diff options
author | Tjerk Meesters <datibbaw@php.net> | 2015-06-26 06:03:29 +0800 |
---|---|---|
committer | Tjerk Meesters <datibbaw@php.net> | 2015-06-26 06:03:29 +0800 |
commit | 03a670eaaa2b89f7b98b62908502ac5736dac2eb (patch) | |
tree | 159bb4b666648a0dcf46b363f16dacb0c9b93c42 | |
parent | 7ceb47477dbaac39d4ee42c3070463e229d2f090 (diff) | |
parent | 2ff3dafccfa4fd0bc031d5165f84593d092148d2 (diff) | |
download | php-git-03a670eaaa2b89f7b98b62908502ac5736dac2eb.tar.gz |
Merge branch 'PHP-5.6'
* PHP-5.6:
Fixed #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | ext/openssl/openssl.c | 8 | ||||
-rw-r--r-- | ext/openssl/php_openssl.h | 2 | ||||
-rw-r--r-- | ext/openssl/tests/bug69882.phpt | 17 | ||||
-rw-r--r-- | ext/openssl/tests/p12_with_extra_certs.p12 | bin | 0 -> 3205 bytes |
5 files changed, 31 insertions, 0 deletions
@@ -9,6 +9,10 @@ . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string). (cmb) +- OpenSSL: + . Fixed bug #69882 (OpenSSL error “key values mismatch” after + openssl_pkcs12_read with extra cert) (Tomasz Sawicki) + 25 Jun 2015, PHP 7.0.0 Alpha 2 - Core: diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index c79447097d..28029a476e 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2575,6 +2575,14 @@ PHP_FUNCTION(openssl_pkcs12_read) X509* aCA = sk_X509_pop(ca); if (!aCA) break; + /* fix for bug 69882 */ + { + int err = ERR_peek_error(); + if (err == OPENSSL_ERROR_X509_PRIVATE_KEY_VALUES_MISMATCH) { + ERR_get_error(); + } + } + bio_out = BIO_new(BIO_s_mem()); if (PEM_write_bio_X509(bio_out, aCA)) { BUF_MEM *bio_buf; diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h index 804e5cf25a..5ff2353777 100644 --- a/ext/openssl/php_openssl.h +++ b/ext/openssl/php_openssl.h @@ -32,6 +32,8 @@ extern zend_module_entry openssl_module_entry; #define OPENSSL_RAW_DATA 1 #define OPENSSL_ZERO_PADDING 2 +#define OPENSSL_ERROR_X509_PRIVATE_KEY_VALUES_MISMATCH 0x0B080074 + /* Used for client-initiated handshake renegotiation DoS protection*/ #define OPENSSL_DEFAULT_RENEG_LIMIT 2 #define OPENSSL_DEFAULT_RENEG_WINDOW 300 diff --git a/ext/openssl/tests/bug69882.phpt b/ext/openssl/tests/bug69882.phpt new file mode 100644 index 0000000000..6963f8db79 --- /dev/null +++ b/ext/openssl/tests/bug69882.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip"); +?> +--FILE-- +<?php +$p12 = file_get_contents(__DIR__.'/p12_with_extra_certs.p12'); + +$result = openssl_pkcs12_read($p12, $cert_data, 'qwerty'); +var_dump($result); +var_dump(openssl_error_string()); +?> +--EXPECTF-- +bool(true) +bool(false) diff --git a/ext/openssl/tests/p12_with_extra_certs.p12 b/ext/openssl/tests/p12_with_extra_certs.p12 Binary files differnew file mode 100644 index 0000000000..b3ba2230ec --- /dev/null +++ b/ext/openssl/tests/p12_with_extra_certs.p12 |