Pierre Joye
5def392ce1
- 38261: openssl_x509_parse leaks with invalid certs
2006-07-30 16:26:20 +00:00
Pierre Joye
509761f96d
- silent compiler warnings (signess)
2006-07-30 09:18:07 +00:00
Pierre Joye
3a75600dbb
- MFH: make the test more obvious and add an explanation
2006-07-29 23:03:56 +00:00
Pierre Joye
3fe91ed83f
- vi happiness++
2006-07-29 22:52:49 +00:00
Pierre Joye
47db124cda
- #38255 , fails on array as well
2006-07-29 22:39:34 +00:00
Pierre Joye
46b3f37810
- fix leak when the key is not a valid key (like false or an array)
2006-07-29 22:10:50 +00:00
Wez Furlong
8f87235107
Add two new context options for ssl:
...
"capture_peer_cert" and "capture_peer_cert_chain"
If true, the peer certificate and peer certificate chain respectively will be
captured and made available in the ssl context variables "peer_certificate" and
"peer_certificate_chain" respectively. The certificates are exposed as x509
certificate resources and can be inspected using the existing openssl extension
functions.
This allows applications to perform extended validation.
2006-04-30 23:43:46 +00:00
foobar
5bd93221a8
bump year and license version
2006-01-01 12:51:34 +00:00
foobar
3e669bc950
MFH: nuke php3 legacy
2005-12-06 02:28:41 +00:00
foobar
d69ab24f69
MFH: - Fixed bug #35381 (ssl library is not initialized properly)
2005-11-28 11:37:43 +00:00
foobar
9477097564
MFH: Nuked EOLs from error messages
2005-08-18 13:34:41 +00:00
foobar
23e671a51e
- Bumber up year
2005-08-03 14:08:58 +00:00
Wez Furlong
efc6ccaa01
Add optional parameter to openssl_pkcs7_verify() which specifies the name
...
of a file that will be filled with the verified data, but with the signature
information stripped.
Patch by Marton Kenyeres, mkenyeres (at) konvergencia dot hu
2005-06-30 14:25:41 +00:00
foobar
b8ac8eeca6
- Never use Z_TYPE* macros on non-zvals.
2005-04-19 22:04:28 +00:00
Ilia Alshanetsky
8c38ac19bf
Fixed possible usage of str without being initialized.
2005-03-15 00:27:52 +00:00
foobar
005b2d77bf
- Fixed bug #18613 (Multiple OUs in x509 certificate not handled properly)
2005-03-14 21:00:03 +00:00
Wez Furlong
c8cc96e6fe
Fix possible crash; patch by Kamesh Jayachandran
2004-10-27 11:07:26 +00:00
Wez Furlong
0a4127a610
Fix for Bug #29418 (double free when openssl_csr_new fails).
...
Also hook up MSHUTDOWN function which appears to have never been enabled.
Patch by Kamesh Jayachandran
2004-10-26 09:24:07 +00:00
Magnus M��tt�
17c77a54bf
Add missing stream unregister for sslv2 and 3.
2004-09-13 18:30:30 +00:00
Wez Furlong
0bc0ccce2b
Fix Bug #29296 : add explicit sslv2 and sslv3 transports
2004-09-10 11:43:47 +00:00
Wez Furlong
e9920ede1f
Fix bug #28096 - stream_socket_accept() on an SSL server socket doesn't
...
enable SSL on the accepted socket.
- Add cipher list context option
- Add helpful hint about why SSL server socket fails with mysterious
error (eg: you need an SSL certificate for most ciphers).
2004-04-21 23:02:06 +00:00
Ilia Alshanetsky
0d0fffe98b
Fixed compiler warnings.
2004-03-29 19:57:51 +00:00
Andi Gutmans
dbeb4158d2
- A belated happy holidays and PHP 5
2004-01-08 08:18:22 +00:00
Ilia Alshanetsky
cba426ca13
Fixed uninitialized usage of mdtype when unknown signature algorithm is
...
found.
2003-12-21 18:17:20 +00:00
Wez Furlong
eaf0942c8b
Port liveness and SSL CA validation from 4.3 branch.
...
Make stream_select() work on ssl-enabled sockets again.
