diff --git a/NEWS b/NEWS index e27a83e1b67..b0994af905a 100644 --- a/NEWS +++ b/NEWS @@ -115,6 +115,10 @@ PHP NEWS . Added memfd api usage, on Linux, for zend_shared_alloc_create_lock() to create an abstract anonymous file for the opcache's lock. (Max Kellermann) +- OpenSSL: + . Added OPENSSL_CMS_OLDMIMETYPE and PKCS7_NOOLDMIMETYPE contants to switch + between mime content types. (Daniel Kesselberg) + - PCNTL: . SA_ONSTACK is now set for pcntl_signal. (Kévin Dunglas) . Added SIGINFO constant. (David Carlier) diff --git a/UPGRADING b/UPGRADING index 6f8701179be..b7c70c34a96 100644 --- a/UPGRADING +++ b/UPGRADING @@ -214,6 +214,10 @@ PHP 8.3 UPGRADE NOTES . MIXED_NUMBERS (Spoofchecker). . HIDDEN_OVERLAY (Spoofchecker). +- OpenSSL: + . OPENSSL_CMS_OLDMIMETYPE + . PKCS7_NOOLDMIMETYPE + - PCNTL: . SIGINFO diff --git a/ext/openssl/openssl.stub.php b/ext/openssl/openssl.stub.php index a9fad2eaeae..6ebb519ba34 100644 --- a/ext/openssl/openssl.stub.php +++ b/ext/openssl/openssl.stub.php @@ -161,6 +161,11 @@ const PKCS7_BINARY = UNKNOWN; * @cvalue PKCS7_NOSIGS */ const PKCS7_NOSIGS = UNKNOWN; +/** + * @var int + * @cvalue PKCS7_NOOLDMIMETYPE + */ +const PKCS7_NOOLDMIMETYPE = UNKNOWN; /** * @var int @@ -202,6 +207,11 @@ const OPENSSL_CMS_BINARY = UNKNOWN; * @cvalue CMS_NOSIGS */ const OPENSSL_CMS_NOSIGS = UNKNOWN; +/** + * @var int + * @cvalue CMS_NOOLDMIMETYPE + */ +const OPENSSL_CMS_OLDMIMETYPE = UNKNOWN; /** * @var int diff --git a/ext/openssl/openssl_arginfo.h b/ext/openssl/openssl_arginfo.h index 3e1b4a778a9..b53e7024246 100644 --- a/ext/openssl/openssl_arginfo.h +++ b/ext/openssl/openssl_arginfo.h @@ -1,5 +1,5 @@ /* This is a generated file, edit the .stub.php file instead. - * Stub hash: be79b4cc0d9eb4469c43f10208b86369dcc1239d */ + * Stub hash: 549946c91248fddc4d43502d32335b68cfbe71f2 */ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_x509_export_to_file, 0, 2, _IS_BOOL, 0) ZEND_ARG_OBJ_TYPE_MASK(0, certificate, OpenSSLCertificate, MAY_BE_STRING, NULL) @@ -578,6 +578,7 @@ static void register_openssl_symbols(int module_number) REGISTER_LONG_CONSTANT("PKCS7_NOATTR", PKCS7_NOATTR, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PKCS7_BINARY", PKCS7_BINARY, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PKCS7_NOSIGS", PKCS7_NOSIGS, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("PKCS7_NOOLDMIMETYPE", PKCS7_NOOLDMIMETYPE, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_CMS_DETACHED", CMS_DETACHED, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_CMS_TEXT", CMS_TEXT, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOINTERN", CMS_NOINTERN, CONST_PERSISTENT); @@ -586,6 +587,7 @@ static void register_openssl_symbols(int module_number) REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOATTR", CMS_NOATTR, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_CMS_BINARY", CMS_BINARY, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOSIGS", CMS_NOSIGS, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_CMS_OLDMIMETYPE", CMS_NOOLDMIMETYPE, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_PERSISTENT); #if defined(RSA_SSLV23_PADDING) REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_PERSISTENT); diff --git a/ext/openssl/tests/openssl_cms_encrypt_basic.phpt b/ext/openssl/tests/openssl_cms_encrypt_basic.phpt index