clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 10:27:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
75,553 Commits 491 Branches 1,363 Tags 838 MiB
d963cf94a5
Commit Graph

310 Commits

Author SHA1 Message Date
Stanislav Malyshev
8bc82718ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66942: openssl_seal() memory leak
  ws fix

Conflicts:
	ext/openssl/openssl.c
 2014-04-14 13:35:24 -07:00
Chuan Ma
a186312832 Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:24:14 -07:00
Remi Collet
e1d8c0a051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #66833 Default digest algo is still MD5
 2014-03-14 09:52:02 +01:00
Remi Collet
17f6391bf8 Fixed Bug #66833 Default digest algo is still MD5 
Switch to SHA1, which match internal openssl hardcoded algo.

In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value

Recent system reject MD5 digest, noticed in bug36732.phpt failure.

While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
 2014-03-14 09:50:15 +01:00
Lior Kaplan
356c442558 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Typo fix: sicret -> secret
 2014-03-13 12:40:14 +02:00
Michael Meyer
737c187013 Typo fix: sicret -> secret 2014-03-13 12:37:25 +02:00
Daniel Lowrey
a7d3606650 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Skip failing tests when EC unavailable (RHEL)

Conflicts:
	ext/openssl/openssl.c
 2014-02-19 04:01:08 -07:00
Daniel Lowrey
633f898f15 Skip failing tests when EC unavailable (RHEL) 2014-02-19 03:57:37 -07:00
Daniel Lowrey
bd9aa181dc Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed broken build when EC unavailable
 2014-02-17 19:38:30 -05:00
Daniel Lowrey
a80cec1190 Fixed broken build when EC unavailable 2014-02-17 18:55:39 -05:00
Daniel Lowrey
65adb74984 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:15:24 -07:00
mk-j
19524fc6fe Fix for bug66501 - "key type not supported in this PHP build" 2014-02-14 18:11:46 -07:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Stanislav Malyshev
41cd533298 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:35:26 -08:00
Stanislav Malyshev
71daf3229b Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse

Conflicts:
	configure.in
	main/php_version.h
 2013-12-10 11:34:35 -08:00
Stanislav Malyshev
c1224573c7 Fix CVE-2013-6420 - memory corruption in openssl_x509_parse 2013-12-10 11:03:49 -08:00
Michael Wallner
3b3c57e79e Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  C89 compatibility
 2013-10-09 12:30:42 +02:00
Michael Wallner
22700890d4 C89 compatibility 2013-10-09 12:30:31 +02:00
Michael Wallner
36fb4ed968 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed segfault when built with OpenSSL >= 1.0.1
  fixing a minor typo in CODING_STANDARDS document
  FIX BUG #65219 - Typo correction
  FIX BUG #65219 - USE DB not being sent for FreeTDS version < 0.92 FreeTDS <0.92 does not support DBSETLDBNAME option and therefore will not work with SQL Azure. Fallback to dbuse command in letter versions.
 2013-10-09 09:17:48 +02:00
Daniel Lowrey
b026993a74 Fixed segfault when built with OpenSSL >= 1.0.1 
(PR #481)
 2013-10-09 09:17:25 +02:00
Christopher Jones
1a00b9bd26 Remove compile warning: 
warning: unused variable ‘j’ [-Wunused-variable]
 2013-08-19 17:58:42 -07:00
Christopher Jones
cf7f50748a Remove compile warnings: 
variable ‘obj_cnt’ set but not used [-Wunused-but-set-variable]
  unused variable ‘last’ [-Wunused-variable]
  unused variable ‘j’ [-Wunused-variable]
 2013-08-19 17:44:36 -07:00
Stanislav Malyshev
8e0f110099 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix using wrong buffer pointer
 2013-08-19 01:04:19 -07:00
Stanislav Malyshev
cf96aa155e Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  fix using wrong buffer pointer
 2013-08-19 01:03:18 -07:00
Stanislav Malyshev
c1c49d6e39 fix using wrong buffer pointer 2013-08-19 01:02:12 -07:00
Stanislav Malyshev
bd29ff7c38 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for php bug #64802 includes test case

Conflicts:
	ext/openssl/openssl.c
 2013-08-18 15:45:17 -07:00
Mark Jones
9973658a44 Fix for php bug #64802 includes test case 2013-08-18 15:42:37 -07:00
Christopher Jones
39612afc72 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/dba/libinifile/inifile.c
 2013-08-14 20:43:25 -07:00
Christopher Jones
9ad97cd489 Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings. 2013-08-14 20:36:50 -07:00
Stanislav Malyshev
2b9f5ac252 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
 2013-08-13 22:25:47 -07:00
Stanislav Malyshev
dcea4ec698 Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:24:11 -07:00
Stanislav Malyshev
2874696a5a Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:20:33 -07:00
Anatol Belski
f00d796b7e fix missing include 2013-07-23 18:06:51 +02:00
Stanislav Malyshev
0841eca580 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()
 2013-02-17 13:29:34 -08:00
Stanislav Malyshev
7b0107cc5d fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() 2013-02-17 13:28:42 -08:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Xinchen Hui
a2045ff332 Happy New Year~ 2013-01-01 16:02:16 +08:00
Stanislav Malyshev
088640adb2 Merge branch 'PHp-5.4' 
* PHp-5.4:
  news for bug #61421
  commit for php bug 61421 enabling SHA2 and RMD160 for openssl signature verification
 2012-09-15 23:02:44 -07:00
Mark Jones
84202c367e commit for php bug 61421 
enabling SHA2 and RMD160 for openssl signature verification
 2012-09-15 22:59:34 -07:00
Stanislav Malyshev
c7be96b08f Revert "Add PBKDF2 support via openssl()" 
This reverts commit b5b8ea1050.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:22:49 -07:00
Stanislav Malyshev
a2bfad051d Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell." 
This reverts commit bccd1e672f.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:21:54 -07:00
Scott MacVicar
5b3c9f4fd1 One more time 2012-06-11 16:23:27 -07:00
Scott MacVicar
bcd671d999 Merge branch '5.4' 
* 5.4:
  Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell.
  Add PBKDF2 support via openssl()

Conflicts:
	ext/openssl/openssl.c
 2012-06-11 16:04:01 -07:00
Scott MacVicar
aadf59dfa4 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 15:59:58 -07:00
Scott MacVicar
bccd1e672f Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 15:41:41 -07:00
Scott MacVicar
b5b8ea1050 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 13:35:25 -07:00
Scott MacVicar
b481ebae55 Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 12:38:54 -07:00
Felipe Pena
733aaf23b1 - Fixed build (PKCS5_PBKDF2_HMAC is from 1.0.0) 2012-06-11 14:08:38 -03:00