summaryrefslogtreecommitdiff
path: root/ext/openssl
Commit message (Collapse)AuthorAgeFilesLines
* fix improper behaviorAnatol Belski2015-07-031-3/+8
| | | | | openssl_spki_export() is documented to return string, but it's obviously not achieved writing it to stdout :)
* Use ZSTR_ API to access zend_string elements (this is just renaming without ↵Dmitry Stogov2015-06-302-52/+52
| | | | semantick changes).
* Merge branch 'PHP-5.6'Tjerk Meesters2015-06-264-0/+27
|\ | | | | | | | | * PHP-5.6: Fixed #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs
| * Fixed #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read ↵Tjerk Meesters2015-06-264-1/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | with extra certs Squashed commit of the following: commit a64c1d9bc4c129fd946a478bdcb55101e42157b7 Author: Tomasz Sawicki <falundir@gmail.com> Date: Wed Jun 24 08:49:37 2015 +0200 Fix #69882: OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra certs The "key values mismatch" error is triggered in openssl_pkcs12_read by PKCS12_parse, because it uses X509_check_private_key to separate main certificate (which corresponds to private key) from extra certificates. Extra certificates usually comes first (p12 contents are reversed as stack) and X509_check_private_key triggers X509_R_KEY_VALUES_MISMATCH error. The fix pops "key values mismatch" error from OpenSSL error stack for each extra certificate if there are any.
| * Remove SSLv3 test dependenciesRasmus Lerdorf2015-05-054-16/+3
| | | | | | | | | | | | | | | | SSLv3 is going away. Debian8 already ships with an openssl with no SSLv3 support which was causing these tests to fail. Conflicts: ext/openssl/tests/session_meta_capture.phpt
* | Drop duplicate object-to-type noticesNikita Popov2015-06-221-1/+0
| | | | | | | | | | We already generate a recoverable fatal for these earlier, no need to throw an additional notice.
* | Make convert_to_* safe with rc>1Nikita Popov2015-06-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | This only involves switching zval_dtor to zval_ptr_dtor for arrays and making the convert_to_object for arrays a bit more generic. All the other changes outside zend_operators.c just make use of this new ability (use COPY instead of DUP). What's still missing: Proper references handling. I've seen many convert_to* calls that will break when a reference is used. Also fixes bug #69788.
* | Corrected line comment 5256Radu Brănișcan2015-05-231-1/+1
| | | | | | | | From the text "dectupt" to "decrypt"
* | fix _timezone usage for vc14Anatol Belski2015-05-101-1/+1
| |
* | Dropped CN_match and SNI_server_name context optionsNikita Popov2015-04-241-15/+2
| |
* | Merge branch 'pull-request/1203'Stanislav Malyshev2015-04-181-0/+4
|\ \ | | | | | | | | | | | | * pull-request/1203: Update openssl.c
| * | Update openssl.cEric F2015-03-301-0/+4
| | | | | | | | | | | | Adding additional checks for sslv3.
* | | Merge branch 'PHP-5.6'Remi Collet2015-04-171-0/+1
|\ \ \ | | |/ | |/| | | | | | | * PHP-5.6: skip test when xml not available
| * | skip test when xml not availableRemi Collet2015-04-171-0/+1
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-04-141-1/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix Bug #69402: Reading empty SSL stream hangs until timeout Conflicts: ext/openssl/xp_ssl.c
| * | Fix Bug #69402: Reading empty SSL stream hangs until timeoutDaniel Lowrey2015-04-141-4/+9
| | |
| * | Merge branch 'PHP-5.5' into PHP-5.6Leigh2015-03-272-0/+3
| |\ \ | | | | | | | | | | | | | | | | * PHP-5.5: Add RAND_egd check for compiling against LibreSSL
| | * | Add RAND_egd check for compiling against LibreSSLLeigh2015-03-272-0/+3
| | | |
* | | | Fix test for systems where openssl's time_t have an offset setKalle Sommer Nielsen2015-04-091-2/+2
| | | |
* | | | Fix test on systems where EOL isn't "\n", like WindowsKalle Sommer Nielsen2015-04-081-0/+5
| | | |
* | | | Fixed resource leakDmitry Stogov2015-04-081-0/+4
| | | |
* | | | Remove SSLv3 test dependenciesRasmus Lerdorf2015-04-084-16/+3
| |_|/ |/| | | | | | | | | | | SSLv3 is going away. Debian8 already ships with an openssl with no SSLv3 support which was causing these tests to fail.
