diff options
| author | Tjerk Meesters <datibbaw@php.net> | 2015-06-26 05:31:54 +0800 |
|---|---|---|
| committer | Tjerk Meesters <datibbaw@php.net> | 2015-06-26 05:33:28 +0800 |
| commit | 2ff3dafccfa4fd0bc031d5165f84593d092148d2 (patch) | |
| tree | 64e08e153a0502afa50bee0f5884f6444225a1b7 /ext/openssl/php_openssl.h | |
| parent | b1ec4515b00739d89ba1c76ed9285b27094ea349 (diff) | |
| download | php-git-2ff3dafccfa4fd0bc031d5165f84593d092148d2.tar.gz | |
Fixed #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
Squashed commit of the following:
commit a64c1d9bc4c129fd946a478bdcb55101e42157b7
Author: Tomasz Sawicki <falundir@gmail.com>
Date: Wed Jun 24 08:49:37 2015 +0200
Fix #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
The "key values mismatch" error is triggered in openssl_pkcs12_read by
PKCS12_parse, because it uses X509_check_private_key to separate main
certificate (which corresponds to private key) from extra certificates.
Extra certificates usually comes first (p12 contents are reversed as
stack) and X509_check_private_key triggers X509_R_KEY_VALUES_MISMATCH
error.
The fix pops "key values mismatch" error from OpenSSL error stack for
each extra certificate if there are any.
Diffstat (limited to 'ext/openssl/php_openssl.h')
| -rw-r--r-- | ext/openssl/php_openssl.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h index 6fbb374ad6..8a6643dd19 100644 --- a/ext/openssl/php_openssl.h +++ b/ext/openssl/php_openssl.h @@ -29,6 +29,8 @@ extern zend_module_entry openssl_module_entry; #define OPENSSL_RAW_DATA 1 #define OPENSSL_ZERO_PADDING 2 +#define OPENSSL_ERROR_X509_PRIVATE_KEY_VALUES_MISMATCH 0x0B080074 + /* Used for client-initiated handshake renegotiation DoS protection*/ #define OPENSSL_DEFAULT_RENEG_LIMIT 2 #define OPENSSL_DEFAULT_RENEG_WINDOW 300 |