This issue happens because http wrapper sets peer_name but then does not
remove so it stays in the context. The fix removes the peer name from
the context after enabling crypto.
In addition to bug #74796, this also fixes bug #76196.
In addition it should be a final fix for those SOAP bugs:
bug #69783
bug #52913
bug #61463
This regressed in 62c7432f, prior to that commit the value was set to
false in case random number generation failed, but now even if an
exception is thrown it is set to true. This likely does not _really_
matter as the user will handle the exception, still the value in
$strong_result is observable.
* PHP-8.3:
Fix memory leak in php_openssl_pkey_from_zval()
Fix various memory leaks related to openssl exports
Prevent unexpected array entry conversion when reading key
* PHP-8.2:
Fix memory leak in php_openssl_pkey_from_zval()
Fix various memory leaks related to openssl exports
Prevent unexpected array entry conversion when reading key
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original array entry.
The test originally outputted:
```
array(2) {
[0]=>
string(...) => ...
[1]=>
string(0) ""
}
```
This is unexpected. Use zval_try_get_string() to prevent this behaviour.
Closes GH-16693.
The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `zend_long`. We must
avoid signed integer overflow (UB), but also must not silently truncate.
Thus we check the given `$days` for the permissible range, and bail out
otherwise.
Closes GH-16437.
We must not use `try_convert_to_string()` on members of unseparated
array arguments; instead of separating, we use `zval_try_get_string()`.
Closes GH-16370.
We change the error for ZTS builds to a warning, to not break snapshot
builds which automatically will try to enable OpenSSL password hashing.
We also change some messages to better fit building on Windows.
And of course, we cannot easily check whether `OSSL_set_max_threads()`
is actually available; instead we're looking up the function declaration
in its header file.
Co-authored-by: Peter Kokot <peterkokot@gmail.com>
To match other capitalized strings like `ZEND_STR_UNKNOWN_CAPITALIZED` and
`ZEND_STR_ARRAY_CAPITALIZED`. Since this known string was only added in PHP
8.4, no backwards compatibility alias is needed.
This is not necessarily useful for Windows (few use custom builds on
that platform), but for feature parity with other platforms it seems
reasonable to support it on Windows.
We make sure, though, that the feature is not enabled for snapshot
builds by adding the option to the build exclusions.
When functions' or class methods' availability is based on some preprocessor
condition, the generated arginfo header files wrap the declarations in the
preprocessor `#if` conditional blocks, one per declaration, even if they are in
the same conditional block based on comments in the stub file. Instead of
having multiple conditional blocks one after the other with the same condition,
combine them into a single conditional block.
When a class (or enum) has no methods, rather than using an array that only
contains `ZEND_FE_END`, use `NULL` for the functions. The implementation of
class registration for internal classes, `do_register_internal_class()` in
zend_API.c, already skips classes where the functions are `NULL`. By removing
these unneeded arrays, we can reduce the size of the header files, while also
removing an unneeded call to zend_register_functions() for each internal class
with no extra methods.
