archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
139815 commits 526 branches 1434 tags 865 MiB
Commit graph

813 commits

Author SHA1 Message Date
Jakub Zelenka
7a15d2a5c0
Merge branch 'PHP-8.3' into PHP-8.4 2025-06-05 18:05:24 +02:00
Jakub Zelenka
444cc78a3e
Skip OpenSSL proxy test for bug #74796 on Windows 2025-06-05 16:18:06 +02:00
Jakub Zelenka
086a470208
Merge branch 'PHP-8.3' into PHP-8.4 2025-06-05 14:10:57 +02:00
Jakub Zelenka
42f6c15186
Fix bug #74796: Requests through http proxy set peer name 
This issue happens because http wrapper sets peer_name but then does not
remove so it stays in the context. The fix removes the peer name from
the context after enabling crypto.

In addition to bug #74796, this also fixes bug #76196.

In addition it should be a final fix for those SOAP bugs:

bug #69783
bug #52913
bug #61463
 2025-06-05 14:08:28 +02:00
Niels Dossche
87ff5479fc
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix memory leak of X509_STORE in php_openssl_setup_verify() on failure
 2025-06-03 23:46:21 +02:00
Niels Dossche
08a9579883
Fix memory leak of X509_STORE in php_openssl_setup_verify() on failure 
Closes GH-18750.
 2025-06-03 23:45:51 +02:00
Niels Dossche
d689ff63e8
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix memory leak in openssl_sign() when passing invalid algorithm
 2025-04-02 20:18:57 +02:00
Niels Dossche
74720a22f3
Fix memory leak in openssl_sign() when passing invalid algorithm 
Closes GH-18185.
 2025-04-02 20:15:53 +02:00
Jakub Zelenka
4936c32772
Merge branch 'PHP-8.3' into PHP-8.4 2025-02-28 14:51:52 +01:00
Jakub Zelenka
6bb56fe0cf
Change openssl_x509_verify test to use cert generator (#17882) 
This also prevents verifying cert with SHA1 signature
 2025-02-28 14:51:12 +01:00
Jakub Zelenka
d2977b026f
Merge branch 'PHP-8.3' into PHP-8.4 2024-12-31 15:20:06 +01:00
Jakub Zelenka
e0dabe326f
Merge branch 'PHP-8.2' into PHP-8.3 2024-12-31 15:05:18 +01:00
Jakub Zelenka
37504f123d
Port OpenSSL gh10495, gh13860 and gh9310 test to use ephemeral ports 2024-12-31 15:02:08 +01:00
Jakub Zelenka
44a9154e75
Merge branch 'PHP-8.1' into PHP-8.2 2024-12-31 14:39:59 +01:00
Jakub Zelenka
b8731767d8
Fix GH-16955: Use empheral ports for OpenSSL server client tests 
And refactor some client server tests.

Closes GH-17180
 2024-12-31 14:25:19 +01:00
Niels Dossche
fd68e9ba2c
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix memory leak in php_openssl_pkey_from_zval()
  Fix various memory leaks related to openssl exports
  Prevent unexpected array entry conversion when reading key
 2024-11-09 11:01:29 +01:00
Niels Dossche
591fe92724
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix memory leak in php_openssl_pkey_from_zval()
  Fix various memory leaks related to openssl exports
  Prevent unexpected array entry conversion when reading key
 2024-11-09 11:01:21 +01:00
Niels Dossche
994e866cf2
Fix memory leak in php_openssl_pkey_from_zval() 
Closes GH-16691.
 2024-11-09 10:58:44 +01:00
Niels Dossche
2f4f09f7e6
Fix various memory leaks related to openssl exports 
Closes GH-16692.
 2024-11-09 10:58:17 +01:00
Niels Dossche
ac8d0e57d9
Prevent unexpected array entry conversion when reading key 
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original array entry.
The test originally outputted:

```
array(2) {
  [0]=>
  string(...) => ...
  [1]=>
  string(0) ""
}
```

This is unexpected. Use zval_try_get_string() to prevent this behaviour.

