| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | |
| | | |
| | | |
| | | | |
Closes GH-6156
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This should fix most of the remaining issues with tabs and spaces
being mixed in tests.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-6121
|
| | | | |
| | | |
| | | |
| | | | |
Since e8e4ddce
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-6025
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
They will now follow the canonical order of types. Older macros are
left intact due to maintaining BC.
Closes GH-6112
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5999
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
RC4 is considered insecure, and it's not possible to change the
default of these functions. As such, require the method to be
passed explicitly.
Closes GH-6093.
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5111
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These two $recipcert parameters don't use proper union types
right now. They are a bit tricky due to the $recipkey -> $recipcert
fallback.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove null checks before EVP_PKEY_free and BIO_free. NULL is a
no-op for both of these. Probably applies to most other freeing
function as well...
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove the free_pkey argument from php_openssl_pkey_from_zval,
instead return an EVP_PKEY that always needs to be freed
(by incrementing refcount if necessary).
This makes the code simpler and fixes a number of bugs in the
existing handling.
Closes GH-5946.
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5958
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Closes GH-5860
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-7.4:
Fixed bug #79881
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5758
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
For the rare cases where references are part of the API,
construct them explicitly. Otherwise do not allow separation.
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5779
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The hash is used to check whether the arginfo file needs to be
regenerated. PHP-Parser will only be downloaded if this is actually
necessary.
This ensures that release artifacts will never try to regenerate
stubs and thus fetch PHP-Parser, as long as you do not modify any
files.
Closes GH-5739.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
The putenv trick doesn't work on ZTS Windows, so generate a new
openssl config every time.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
We want to test the client side error here, so make sure the
server side can start up successfully.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
And switch tests using SAN certificates to the generator.
This is ugly, but there doesn't seem to be a more direct way
to privide SAN in PHP.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
A few additional tests have been added on master that require
lower security level.
|
| |\ \ \ \
| |/ / / |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
The certificate really doesn't matter here, but it still needs to
comply with security level...
|
| | | | |
| | | |
| | | |
| | | | |
Make this test pass under security level 2.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | | |
This reverts commit b281493503401a2b5c45c11fcd0498d8448998c2.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
People should not have to worry about the used openssl version
when downgrading security_level.
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-7.4:
Fix tests regarding OpenSSL security_level
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The `security_level` stream option is only available as of OpenSSL
1.1.0, so we only set it for these versions. Older OpenSSL versions
do not have security levels at all.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This migrates all the tests using ext/openssl/tests/streams_crypto_method.pem
to the certificate generator, so we can easily adjust needed parameters.
In particular, this makes the cert security level 2 compatible.
However, we still need to downgrade security_level to 1 in a number
of tests, because they are testing TLS < 1.2 connections.
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This makes the generated certificates compatible with security
level 2, which is apparently the default on Ubuntu 20.04.
Unfortunately this does not fix all tests, because some are using
pre-generated certificates.
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-7.4:
Fix #62890: default_socket_timeout=-1 causes connection to timeout
|
| | |\ \ \
| | |/ /
| | | |
| | | |
| | | | |
* PHP-7.3:
Fix #62890: default_socket_timeout=-1 causes connection to timeout
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
While unencrypted connections ignore negative timeouts, SSL/TLS
connections did not special case that, and so always failed due to
timeout.
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-5676.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It add CMS (RFC 5652) support, which is an update to PKCS7. The functions
are analogous BUT NOT IDENTICAL to openssl_pkcs7*. In particular, support for
different encodings (PEM, DER, SMIME) is now available.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Same as https://github.com/php/php-src/pull/2681/files but for openssl_pkcs12_export_to_file
Closes GH-5665
|
| | | | | |
|
