diff options
| author | Anatoliy Belsky <ab@php.net> | 2012-10-24 13:38:44 +0200 |
|---|---|---|
| committer | Anatoliy Belsky <ab@php.net> | 2012-10-24 13:38:44 +0200 |
| commit | a88379e03d806a1218926e9bf2c9bcd74c4124c7 (patch) | |
| tree | 40b475ef98b768ad32ac99c3fd4428264a27a418 /ext/phar | |
| parent | b48e163c35f3d56e151946317e982991199d597a (diff) | |
| download | php-git-a88379e03d806a1218926e9bf2c9bcd74c4124c7.tar.gz | |
Fixed bug #63297 Phar fails to write an openssl based signature
Unitialized values warnings seem to be everyday life
when working with openssl. For more read
http://www.openssl.org/support/faq.html#PROG13
So just fixing so the bug, no care about those
warnings.
Diffstat (limited to 'ext/phar')
| -rw-r--r-- | ext/phar/util.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/ext/phar/util.c b/ext/phar/util.c index cc4457493b..d456ee3b63 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -2119,8 +2119,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat #ifdef PHAR_HAVE_OPENSSL BIO *in; EVP_PKEY *key; - EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); - EVP_MD_CTX md_ctx; + EVP_MD_CTX *md_ctx; in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len)); @@ -2141,15 +2140,30 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat return FAILURE; } + md_ctx = EVP_MD_CTX_create(); + siglen = EVP_PKEY_size(key); sigbuf = emalloc(siglen + 1); - EVP_SignInit(&md_ctx, mdtype); + + if (!EVP_SignInit(md_ctx, EVP_sha1())) { + efree(sigbuf); + if (error) { + spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname); + } + return FAILURE; + } while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) { - EVP_SignUpdate(&md_ctx, buf, sig_len); + if (!EVP_SignUpdate(md_ctx, buf, sig_len)) { + efree(sigbuf); + if (error) { + spprintf(error, 0, "unable to to update the openssl signature for phar \"%s\"", phar->fname); + } + return FAILURE; + } } - if (!EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, key)) { + if (!EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)&siglen, key)) { efree(sigbuf); if (error) { spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname); @@ -2158,7 +2172,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat } sigbuf[siglen] = '\0'; - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_destroy(md_ctx); #else sigbuf = NULL; siglen = 0; |