summaryrefslogtreecommitdiff
path: root/ext/openssl
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-08-041-4/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c
| * Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytesStanislav Malyshev2015-07-261-4/+2
| |
* | Fix Bug #69402: Reading empty SSL stream hangs until timeoutDaniel Lowrey2015-04-141-4/+9
| |
* | Add RAND_egd check for compiling against LibreSSLLeigh2015-03-272-0/+3
| |
* | Fix crypto stream timeout regressionsDaniel Lowrey2015-03-091-18/+19
| |
* | Fix ZTS buildDaniel Lowrey2015-03-051-1/+1
| |
* | Fix bug #67403 (Add signatureType to openssl_x509_parse)Daniel Lowrey2015-03-053-8/+44
| |
* | fix conditionAnatol Belski2015-02-131-1/+1
| |
* | Miscellaneous cleanupDaniel Lowrey2015-02-091-28/+28
| |
* | Update xp_ssl.cBrad Broerman2015-02-041-2/+2
| | | | | | Added TSRMLS_CC to php_openssl_sockop_io calls.
* | reneg and should_close are not yet members of sslsock. Removing...Brad Broerman2015-01-281-9/+1
| |
* | Updated with SSL fixes (backported from trunk)Brad Broerman2015-01-281-45/+159
| |
* | Bump yearXinchen Hui2015-01-153-3/+3
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2015-01-141-2/+2
|\ \ | |/ | | | | | | | | * PHP-5.4: Update NEWS Fixed bug #55618 (use case-insensitive cert name matching)
| * Fixed bug #55618 (use case-insensitive cert name matching)Daniel Lowrey2015-01-141-2/+2
| |
| * Revert xp_ssl.c to the state of 5.4.32 due to regressionsStanislav Malyshev2014-09-261-61/+0
| |
* | fix permsRemi Collet2014-12-161-0/+0
| |
* | Revert "Bug #41631: Observe socket read timeouts in SSL streams"Julien Pauli2014-10-151-46/+0
| | | | | | | | | | | | | | This reverts commit 6569db88081562f68a4f79e52cba83482bdf05fc. Conflicts: ext/openssl/xp_ssl.c
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-09-091-12/+14
|\ \ | |/ | | | | | | | | * PHP-5.4: Bug #41631: Fix regression from first attempt (6569db8) Bug #67965: Fix blocking behavior in non-blocking crypto streams
| * Bug #41631: Fix regression from first attempt (6569db8)Daniel Lowrey2014-09-091-1/+1
| |
| * Bug #67965: Fix blocking behavior in non-blocking crypto streamsDaniel Lowrey2014-09-091-11/+13
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Chris Wright2014-08-271-0/+13
|\ \ | |/ | | | | | | | | | | | | * PHP-5.4: Fix stream_select() issue with OpenSSL buffer Conflicts: ext/openssl/xp_ssl.c
| * Fix stream_select() issue with OpenSSL bufferChris Wright2014-08-271-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | Ensure data from OpenSSL internal buffer has been transfered to PHP stream buffer before a select() emulation operation is performed Addresses bug #65137 https://bugs.php.net/bug.php?id=65137 Conflicts: ext/openssl/xp_ssl.c
* | Bug #67850: Build when OpenSSL compiled without SSLv3 supportDaniel Lowrey2014-08-251-0/+10
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Anatol Belski2014-08-071-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: fix TS build
| * fix TS buildAnatol Belski2014-08-071-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-08-071-0/+46
|\ \ | |/ | | | | | | * PHP-5.4: Bug #41631: Observe socket read timeouts in SSL streams
| * Bug #41631: Observe socket read timeouts in SSL streamsDaniel Lowrey2014-08-071-0/+46
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-07-282-6/+19
|\ \ | |/ | | | | | | * PHP-5.4: Fix missing type checks in various functions
| * Fix missing type checks in various functionsStanislav Malyshev2014-07-272-6/+19
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-06-084-6/+65
|\ \ | |/ | | | | | | * PHP-5.4: Added support for parsing ssl certificates using GeneralizedTime format.
| * Added support for parsing ssl certificates using GeneralizedTime format.Paul Oehler2014-06-084-6/+65
| | | | | | | | | | fix bug #65698 fix bug #66636
* | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-04-141-12/+12
|\ \ | |/ | | | | | | | | | | | | | | * PHP-5.4: Fix #66942: openssl_seal() memory leak ws fix Conflicts: ext/openssl/openssl.c
| * Fix #66942: openssl_seal() memory leakChuan Ma2014-04-141-12/+12
| | | | | | | | Fix #66952: memory leak in openssl_open()
* | Merge branch 'PHP-5.4' into PHP-5.5Remi Collet2014-03-142-2/+1
|\ \ | |/ | | | | | | | | * PHP-5.4: NEWS Fixed Bug #66833 Default digest algo is still MD5
| * Fixed Bug #66833 Default digest algo is still MD5Remi Collet2014-03-142-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (default_md) - fallback on system config - fallback on this default value Recent system reject MD5 digest, noticed in bug36732.phpt failure. While SHA1 is better than MD5, SHA256 is recommenced, and defined as default algo in provided configuration on recent system (Fedora 21, RHEL-7, ...). But the idea is to keep in sync with openssl internal value for PHP internal value.
* | Merge branch 'PHP-5.4' into PHP-5.5Lior Kaplan2014-03-131-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: Typo fix: sicret -> secret
| * Typo fix: sicret -> secretMichael Meyer2014-03-131-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Remi Collet2014-03-061-0/+1
|\ \ | |/ | | | | | | * PHP-5.4: Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
| * Set default Digest Message to use SHA1 instead of MD5 in openssl testsRemi Collet2014-03-061-0/+1
| | | | | | | | | | | | as MD5 signature are now rejected by newer openssl Version. Noticed in RHEL-7 and Fedora 21 build.
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-193-4/+10
|\ \ | |/ | | | | | | | | | | | | * PHP-5.4: Skip failing tests when EC unavailable (RHEL) Conflicts: ext/openssl/openssl.c
| * Skip failing tests when EC unavailable (RHEL)Daniel Lowrey2014-02-193-4/+10
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-171-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: Fixed broken build when EC unavailable
| * Fixed broken build when EC unavailableDaniel Lowrey2014-02-171-1/+1
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Daniel Lowrey2014-02-142-0/+30
|\ \ | |/ | | | | | | * PHP-5.4: Fix for bug66501 - "key type not supported in this PHP build"
| * Fix for bug66501 - "key type not supported in this PHP build"mk-j2014-02-142-0/+30
| |
| * Bump yearXinchen Hui2014-01-033-3/+3
| |
* | Bump yearXinchen Hui2014-01-033-3/+3
| |
* | Fixed bug #65486 mysqli_poll() is broken on Win x64Anatol Belski2013-12-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While this issue is visible in mysqli_poll() functions, the cause lays deeper in the stream to socket casting API. On Win x64 the SOCKET datatype is a 64 or 32 bit unsigned, while on Linux/Unix-like it's 32 bit signed integer. The game of casting 32 bit var to/from 64 bit pointer back and forth is the best way to break it. Further more, while socket and file descriptors are always integers on Linux, those are different things using different APIs on Windows. Even though using integer instead of SOCKET might work on Windows, this issue might need to be revamped more carefully later. By this time this patch is tested well with phpt and apps and shows no regressions, neither in mysqli_poll() nor in any other parts.
* | Merge branch 'PHP-5.4' into PHP-5.5Anatol Belski2013-12-111-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: fix dir separator in cve-2013-6420 test
View Lorry Controller Status