From 500b28ad0403452b01c20b4c787b7c29cb133ec4 Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Fri, 25 Nov 2022 14:02:03 +0000
Subject: [PATCH] Fix GH-10000: Test failures when OpenSSL compiled with no-dsa

---
 NEWS                                                    | 2 ++
 ext/openssl/openssl.c                                   | 6 +++---
 ext/openssl/tests/bug41033.phpt                         | 4 ++++
 ext/openssl/tests/bug73711.phpt                         | 4 ++++
 ext/openssl/tests/bug81713.phpt                         | 4 +++-
 ext/openssl/tests/openssl_csr_export_basic.phpt         | 4 ++++
 ext/openssl/tests/openssl_csr_export_to_file_basic.phpt | 4 ++++
 ext/openssl/tests/openssl_csr_get_public_key_basic.phpt | 4 ++++
 ext/openssl/tests/openssl_csr_get_subject_basic.phpt    | 4 ++++
 ext/openssl/tests/openssl_csr_sign_basic.phpt           | 4 ++++
 ext/openssl/tests/openssl_pkey_new_basic.phpt           | 4 ++++
 11 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/NEWS b/NEWS
index 8fcebc3e650..e8d436e0fa5 100644
--- a/NEWS
+++ b/NEWS
@@ -29,6 +29,8 @@ PHP                                                                        NEWS
 - OpenSSL:
   . Fixed bug GH-9064 (PHP fails to build if openssl was built with --no-ec).
     (Jakub Zelenka)
+  . Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with
+    no-dsa). (Jakub Zelenka)
 
 - Pcntl:
   . Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash).
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index bbf916a6a64..7bfa4be5876 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1347,7 +1347,7 @@ PHP_MINIT_FUNCTION(openssl)
 
 	/* Values for key types */
 	REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA", OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_DSA", OPENSSL_KEYTYPE_DSA, CONST_CS|CONST_PERSISTENT);
 #endif
 	REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_DH", OPENSSL_KEYTYPE_DH, CONST_CS|CONST_PERSISTENT);
@@ -3759,7 +3759,7 @@ static int php_openssl_get_evp_pkey_type(int key_type) {
 	switch (key_type) {
 	case OPENSSL_KEYTYPE_RSA:
 		return EVP_PKEY_RSA;
-#if !defined(NO_DSA)
+#if !defined(OPENSSL_NO_DSA)
 	case OPENSSL_KEYTYPE_DSA:
 		return EVP_PKEY_DSA;
 #endif
@@ -3811,7 +3811,7 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req
 		}
 
 		switch (type) {
-#if !defined(NO_DSA)
+#if !defined(OPENSSL_NO_DSA)
 		case EVP_PKEY_DSA:
 			if (EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, req->priv_key_bits) <= 0) {
 				php_openssl_store_errors();
diff --git a/ext/openssl/tests/bug41033.phpt b/ext/openssl/tests/bug41033.phpt
index 73cca19506a..17982ecf73a 100644
--- a/ext/openssl/tests/bug41033.phpt
+++ b/ext/openssl/tests/bug41033.phpt
@@ -2,6 +2,10 @@
 #41033, enable signing with DSA keys
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $prv = 'file://' . __DIR__ . '/' . 'bug41033.pem';
diff --git a/ext/openssl/tests/bug73711.phpt b/ext/openssl/tests/bug73711.phpt
index b8fc1e3c599..210dc82a979 100644
--- a/ext/openssl/tests/bug73711.phpt
+++ b/ext/openssl/tests/bug73711.phpt
@@ -2,6 +2,10 @@
 Bug #73711: Segfault in openssl_pkey_new when generating DSA or DH key
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
diff --git a/ext/openssl/tests/bug81713.phpt b/ext/openssl/tests/bug81713.phpt
index 94715681d51..9e3ab5d5e2f 100644
--- a/ext/openssl/tests/bug81713.phpt
+++ b/ext/openssl/tests/bug81713.phpt
@@ -1,8 +1,10 @@
 --TEST--
 Bug #81713 (OpenSSL functions null byte injection)
+--EXTENSIONS--
+openssl
 --SKIPIF--
 <?php
-if (!extension_loaded("openssl")) die("skip openssl not loaded");
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
 ?>
 --FILE--
 <?php
diff --git a/ext/openssl/tests/openssl_csr_export_basic.phpt b/ext/openssl/tests/openssl_csr_export_basic.phpt
index 95bf741e9ec..f64271ffd97 100644
--- a/ext/openssl/tests/openssl_csr_export_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_export_basic.phpt
@@ -2,6 +2,10 @@
 openssl_csr_export() tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $wrong = "wrong";
diff --git a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
index 5b092088816..4a6a393a6ba 100644
--- a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
@@ -2,6 +2,10 @@
 openssl_csr_export_to_file() tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $csrfile = __DIR__ . "/openssl_csr_export_to_file_csr.tmp";
diff --git a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
index 9f128c200be..4d013cd4cb4 100644
--- a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
@@ -2,6 +2,10 @@
 openssl_csr_get_public_key() tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
diff --git a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
index 79baeb65b8a..5c5a2c7ecb3 100644
--- a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
@@ -2,6 +2,10 @@
 openssl_csr_get_subject() tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
diff --git a/ext/openssl/tests/openssl_csr_sign_basic.phpt b/ext/openssl/tests/openssl_csr_sign_basic.phpt
index 0cf678cc294..852b296b9e0 100644
--- a/ext/openssl/tests/openssl_csr_sign_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_sign_basic.phpt
@@ -2,6 +2,10 @@
 openssl_csr_sign() tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 $cert = "file://" . __DIR__ . "/cert.crt";
diff --git a/ext/openssl/tests/openssl_pkey_new_basic.phpt b/ext/openssl/tests/openssl_pkey_new_basic.phpt
index f502e281a51..df35c0d3a33 100644
--- a/ext/openssl/tests/openssl_pkey_new_basic.phpt
+++ b/ext/openssl/tests/openssl_pkey_new_basic.phpt
@@ -2,6 +2,10 @@
 openssl_pkey_new() basic usage tests
 --EXTENSIONS--
 openssl
+--SKIPIF--
+<?php
+if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
+?>
 --FILE--
 <?php
 function openssl_pkey_test_cmp($expected, $bin_key) {