cf3e7ae7f37..14b5231fdd3 100644 --- a/ext/openssl/tests/openssl_cms_encrypt_basic.phpt +++ b/ext/openssl/tests/openssl_cms_encrypt_basic.phpt @@ -9,6 +9,9 @@ $outfile = tempnam(sys_get_temp_dir(), "cms_enc_basic"); if ($outfile === false) die("failed to get a temporary filename!"); $outfile2 = $outfile . ".out"; +$outfile3 = tempnam(sys_get_temp_dir(), "cms_enc_basic"); +if ($outfile3 === false) + die("failed to get a temporary filename!"); $single_cert = "file://" . __DIR__ . "/cert.crt"; $privkey = "file://" . __DIR__ . "/private_rsa_1024.key"; $wrongkey = "file://" . __DIR__ . "/private_rsa_2048.key"; @@ -33,6 +36,7 @@ var_dump(openssl_cms_encrypt($infile, $outfile, $wrong, $headers, cipher_algo: $ var_dump(openssl_cms_encrypt($infile, $outfile, $empty, $headers, cipher_algo: $cipher)); var_dump(openssl_cms_encrypt($infile, $outfile, $multi_certs, $headers, cipher_algo: $cipher)); var_dump(openssl_cms_encrypt($infile, $outfile, array_map('openssl_x509_read', $multi_certs), $headers, cipher_algo: $cipher)); +var_dump(openssl_cms_encrypt($infile, $outfile3, $single_cert, $headers, flags: OPENSSL_CMS_OLDMIMETYPE, cipher_algo: $cipher)); if (file_exists($outfile)) { echo "true\n"; @@ -42,6 +46,15 @@ if (file_exists($outfile2)) { echo "true\n"; unlink($outfile2); } + +if (file_exists($outfile3)) { + $content = file_get_contents($outfile3, false, null, 0, 256); + if (str_contains($content, 'Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"')) { + echo "true\n"; + } + unset($content); + unlink($outfile3); +} ?> --EXPECT-- bool(true) @@ -57,5 +70,7 @@ bool(false) bool(false) bool(true) bool(true) +bool(true) +true true true diff --git a/ext/openssl/tests/openssl_pkcs7_encrypt_basic.phpt b/ext/openssl/tests/openssl_pkcs7_encrypt_basic.phpt index 070fd1c4ec8..0ae5873c9bb 100644 --- a/ext/openssl/tests/openssl_pkcs7_encrypt_basic.phpt +++ b/ext/openssl/tests/openssl_pkcs7_encrypt_basic.phpt @@ -11,6 +11,9 @@ if ($outfile === false) $outfile2 = tempnam(sys_get_temp_dir(), "ssl"); if ($outfile2 === false) die("failed to get a temporary filename!"); +$outfile3 = tempnam(sys_get_temp_dir(), "ssl"); +if ($outfile3 === false) + die("failed to get a temporary filename!"); $single_cert = "file://" . __DIR__ . "/cert.crt"; $privkey = "file://" . __DIR__ . "/private_rsa_1024.key"; @@ -34,6 +37,7 @@ var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong, $headers, 0, $cipher)) var_dump(openssl_pkcs7_encrypt($infile, $outfile, $empty, $headers, 0, $cipher)); var_dump(openssl_pkcs7_encrypt($infile, $outfile, $multi_certs, $headers, 0, $cipher)); var_dump(openssl_pkcs7_encrypt($infile, $outfile, array_map('openssl_x509_read', $multi_certs), $headers, 0, $cipher)); +var_dump(openssl_pkcs7_encrypt($infile, $outfile3, $single_cert, $headers, PKCS7_NOOLDMIMETYPE, $cipher)); if (file_exists($outfile)) { echo "true\n"; @@ -43,6 +47,15 @@ if (file_exists($outfile2)) { echo "true\n"; unlink($outfile2); } + +if (file_exists($outfile3)) { + $content = file_get_contents($outfile3, false, null, 0, 256); + if (str_contains($content, 'Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"')) { + echo "true\n"; + } + unset($content); + unlink($outfile3); +} ?> --EXPECT-- bool(true) @@ -57,5 +70,7 @@ bool(false) bool(false) bool(true) bool(true) +bool(true) +true true true