2003-11-27 17:40:16 +00:00
Wez Furlong
42ae98d7a2
Fix unintialized variable.
...
Patch by Joe Orton.
2003-10-13 11:43:14 +00:00
foobar
08effa1b04
Fixed typo.
2003-09-23 19:29:34 +00:00
Wez Furlong
fce7b92891
MFB 25614 "fix"
2003-09-23 16:05:52 +00:00
Ilia Alshanetsky
9c82b1fa75
Fixed compiler warnings.
2003-08-31 20:45:51 +00:00
Zeev Suraski
8767205afa
Fix Win32 linkage problems
2003-08-31 12:41:53 +00:00
Zeev Suraski
538d58dd5f
Use new infrastructure.
...
There are bound to be some messups, please report build/runtime bugs!
2003-08-03 17:44:39 +00:00
Stefan Roehrich
750635d131
Allow setting of the serial number.
2003-07-13 09:54:42 +00:00
Stefan Roehrich
80ee75f11e
Fixed certificate version (counting begins with 0, so 2 means version 3).
2003-07-13 09:38:32 +00:00
James Cox
f68c7ff249
updating license information in the headers.
2003-06-10 20:04:29 +00:00
Ilia Alshanetsky
b19f3302eb
MFB
2003-06-08 23:52:29 +00:00
Ilia Alshanetsky
c511cd2242
emalloc -> safe_emalloc
2003-04-28 22:42:22 +00:00
Wez Furlong
16dae2eba0
Fix const warning
2003-03-31 17:58:29 +00:00
Derick Rethans
07dd6f49ff
- Typo and some whitespace
2003-03-30 22:29:22 +00:00
Derick Rethans
27496361d5
- Added optional parameter to openssl_sign() to specify the hashing
...
algorithm to use. (Patch by Scott <scott@planetscott.ca>)
@- Added optional parameter to openssl_sign() to specify the hashing
@ algorithm to use. (scott@planetscott.ca , Derick)
2003-03-30 22:25:23 +00:00
Wez Furlong
b66957c56a
fix proto
2003-03-15 13:29:35 +00:00
David Hill
5c90216d2c
64-bit correction to variables passed to zend_parse_parameters
...
@64-bit correction to variables passed to zend_parse_parameters (Dave)
2003-03-06 23:07:28 +00:00
Ilia Alshanetsky
14bf872003
Fixed compiler warnings.
2003-02-28 17:26:28 +00:00
Wez Furlong
76ebaa6ee7
- Move https:// and ftps:// wrapper registration into the openssl module.
...
- Expose the http:// and ftp:// wrappers as PHPAPI
- Remove unused variables
2003-02-27 18:16:35 +00:00
Wez Furlong
fd61f69077
Another big commit (tm).
...
Main Changes:
- Implement a socket transport layer for use by all code that needs to open
some kind of "special" socket for network or IPC.
- Extensions can register (and override) transports.
- Implement ftruncate() on streams via the ioctl-alike option interface.
- Implement mmap() on streams via the ioctl-alike option interface.
- Implement generic crypto API via the ioctl-alike option interface.
(currently only supports OpenSSL, but could support other SSL toolkits,
and other crypto transport protocols).
Impact:
- tcp sockets can be overloaded by the openssl capable sockets at runtime,
removing the link-time requirement for ssl:// and https:// sockets and
streams.
- checking stream types using PHP_STREAM_IS_SOCKET is deprecated, since
there are now a range of possible socket-type streams.
Working towards:
- socket servers using the new transport layer
- mmap support under win32
- Cleaner code.
# I will be updating the win32 build to add the new files shortly
# after this commit.
2003-02-27 17:43:38 +00:00
Wez Furlong
79c046d8a8
Add additional optional parameter to openssl_pkcs7_encrypt to specify the
...
cipher. The cipher can be one of the constants listed below.
Based on a patch from:
stefan at cuba dot ionum dot ch
OPENSSL_CIPHER_RC2_40, (the default)
OPENSSL_CIPHER_RC2_128,
OPENSSL_CIPHER_RC2_64,
OPENSSL_CIPHER_DES,
OPENSSL_CIPHER_3DES,
proto bool openssl_pkcs7_encrypt(string infile, string outfile,
mixed recipcerts, array headers [, long flags [, long cipher]])
2003-02-10 09:49:31 +00:00
Ilia Alshanetsky
31a3135014
Fixed bug #21986 (openssl test failure).
