clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-10-02 07:16:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
89,149 Commits 494 Branches 1,367 Tags 803 MiB
8153286efe
Commit Graph

211 Commits

Author SHA1 Message Date
Anatol Belski
56cbe04381 fix stdin reading in new openssl tests 2014-02-26 11:27:24 +01:00
Daniel Lowrey
bab017ddfd Remove test case invalidated by openssl.cafile accessibility change 2014-02-25 13:02:13 -07:00
Daniel Lowrey
bd95716b8e Merge branch 'windowsPeerVerification' of https://github.com/DaveRandom/php-src into PHP-5.6 
* 'windowsPeerVerification' of https://github.com/DaveRandom/php-src:
  Update openssl tests with new server/client test harness
  Add peer certificate verification on windows
 2014-02-25 12:43:52 -07:00
Daniel Lowrey
a4c7ab8399 Remove openssl tests that shouldn't have survived last merge 
These are .phpt files I meant to remove with the last batch as
the same functionality is now covered in other tests and these
are no longer needed.
 2014-02-25 09:59:13 -07:00
Chris Wright
d6fb7b8f2e Update openssl tests with new server/client test harness 2014-02-25 16:51:50 +00:00
Daniel Lowrey
b6edbd5897 Mitigate client-initiated SSL renegotiation DoS 2014-02-21 06:31:56 -07:00
Daniel Lowrey
9f94e0b51c Improve OpenSSL compile flag compatibility, minor updates 2014-02-20 17:23:34 -07:00
Daniel Lowrey
3a9829af20 Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests 2014-02-20 17:10:06 -07:00
Daniel Lowrey
081c8e9d92 Add 'capture_session_meta' context option 2014-02-20 17:10:06 -07:00
Daniel Lowrey
e272225e2a Merge branch 'bug-65538' of https://github.com/rdlowrey/php-src into PHP-5.6 
* 'bug-65538' of https://github.com/rdlowrey/php-src:
  Add tests for Bug #65538
  Fix Bug #65538 (cafile now supports stream wrappers)
 2014-02-19 04:17:33 -07:00
Daniel Lowrey
d9036d14f7 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Skip failing tests when EC unavailable (RHEL)
 2014-02-19 04:01:57 -07:00
Daniel Lowrey
a7d3606650 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Skip failing tests when EC unavailable (RHEL)

Conflicts:
	ext/openssl/openssl.c
 2014-02-19 04:01:08 -07:00
Daniel Lowrey
633f898f15 Skip failing tests when EC unavailable (RHEL) 2014-02-19 03:57:37 -07:00
Daniel Lowrey
2a83295b14 Add tests for Bug #65538 2014-02-16 09:20:43 -07:00
Daniel Lowrey
b60cb2b88a Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:20:01 -07:00
Daniel Lowrey
65adb74984 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:15:24 -07:00
mk-j
19524fc6fe Fix for bug66501 - "key type not supported in this PHP build" 2014-02-14 18:11:46 -07:00
Daniel Lowrey
ce8dc0ede2 Bug #47030 (separate host and peer verification) 2014-02-14 15:17:30 -07:00
Daniel Lowrey
f073588e75 Fix test broken if openssl is compiled without sslv2 2014-02-14 13:39:02 -07:00
Daniel Lowrey
b4b4d9697f Verify peers by default in client socket operations 2014-01-28 10:05:56 -07:00
Anatol Belski
e9efc16660 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:33:37 +01:00
Anatol Belski
b6bcae5c10 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:33:16 +01:00
Anatol Belski
ff89066b3d Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  fix dir separator in cve-2013-6420 test
 2013-12-11 13:32:49 +01:00
Anatol Belski
6f739318fd fix dir separator in cve-2013-6420 test 2013-12-11 13:31:29 +01:00
Stanislav Malyshev
293984ac33 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:36:06 -08:00
Stanislav Malyshev
41cd533298 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:35:26 -08:00
Stanislav Malyshev
71daf3229b Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse

Conflicts:
	configure.in
	main/php_version.h
 2013-12-10 11:34:35 -08:00
Stanislav Malyshev
c1224573c7 Fix CVE-2013-6420 - memory corruption in openssl_x509_parse 2013-12-10 11:03:49 -08:00
Michael Wallner
b95f9fa0aa previous revert killed that file 2013-10-17 15:32:18 +02:00
Michael Wallner
3f2fba4c34 Merge branch 'updated_tls_support' of https://github.com/rdlowrey/php-src 
* 'updated_tls_support' of https://github.com/rdlowrey/php-src:
  Added support for TLSv1.1 and TLSv1.2

Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 15:27:15 +02:00
Michael Wallner
dd3a4c303b Merge branch 'PHP-5.5' 
* PHP-5.5:
  Revert "TLS news"
  Revert "Added support for TLSv1.1 and TLSv1.2"
 2013-10-17 15:22:07 +02:00
Michael Wallner
8aaecef524 Revert "Added support for TLSv1.1 and TLSv1.2" 
This reverts commit 2aaa3d538a.
 2013-10-17 15:20:38 +02:00
Michael Wallner
ad0a85b9e2 fix ws 2013-10-17 15:09:28 +02:00
Michael Wallner
5a7ca69e56 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Added support for TLSv1.1 and TLSv1.2

Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 14:53:50 +02:00
Daniel Lowrey
2aaa3d538a Added support for TLSv1.1 and TLSv1.2 
Conflicts:
	ext/openssl/xp_ssl.c
 2013-10-17 14:49:44 +02:00
Daniel Lowrey
a40dd6e963 Changed return types to zend_bool, renamed test 2013-10-09 09:55:36 -04:00
Daniel Lowrey
2ddefbd2b3 Added support for TLSv1.1 and TLSv1.2 2013-10-08 14:09:17 -04:00
Daniel Lowrey
1970b96443 Added SAN matching during peer verification 2013-10-08 12:37:44 -04:00
Michael Wallner
ea0578e223 Merge branch 'ssl-streams-crypto-method' of https://github.com/mj/php-src 
* 'ssl-streams-crypto-method' of https://github.com/mj/php-src:
  Add unit test that covers setting the crypto method.
  Streams for ssl:// transports can now be configured to use a specific crypto method (SSLv3, SSLv2 etc.) by calling
 2013-10-08 16:10:00 +02:00
Michael Wallner
8300ced2f7 Merge branch 'bug65729' of https://github.com/datibbaw/php-src 
* 'bug65729' of https://github.com/datibbaw/php-src:
  DNS name comparison is now case insensitive.
  Use zend_bool as return value for _match()
  Added two more test cases for CN matching.
  yay, reduced one variable
  Fixed bug that would lead to out of bounds memory access
  added better wildcard matching for CN
 2013-10-08 15:58:28 +02:00
datibbaw
6106896440 DNS name comparison is now case insensitive. 2013-10-08 10:07:54 +08:00
Tjerk Meesters
674dd73f8c Added two more test cases for CN matching. 2013-10-07 22:10:05 +08:00
Martin Jansen
047877e810 Add unit test that covers setting the crypto method. 2013-10-04 21:55:29 +02:00
datibbaw
edd93f3452 Support string and array for peer fingerprint matching 2013-09-27 14:13:11 +08:00
Tjerk Meesters
1c7cabb2ca add md5 and sha1 fingerprint tests 2013-09-23 23:29:17 +08:00
Tjerk Meesters
2bfc5a253b Renamed to be more descriptive of what it does 2013-09-23 00:51:17 +08:00
Tjerk Meesters
521a5c9568 don't leak cert on errors, return null on zpp failure 2013-09-21 18:24:00 +08:00
Tjerk Meesters
8915c3fb4f added better wildcard matching for CN 2013-09-21 16:45:20 +08:00
Tjerk Meesters
a97aec16c0 Added test case for openssl_x509_digest() 2013-09-20 23:29:04 +08:00
Stanislav Malyshev
12c2a8a5eb Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix for php bug #64802 includes test case
 2013-08-18 16:55:03 -07:00
Stanislav Malyshev
bd29ff7c38 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for php bug #64802 includes test case

