Nikita Popov
2cd2ca8884
Merge branch 'PHP-7.4' into PHP-8.0
...
* PHP-7.4:
Revert "Add missing X509 purpose constants"
2020-10-12 12:56:21 +02:00
Nikita Popov
41e4a77077
Revert "Add missing X509 purpose constants"
...
This reverts commit 1e53e14bc3
.
This fails on Travis.
2020-10-12 12:56:07 +02:00
Nikita Popov
da60849fa1
Merge branch 'PHP-7.4' into PHP-8.0
...
* PHP-7.4:
Add missing X509 purpose constants
2020-10-12 11:53:22 +02:00
Vincent JARDIN
1e53e14bc3
Add missing X509 purpose constants
...
X509_PURPOSE_OCSP_HELPER, X509_PURPOSE_TIMESTAMP_SIGN are available
from OpenSSL for many years:
- X509_PURPOSE_OCSP_HELPER, since 2001
- X509_PURPOSE_TIMESTAMP_SIGN, since 2006
Also drop the ifdef check for X509_PURPOSE_ANY, as it is always
available in supported OpenSSL versions.
Closes GH-6312.
2020-10-12 11:51:08 +02:00
Nikita Popov
62c6d6952e
Add test instantiating all objects
...
Intended to find issues in opaque object destructors.
Closes GH-6251.
2020-10-01 18:37:24 +02:00
Stanislav Malyshev
e14f835d8c
Merge branch 'PHP-7.4'
...
* PHP-7.4:
Update UPGRADING
Update UPGRADING
Update NEWS & UPGRADING
Do not decode cookie names anymore
Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
2020-09-28 22:55:37 -07:00
Stanislav Malyshev
c4dc080245
Merge branch 'PHP-7.3' into PHP-7.4
...
* PHP-7.3:
Update UPGRADING
Update NEWS & UPGRADING
Do not decode cookie names anymore
Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
2020-09-28 22:54:57 -07:00
Stanislav Malyshev
a9e4321846
Merge branch 'PHP-7.2' into PHP-7.3
...
* PHP-7.2:
Update NEWS & UPGRADING
Do not decode cookie names anymore
Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
2020-09-28 21:39:34 -07:00
Stanislav Malyshev
0216630ea2
Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
2020-09-26 23:46:53 -07:00
Máté Kocsis
9d9bcc2b7c
Improve parameter names in ext/hash and ext/openssl
...
Closes GH-6156
2020-09-24 22:15:30 +02:00
Nikita Popov
c5401854fc
Run tidy
...
This should fix most of the remaining issues with tabs and spaces
being mixed in tests.
2020-09-18 14:28:32 +02:00
Remi Collet
effa3b0883
missing fix for test for new param. name
2020-09-16 07:58:53 +02:00
Máté Kocsis
fa5a25b8bb
Adjust ext/openssl parameter names
...
Closes GH-6121
2020-09-15 14:27:54 +02:00
Matteo Beccati
385423442a
Fix broken test
...
Since e8e4ddce
2020-09-13 10:02:13 +02:00
Máté Kocsis
e8e4ddce77
Improve parameter handling in ext/openssl
...
Closes GH-6025
2020-09-12 22:08:41 +02:00
Máté Kocsis
c98d47696f
Consolidate new union type ZPP macro names
...
They will now follow the canonical order of types. Older macros are
left intact due to maintaining BC.
Closes GH-6112
2020-09-11 11:00:18 +02:00
Máté Kocsis
9975986b7e
Improve error messages mentioning parameters instead of arguments
...
Closes GH-5999
2020-09-09 10:47:43 +02:00
Nikita Popov
3e14942756
Require $method parameter in openssl_seal/openssl_open
...
RC4 is considered insecure, and it's not possible to change the
default of these functions. As such, require the method to be
passed explicitly.
Closes GH-6093.
2020-09-08 14:21:01 +02:00
George Peter Banyard
4522cbb789
Promote various OpenSSL warnings into Errors
...
Closes GH-5111
2020-08-16 18:59:52 +02:00
Nikita Popov
ca20f36b2a
Fix types in openssl stub
...
These two $recipcert parameters don't use proper union types
right now. They are a bit tricky due to the $recipkey -> $recipcert
fallback.
2020-08-14 15:19:18 +02:00
Nikita Popov
90a2c79be0
Remove some unnnecessary null checks in openssl
...
Remove null checks before EVP_PKEY_free and BIO_free. NULL is a
no-op for both of these. Probably applies to most other freeing
function as well...
2020-08-10 12:10:30 +02:00
Nikita Popov
80d3ce3d19
Improve X509_PKEY management in OpenSSL
...
Remove the free_pkey argument from php_openssl_pkey_from_zval,
instead return an EVP_PKEY that always needs to be freed
(by incrementing refcount if necessary).
This makes the code simpler and fixes a number of bugs in the
existing handling.
Closes GH-5946.
2020-08-10 11:43:49 +02:00
Máté Kocsis
7aacc705d0
Add many missing closing PHP tags to tests
...
