summaryrefslogtreecommitdiff
path: root/ext/openssl/openssl.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-08-041-4/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c
| * Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytesStanislav Malyshev2015-07-261-4/+2
| |
* | Add RAND_egd check for compiling against LibreSSLLeigh2015-03-271-0/+2
| |
* | Fix ZTS buildDaniel Lowrey2015-03-051-1/+1
| |
* | Fix bug #67403 (Add signatureType to openssl_x509_parse)Daniel Lowrey2015-03-051-6/+7
| |
* | Bump yearXinchen Hui2015-01-151-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2015-01-141-2/+2
|\ \ | |/ | | | | | | | | * PHP-5.4: Update NEWS Fixed bug #55618 (use case-insensitive cert name matching)
| * Fixed bug #55618 (use case-insensitive cert name matching)Daniel Lowrey2015-01-141-2/+2
| |
* | fix permsRemi Collet2014-12-161-0/+0
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-07-281-6/+7
|\ \ | |/ | | | | | | * PHP-5.4: Fix missing type checks in various functions
| * Fix missing type checks in various functionsStanislav Malyshev2014-07-271-6/+7
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-06-081-5/+17
|\ \ | |/ | | | | | | * PHP-5.4: Added support for parsing ssl certificates using GeneralizedTime format.
| * Added support for parsing ssl certificates using GeneralizedTime format.Paul Oehler2014-06-081-5/+17
| | | | | | | | | | fix bug #65698 fix bug #66636
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-04-141-12/+12
|\ \ | |/ | | | | | | | | | | | | | | * PHP-5.4: Fix #66942: openssl_seal() memory leak ws fix Conflicts: ext/openssl/openssl.c
| * Fix #66942: openssl_seal() memory leakChuan Ma2014-04-141-12/+12
| | | | | | | | Fix #66952: memory leak in openssl_open()
* | Merge branch 'PHP-5.4' into PHP-5.5Remi Collet2014-03-141-1/+1
|\ \ | |/ | | | | | | | | * PHP-5.4: NEWS Fixed Bug #66833 Default digest algo is still MD5
| * Fixed Bug #66833 Default digest algo is still MD5Remi Collet2014-03-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (default_md) - fallback on system config - fallback on this default value Recent system reject MD5 digest, noticed in bug36732.phpt failure. While SHA1 is better than MD5, SHA256 is recommenced, and defined as default algo in provided configuration on recent system (Fedora 21, RHEL-7, ...). But the idea is to keep in sync with openssl internal value for PHP internal value.
* | Merge branch 'PHP-5.4' into PHP-5.5Lior Kaplan2014-03-131-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: Typo fix: sicret -> secret
| * Typo fix: sicret -> secretMichael Meyer2014-03-131-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-191-4/+8
|\ \ | |/ | | | | | | | | | | | | * PHP-5.4: Skip failing tests when EC unavailable (RHEL) Conflicts: ext/openssl/openssl.c
| * Skip failing tests when EC unavailable (RHEL)Daniel Lowrey2014-02-191-4/+8
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-171-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: Fixed broken build when EC unavailable
| * Fixed broken build when EC unavailableDaniel Lowrey2014-02-171-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-141-0/+9
|\ \ | |/ | | | | | | * PHP-5.4: Fix for bug66501 - "key type not supported in this PHP build"
| * Fix for bug66501 - "key type not supported in this PHP build"mk-j2014-02-141-0/+9
| |
| * Bump yearXinchen Hui2014-01-031-1/+1
| |
* | Bump yearXinchen Hui2014-01-031-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2013-12-101-4/+14
|\ \ | |/ | | | | | | | | * PHP-5.4: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
| * Merge branch 'PHP-5.3' into PHP-5.4Stanislav Malyshev2013-12-101-4/+14
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.3: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse Conflicts: configure.in main/php_version.h
| | * Fix CVE-2013-6420 - memory corruption in openssl_x509_parseStanislav Malyshev2013-12-101-4/+14
| | |
* | | Merge branch 'PHP-5.4' into PHP-5.5Michael Wallner2013-10-091-12/+14
|\ \ \ | |/ / | | | | | | | | | * PHP-5.4: C89 compatibility
| * | C89 compatibilityMichael Wallner2013-10-091-12/+14
| | |
* | | Merge branch 'PHP-5.4' into PHP-5.5Michael Wallner2013-10-091-5/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.4: Fixed segfault when built with OpenSSL >= 1.0.1 fixing a minor typo in CODING_STANDARDS document FIX BUG #65219 - Typo correction FIX BUG #65219 - USE DB not being sent for FreeTDS version < 0.92 FreeTDS <0.92 does not support DBSETLDBNAME option and therefore will not work with SQL Azure. Fallback to dbuse command in letter versions.
| * | Fixed segfault when built with OpenSSL >= 1.0.1Daniel Lowrey2013-10-091-5/+6
| | | | | | | | | | | | (PR #481)
* | | Remove compile warning:Christopher Jones2013-08-191-1/+1
| | | | | | | | | | | | warning: unused variable ‘j’ [-Wunused-variable]
* | | Remove compile warnings:Christopher Jones2013-08-191-2/+1
| | | | | | | | | | | | | | | | | | variable ‘obj_cnt’ set but not used [-Wunused-but-set-variable] unused variable ‘last’ [-Wunused-variable] unused variable ‘j’ [-Wunused-variable]
* | | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2013-08-191-0/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-5.4: fix using wrong buffer pointer
| * | Merge branch 'PHP-5.3' into PHP-5.4Stanislav Malyshev2013-08-191-0/+1
| |\ \ | | |/ | | | | | | | | | * PHP-5.3: fix using wrong buffer pointer
| | * fix using wrong buffer pointerStanislav Malyshev2013-08-191-0/+1
| | |
| | * Fix CVE-2013-4073 - handling of certs with null bytesStanislav Malyshev2013-08-131-2/+84
| | |
| | * Happy New Year~Xinchen Hui2013-01-011-1/+1
| | |
| | * Fix bug #61413 ext\openssl\tests\openssl_encrypt_crash.phpt fails 5.3 onlyAnatoliy Belsky2012-04-241-1/+1
| | |
| | * Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).Scott MacVicar2012-02-231-0/+4
| | |
| | * - Year++Felipe Pena2012-01-011-1/+1
| | |
| | * Fix segfault in older versions of OpenSSL (before 0.9.8i)Scott MacVicar2011-12-181-1/+3
| | |
| | * - Make usage of new PHP_FE_END macroFelipe Pena2011-07-251-1/+1
| | |
| | * openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to ↵Scott MacVicar2011-07-191-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the default size for the case of a variable key length cipher. The result is a key of 448 bits being passed to the blowfish algorithm would be truncated to 128 bit. Also fixed an error in the zend_parse_parameters() having an invalid character being used.
| | * - did I not kill that already? (do not use rand_screen, pointless on server ↵Pierre Joye2011-06-161-4/+0
| | | | | | | | | | | | and not TS)
| | * MFH: The project calls itself OpenSSL and not openSSL, so let's keep itMartin Jansen2011-04-251-2/+2
| | | | | | | | | | | | | | | that way in our code as well.
| | * SSLV2 patch cleanupRasmus Lerdorf2011-04-241-0/+4
| | |
View Lorry Controller Status