Conflicts:
	ext/openssl/openssl.c
 2013-08-18 15:45:17 -07:00
Mark Jones
9973658a44 Fix for php bug #64802 includes test case 2013-08-18 15:42:37 -07:00
Stanislav Malyshev
4da6273092 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
 2013-08-13 22:26:32 -07:00
Stanislav Malyshev
2b9f5ac252 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
 2013-08-13 22:25:47 -07:00
Stanislav Malyshev
dcea4ec698 Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:24:11 -07:00
Stanislav Malyshev
2874696a5a Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:20:33 -07:00
Stanislav Malyshev
8ac131503d Merge branch 'PHP-5.5' 
* PHP-5.5:
  Merge branch 'pull-request/341'
  Merge branch 'pull-request/341'
 2013-06-10 14:31:57 -07:00
Stanislav Malyshev
02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
jas-
8f56ac8401 Address feature request #38917 for native SPKAC (HTML5 keygen element) support 2013-05-06 16:36:06 -06:00
Stanislav Malyshev
0841eca580 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()
 2013-02-17 13:29:34 -08:00
Stanislav Malyshev
7b0107cc5d fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() 2013-02-17 13:28:42 -08:00
Stanislav Malyshev
c7be96b08f Revert "Add PBKDF2 support via openssl()" 
This reverts commit b5b8ea1050.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:22:49 -07:00
Stanislav Malyshev
a2bfad051d Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell." 
This reverts commit bccd1e672f.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:21:54 -07:00
Scott MacVicar
bccd1e672f Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 15:41:41 -07:00
Scott MacVicar
b5b8ea1050 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 13:35:25 -07:00
Scott MacVicar
b481ebae55 Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 12:38:54 -07:00
Felipe Pena
733aaf23b1 - Fixed build (PKCS5_PBKDF2_HMAC is from 1.0.0) 2012-06-11 14:08:38 -03:00
Scott MacVicar
f4847efc5d Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 00:24:44 -07:00
Anatoliy Belsky
fa0d507923 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fix bug #61401 ext\openssl\tests\004.phpt fails
  Fix bug #61404 ext\openssl\tests\021.phpt fails
  Fix bug #61448 intl tests fail with icu >= 4.8
 2012-03-28 17:13:16 +02:00
Anatoliy Belsky
bff8152565 Fix bug #61401 ext\openssl\tests\004.phpt fails 2012-03-28 17:11:58 +02:00
Anatoliy Belsky
4c5b427124 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:15:36 +02:00
Anatoliy Belsky
bd7bb973b1 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:04:56 +02:00
Anatoliy Belsky
8d7a489b97 Merge branch '5.3' into 5.4 
* 5.3:
  Fix bug #61405 ext\openssl\tests\022.phpt fails
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 16:15:15 +02:00
Anatoliy Belsky
b638d3020c Fix bug #61405 ext\openssl\tests\022.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
e55718b091 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
7fdd35d697 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:25 +02:00
Olivier DOUCET
ad832abba1 test for bug #61124 2012-02-25 13:27:57 +00:00
Olivier DOUCET
118dd43555 test for bug #61124 2012-02-25 13:27:57 +00:00
Christopher Jones
b0678ea229 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Christopher Jones
73ccc0a5e9 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Rasmus Lerdorf
f6f283c3e2 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
8d5f83dde5 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
60df9abf95 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e4fb44c8b6 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e24b6cdf56 Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00
Rasmus Lerdorf
f3a7ba75cf Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00
Rasmus Lerdorf
21c776850c According to the reports on qa this test is failing the same way for everyone. 
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 2012-02-05 09:32:20 +00:00
Rasmus Lerdorf
a06e8ca56d According to the reports on qa this test is failing the same way for everyone. 
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 2012-02-05 09:32:20 +00:00
Scott MacVicar
6c841dfda3 Add tests for OpenSSL crash. 2011-12-19 03:09:05 +00:00
Scott MacVicar
c36926ba4c Add tests for OpenSSL crash. 2011-12-19 03:09:05 +00:00
Gustavo André dos Santos Lopes
da4a27333d - ext/openssl/tests/bug36732.phpt more portable. 2011-09-14 10:55:46 +00:00
Gustavo André dos Santos Lopes
4de9123b85 - ext/openssl/tests/bug36732.phpt more portable. 2011-09-14 10:55:46 +00:00
Gustavo André dos Santos Lopes
428ef23067 - Fixed test ext/openssl/tests/004.phpt. 
- Made ext/openssl/tests/bug55646.phpt more reproducible by giving it a custom
  openssl.cnf.
 2011-09-14 09:56:59 +00:00
Gustavo André dos Santos Lopes
b6aabaae59 - Test for bug #55646. 2011-09-12 20:05:07 +00:00
Hannes Magnusson
41db75ccbe Fix the path to the .pem 2011-09-08 09:27:47 +00:00
Hannes Magnusson
7e986b2a46 Fix the path to the .pem 2011-09-08 09:27:47 +00:00
Ryan Biesemeyer
5dc5c26a5f removing openssl test for bug #55169 per Scott MacVicar's request; duplicate coverage of opensssl_random_pseudo_bytes.phpt 2011-07-20 21:25:39 +00:00
Ryan Biesemeyer
530311f4ba removing openssl test for bug #55169 per Scott MacVicar's request; duplicate coverage of opensssl_random_pseudo_bytes.phpt 2011-07-20 21:25:39 +00:00
Ryan Biesemeyer
7acdad749c update test for bug #55169, fix skipif 2011-07-20 21:13:03 +00:00