2003-01-31 22:15:56 +00:00
Ilia Alshanetsky
e2868b5788
Removed pointless memory allocation checks.
2003-01-18 19:41:56 +00:00
Ilia Alshanetsky
5f36ce398e
CS fixes.
2003-01-04 23:31:55 +00:00
Ilia Alshanetsky
f65e8488d7
Fixed a small memory leak when a NULL variable is passed to
...
openssl_csr_sign() as the first argument.
2003-01-02 21:18:59 +00:00
Sebastian Bergmann
b506f5c8f8
Bump year.
2002-12-31 16:08:15 +00:00
Marcus Boerger
95c701d328
MFB: ZTS fix by Ilia
2002-12-13 09:17:04 +00:00
Marcus Boerger
c2078cdabf
php_error -> php_error_docref conversion fix (noticed by derick)
2002-12-12 14:12:42 +00:00
Wez Furlong
1ef74a4f79
Patch for #20936 (openssl: public key handling was broken).
...
Thanks to <jeroen@derks.it> for the patch.
2002-12-12 13:42:23 +00:00
Marcus Boerger
835c4dedbb
typeconversion is needed here for cygwin
2002-12-12 12:18:44 +00:00
Ilia Alshanetsky
08e020a870
ZTS fix.
2002-12-11 07:29:51 +00:00
Ilia Alshanetsky
533d3273bd
Fix ZTS build
2002-12-11 02:30:00 +00:00
Wez Furlong
9746be4779
use php_error_docref and tidy up some WS/coding standards.
2002-12-10 22:18:58 +00:00
Ilia Alshanetsky
cc85828811
Fixed bug #19935 . Made OpenSSL file system operations abide by safe_mode
...
& open_basedir restrictions.
2002-11-10 05:19:40 +00:00
Wez Furlong
0c7a386b3e
correct proto
2002-08-10 20:19:49 +00:00
foobar
36fbe5c933
Fixed bug: #18295 . e_os.h is not supposed to be included..
2002-07-12 21:46:36 +00:00
foobar
ce379abfbd
Fixed bug: #17751 (typo)
2002-06-13 19:41:25 +00:00
Wez Furlong
7ae1630a97
proto tweak
2002-05-17 12:42:40 +00:00
Wez Furlong
3a68052828
Fix for #16885
2002-05-01 08:22:17 +00:00
Wez Furlong
f571438d7a
Probable fix for #16940 .
2002-05-01 07:50:13 +00:00
Yasuo Ohgaki
fe6990cc6b
Remove compiler warnings
2002-04-19 07:56:41 +00:00
Wez Furlong
4df5076d2f
fix build with ZE2
2002-04-12 19:26:08 +00:00
Wez Furlong
959021a8c9
Add subject hash to parsed x509 data.
...
Make the test use file_get_contents().
2002-03-28 00:56:19 +00:00
Wez Furlong
74749ad642
Fix regular openssl_pkey_get_private($content, $phrase) syntax and
...
add test case.
This stuff should be merged into the 4.2 branch.
2002-03-26 00:03:11 +00:00
Sebastian Bergmann
90613d2282
Maintain headers.
2002-02-28 08:29:35 +00:00
Derick Rethans
d26afcf366
- Fix for openssl_pkcs7_sign segfaults
...
(patch by Christian Stocker <chregu@php.net>)
2002-01-31 09:57:28 +00:00
Sebastian Bergmann
38933514e1
Update headers.
2001-12-11 15:32:16 +00:00
Hartmut Holzgraefe
94737d086f
proto fix
2001-12-07 07:27:00 +00:00
Hartmut Holzgraefe
250aded265
proto fixes
2001-12-06 17:51:48 +00:00
Stig Bakken
689252082c
* zend_module_entry change: apino, debug and zts are moved first,
...
see README.EXTENSIONS file for upgrade help.
