:00
Ferenc Kovacs
4fb998d42f
Revert "fix TS build"
...
This reverts commit 84a4041ba4
.
2014-10-15 19:33:47 +02:00
Ferenc Kovacs
7b8222aa44
Revert "Merge branch 'PHP-5.4' into PHP-5.5"
...
This reverts commit 30a73658c6
, reversing
changes made to 7fac56e072
.
2014-10-15 19:33:31 +02:00
Ferenc Kovacs
528e4166a6
Revert "Bug #67965 : Fix blocking behavior in non-blocking crypto streams"
...
This reverts commit f86b2193a4
.
2014-10-15 19:32:46 +02:00
Ferenc Kovacs
ff91a48f6e
Revert "Bug #41631 : Fix regression from first attempt ( 6569db8
)"
...
This reverts commit 372844918a
.
2014-10-15 19:32:14 +02:00
Tjerk Meesters
836a5dfddb
Fixed bug #68234
...
Certificate will now expire in 2034
2014-10-15 21:12:13 +08:00