Closes GH-5958
2020-08-09 22:03:36 +02:00
Máté Kocsis
bdacd2ae8f
Add a few missing types to stubs
2020-08-01 23:55:08 +02:00
Máté Kocsis
9f44eca6b6
Convert resources to objects in ext/openssl
...
Closes GH-5860
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
2020-08-01 22:47:20 +02:00
Nikita Popov
80b4d49f90
Merge branch 'PHP-7.4'
...
* PHP-7.4:
Fixed bug #79881
2020-07-22 10:21:29 +02:00
Nikita Popov
657a832a77
Fixed bug #79881
2020-07-22 10:21:24 +02:00
Max Semenik
2b5de6f839
Remove proto comments from C files
...
Closes GH-5758
2020-07-06 21:13:34 +02:00
Nikita Popov
0280b83e11
Avoid some unnecessary uses of no_separation=0
...
For the rare cases where references are part of the API,
construct them explicitly. Otherwise do not allow separation.
2020-07-06 19:05:57 +02:00
Fabien Villepinte
0c6d06ecfa
Replace EXPECTF when possible
...
Closes GH-5779
2020-06-29 21:31:44 +02:00
Nikita Popov
c9b9f525a9
Include stub hash in generated arginfo files
...
The hash is used to check whether the arginfo file needs to be
regenerated. PHP-Parser will only be downloaded if this is actually
necessary.
This ensures that release artifacts will never try to regenerate
stubs and thus fetch PHP-Parser, as long as you do not modify any
files.
Closes GH-5739.
2020-06-24 09:55:19 +02:00
Nikita Popov
cd7d96610c
Merge branch 'PHP-7.4'
2020-06-19 09:44:56 +02:00
Nikita Popov
21a2da2349
Generate temporary config file when generating certificates
...
The putenv trick doesn't work on ZTS Windows, so generate a new
openssl config every time.
2020-06-19 09:43:56 +02:00
Nikita Popov
b5f5da4211
Merge branch 'PHP-7.4'
2020-06-18 15:56:14 +02:00
Nikita Popov
8ba0624a09
Downgrade server security level in security level test
...
We want to test the client side error here, so make sure the
server side can start up successfully.
2020-06-18 15:54:02 +02:00
Nikita Popov
472352f5a7
Merge branch 'PHP-7.4'
2020-06-18 15:49:43 +02:00
Nikita Popov
c7fe71c8b7
Add SubjectAltName support to certificate generator
...
And switch tests using SAN certificates to the generator.
This is ugly, but there doesn't seem to be a more direct way
to privide SAN in PHP.
2020-06-18 15:49:08 +02:00
Nikita Popov
c2a6395dcb
Downgrade security level in tests using TLS < 1.2
...
A few additional tests have been added on master that require
lower security level.
2020-06-18 15:08:24 +02:00
Nikita Popov
f3ff070034
Merge branch 'PHP-7.4'
2020-06-18 15:02:02 +02:00
Nikita Popov
72b3987c2d
Generate certificates for bug69215.phpt
2020-06-18 14:58:48 +02:00
Nikita Popov
58ca47aff6
Generate certificate for bug68920.phpt
...
The certificate really doesn't matter here, but it still needs to
comply with security level...
2020-06-18 14:49:15 +02:00
Nikita Popov
dd7d161ccf
Generate certificate for bug65729.pem
...
Make this test pass under security level 2.
2020-06-18 14:43:57 +02:00
Nikita Popov
4f0ae4ad6e
Merge branch 'PHP-7.4'
2020-06-18 14:22:29 +02:00
Nikita Popov
2c0d47c4b4
Revert "Fix tests regarding OpenSSL security_level"
...
This reverts commit b281493503
.
2020-06-18 14:22:20 +02:00
Nikita Popov
51e3cb3916
Don't generate spurious warning is security_level not supported
...
People should not have to worry about the used openssl version
when downgrading security_level.
2020-06-18 14:21:53 +02:00
Christoph M. Becker
5989b09d18
Merge branch 'PHP-7.4'
...
* PHP-7.4:
Fix tests regarding OpenSSL security_level
2020-06-18 13:29:33 +02:00
Christoph M. Becker
b281493503
Fix tests regarding OpenSSL security_level
...
The `security_level` stream option is only available as of OpenSSL
1.1.0, so we only set it for these versions. Older OpenSSL versions
do not have security levels at all.
2020-06-18 13:28:09 +02:00
Nikita Popov
20664d6023
Merge branch 'PHP-7.4'
2020-06-18 10:49:56 +02:00
Nikita Popov
6b702eea15
Migrate some tests to certificate generator
...
This migrates all the tests using ext/openssl/tests/streams_crypto_method.pem
to the certificate generator, so we can easily adjust needed parameters.
In particular, this makes the cert security level 2 compatible.
However, we still need to downgrade security_level to 1 in a number
of tests, because they are testing TLS < 1.2 connections.
2020-06-18 10:49:36 +02:00
Nikita Popov
9b70a831a2
Merge branch 'PHP-7.4'
2020-06-17 22:16:11 +02:00