* | | Add RAND_egd check for compiling against LibreSSLLeigh2015-03-272-0/+3
| | |
* | | cleanup mod version macros, round 3Anatol Belski2015-03-232-1/+4
| | |
* | | Use specialized macro for string zval creationDmitry Stogov2015-03-121-1/+1
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-111-11/+7
|\ \ \ | |/ / | | | | | | | | | * PHP-5.6: Don't block on crypto data inside stream_select()
| * | Don't block on crypto data inside stream_select()Daniel Lowrey2015-03-111-11/+7
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-105-5/+140
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix bug# 69215 (Crypto servers should send client CA list) Conflicts: ext/openssl/xp_ssl.c
| * | Fix bug# 69215 (Crypto servers should send client CA list)Daniel Lowrey2015-03-105-5/+140
| | |
* | | Deprecate "session_meta_capture" SSL context optionDaniel Lowrey2015-03-092-5/+11
| | | | | | | | | | | | | | | | | | | | | Meta data about encrypted streams is now available as part of the "crypto" key in the array returned by stream_get_meta_data(). This update deprecates the use of the "session_meta_capture" ssl context option in encrypted streams.
* | | Revert "Add stream_socket_crypto_info() function"Daniel Lowrey2015-03-091-104/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 13acb7ec653c543c56437ed417c3889fbf54f608. With the added capability to negotiate application layer protocols via the TLS ALPN extension userland needs a method to access the negotiated protocol on a given stream. The reverted commit added a new stream_socket_crypto_info() function for this purpose. This original approach was discarded in favor of using the already-existing stream_get_meta_data() API which specifically exists for just such purposes and requires the addition of no new functions.
* | | Add crypto info to stream_get_meta_data() result on encrypted streamsDaniel Lowrey2015-03-091-1/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A "crypto" key is added to the output of stream_get_meta_data() calls when invoked using a stream on which crypto is currently active. The new key's associated array contains the following keys: - protocol (string e.g. TLSv1.2, TLSv1.1, etc) - cipher_name (string) - cipher_bits (int) - cipher_version (string) If the TLS ALPN extension was used to successfully negotiate an application protocol that protocol's identifier is stored in the following key: - alpn_protocol If no ALPN protocol was negotiated the "alpn_protocol" key is not present in the crypto meta data array. More meta information concerning the stream's active encryption state may be added in the future.
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-091-17/+18
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix crypto stream timeout regressions Conflicts: ext/openssl/xp_ssl.c
| * | Merge branch 'PHP-5.5' into PHP-5.6Daniel Lowrey2015-03-091-18/+19
| |\ \ | | |/ | | | | | | | | | * PHP-5.5: Fix crypto stream timeout regressions
| | * Fix crypto stream timeout regressionsDaniel Lowrey2015-03-091-18/+19
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-061-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.6: Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly) Conflicts: ext/openssl/openssl.c
| * | Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly)Daniel Lowrey2015-03-061-1/+1
| | |
| * | Update test to run locally instead of remotelyDaniel Lowrey2015-03-051-19/+43
| | |
* | | fix data typeAnatol Belski2015-03-061-1/+1
| | |
* | | Update test to run locally instead of remotelyDaniel Lowrey2015-03-051-19/+43
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-051-1/+14
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix stream_select() issue with OpenSSL buffer Conflicts: main/streams/streams.c
| * | Fix stream_select() issue with OpenSSL bufferChris Wright2015-03-051-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure data from OpenSSL internal buffer has been transfered to PHP stream buffer before a select() emulation operation is performed Addresses bug #65137 https://bugs.php.net/bug.php?id=65137 Conflicts: ext/openssl/xp_ssl.c
| * | Really fix zts this timeDaniel Lowrey2015-03-051-4/+4
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-051-1/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix ZTS Fix ZTS build Conflicts: ext/openssl/openssl.c ext/openssl/xp_ssl.c
| * | Fix ZTSDaniel Lowrey2015-03-051-3/+3
| | |
| * | Merge branch 'PHP-5.5' into PHP-5.6Daniel Lowrey2015-03-051-1/+1
| |\ \ | | |/ | | | | | | | | | * PHP-5.5: Fix ZTS build
| | * Fix ZTS buildDaniel Lowrey2015-03-051-1/+1
| | |
* | | Merge branch 'PHP-5.6'Daniel Lowrey2015-03-053-8/+43
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix bug #67403 (Add signatureType to openssl_x509_parse) 5.5.24 now Conflicts: ext/openssl/openssl.c
| * | Merge branch 'PHP-5.5' into PHP-5.6Daniel Lowrey2015-03-053-8/+44
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fix bug #67403 (Add signatureType to openssl_x509_parse) 5.5.24 now Conflicts: configure.in main/php_version.h
| | * Fix bug #67403 (Add signatureType to openssl_x509_parse)Daniel Lowrey2015-03-053-8/+44
| | |
View Lorry Controller Status