@Introduced extension version numbers (Stig)
2001-10-11 23:33:59 +00:00
Daniel Beulshausen
1ac3aa7e08
nuke unnecessary force-by-ref declarations + name the needed in a proper way
2001-10-05 15:56:42 +00:00
Daniel Beulshausen
377d88cec0
use maxpathlen instead of path_max
2001-10-04 20:10:58 +00:00
Stig Venaas
b055912861
Didn't compile, replaced some TSRMLS_C with TSRMLS_CC
2001-09-30 13:30:18 +00:00
Jeroen van Wolffelaar
c033288573
Back-substitute for Z_* macro's. If it breaks some extension (the script isn't optimal, it parses for example var->zval.value incorrect) please let me know.
2001-09-25 21:58:48 +00:00
Egon Schmid
88713e4d8d
Fixed some protos. Haven't read the source code, so some protos could be wrong. bool notext=true looks very strange to me.
2001-09-11 01:03:59 +00:00
Wez Furlong
671b46a0db
Revise the xxx_export api so that exporting to files is comfortable.
2001-09-11 00:33:25 +00:00
Wez Furlong
0f835fdf28
Arrrgghh!
...
Fix munched file.
# Dunno how that happened.
2001-09-11 00:03:58 +00:00
Wez Furlong
3b8f3cc439
Added some preliminary x509 cert and csr creation/signing functions.
...
Also, some problems with CGI initialization should be eliminated.
Renamed some pkey functions to be more consistent.
# Added aliases for older names; not sure if we should keep those.
2001-09-10 23:57:10 +00:00
Daniel Beulshausen
87d7284e46
don't forget TSRMLS_CC when using zend_parse_parameters
2001-09-10 14:30:10 +00:00
Derick Rethans
78747bd2df
- Don't wrap lines... this is annoying while coding.
2001-09-09 13:29:31 +00:00
Wez Furlong
3ed4cc33ac
API update: use zend_parse_parameters
2001-09-07 17:09:56 +00:00
Zeev Suraski
e140b35b04
API update
2001-08-21 12:57:53 +00:00
foobar
474da88b4c
more ZTS fixes.
2001-07-31 23:47:35 +00:00
Zeev Suraski
aa1772ca72
More TSRMLS_FETCH annihilation
2001-07-31 05:44:11 +00:00
Zeev Suraski
c43806f415
Zend compatibility patch
2001-07-30 08:24:42 +00:00
Zeev Suraski
7b1c400631
More TSRMLS_FETCH annihilation (Zend compatibility patch)
2001-07-30 04:58:07 +00:00
Wez Furlong
8ca519ca88
Change a load of E_ERRORS into E_WARNINGs; it was being a bit too severe,
...
which meant that scripts could not identify (or even display) errors before
PHP bailed out.
2001-07-05 21:18:21 +00:00
Rasmus Lerdorf
81e2cf03ac
Fix folding and clean up some extensions
2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d
vim-6 does folding - clean up a bunch of missing folding tags plus
...
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
2001-06-05 13:12:10 +00:00
Stig Bakken
1beda9ee1e
* include "config.h" if HAVE_CONFIG_H is defined (for standalone dso build)
2001-05-24 10:07:29 +00:00
Wez Furlong
b379cd968c
Merged and adapted a patch from Sascha Kettler <kettler@gmx.net> that provides
...
some asymmetric RSA encrypt/decrypt functions.
2001-05-04 23:42:11 +00:00
Andi Gutmans
4c823e8a89
- Change macros from V_ to VCWD_ because of AIX name clash
2001-04-30 12:45:02 +00:00
Wez Furlong
486d3bef18
Fix for Bug #10168 (is_dst undeclared)
2001-04-05 08:40:27 +00:00
Wez Furlong
1d71f04b44
changed the flags parameters to be a bitfield + constants (I don't know what
...
I was thinking!). Added a couple of extra parameters so that the equivalent
functionality of the openssl smime command can be pretty much used in full.
Added some more error reporting.
2001-04-02 23:14:01 +00:00
Wez Furlong
4fa9c7477b
added some more error reporting and did a little tidying.
2001-04-02 01:31:08 +00:00
Wez Furlong
4cec53ac28
Added whole bunch of PKCS7 (S/MIME) functions and made the key/cert params
...
a bit more friendly to use. See the README for more info.
2001-04-01 23:06:15 +00:00