Closes GH-16693.
 2024-11-09 10:57:50 +01:00
Christoph M. Becker
ef1c3b82ff
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16433: Large values for openssl_csr_sign() $days overflow
 2024-10-16 11:10:12 +02:00
Christoph M. Becker
931762c626
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-16433: Large values for openssl_csr_sign() $days overflow
 2024-10-16 11:09:00 +02:00
Christoph M. Becker
2bdf2f9100
Fix GH-16433: Large values for openssl_csr_sign() $days overflow 
The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `zend_long`.  We must
avoid signed integer overflow (UB), but also must not silently truncate.
Thus we check the given `$days` for the permissible range, and bail out
otherwise.

Closes GH-16437.
 2024-10-16 11:08:02 +02:00
Christoph M. Becker
33fab73730
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16357: openssl may modify member types of certificate arrays
 2024-10-12 16:07:50 +02:00
Christoph M. Becker
76a819e7d1
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-16357: openssl may modify member types of certificate arrays
 2024-10-12 16:06:44 +02:00
Christoph M. Becker
549bcdb7fb
Fix GH-16357: openssl may modify member types of certificate arrays 
We must not use `try_convert_to_string()` on members of unseparated
array arguments; instead of separating, we use `zval_try_get_string()`.

Closes GH-16370.
 2024-10-12 16:05:31 +02:00
Jakub Zelenka
53cc92c85c
Fix failing openssl_private_decrypt tests 
We backport 11caf094f1af6b47ea2138c5fa907838911ebe01[1] as a step to
get back to a green CI.

[1] <11caf094f1>
 2024-10-07 01:06:04 +02:00
Remi Collet
32c5ce3451
Implement GH-13514 PASSWORD_ARGON2 from OpenSSL 3.2 (#13635) 
* Implement GH-13514 PASSWORD_ARGON2 from OpenSSL 3.2

* simplify init/shutdown

* use php_base64_encode_ex

* - rename macros - use openssl RAND_bytes - CS

* add --with-openssl-argon2 build option

* check OSSL_KDF_PARAM_ARGON2_LANES instead of OSSL_set_max_threads

* Cleanup and CS

* save/restore old threads config + CS

* remove unneeded check
 2024-09-02 13:01:09 +02:00
Gina Peter Bnayard
5853cdb73d Use "must not" instead of "cannot" wording 2024-08-21 21:12:17 +01:00
Tim Düsterhus
29f98e7485
Replace @deprecated by #[\Deprecated] for internal functions / class constants (#14750) 
Co-authored-by: Gina Peter Banyard <girgias@php.net>
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
 2024-07-10 16:47:31 +02:00
Arnaud Le Blanc
e63e1afd84
Merge branch 'PHP-8.3' 
* PHP-8.3:
  Fix test race condition
 2024-07-03 19:17:59 +02:00
Arnaud Le Blanc
6b54d3b26f
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix test race condition
 2024-07-03 19:17:43 +02:00
Arnaud Le Blanc
070779c874
Fix test race condition 
Closes GH-14790
 2024-07-03 19:17:13 +02:00
Jakub Zelenka
82e6040cff
Merge branch 'PHP-8.2' into PHP-8.3 2024-06-09 12:40:51 +01:00
Jakub Zelenka
46013f1c55
Skip test for OpenSSL bug #74341 which is not a bug 2024-06-09 12:40:24 +01:00
Jakub Zelenka
98736e8bbd
Fix GH-13343: openssl_x509_parse should not allow omitted seconds in UTCTimes 
Closes GH-14439

Signed-off-by: Jakub Zelenka <bukka@php.net>
 2024-06-09 12:35:05 +01:00
Manuel Mausz
5f2a0c8383
Add support for Curve25519 + Curve448 based keys 
For openssl_pkey_get_details we export the priv+pub parameters.

ED25519/ED448 do not support streaming, so we need to use
EVP_Digest{Sign,Verify} instead. In general the older EVP_{Sign,Verify}
interface should be avoided as the key is passed very late.
See BUGS section in OpenSSL manpages of EVP_{Sign,Verify}Final

Additionally per requirement we need to allow sign/verify without
digest. So we need to allow passing 0 as digest. In OpenSSL 3.0+ this also
corresponds to the default digest (see EVP_PKEY_get_default_digest_name).

For CSR creation we need to allow "null" as digest_alg option.

Closes GH-14052
 2024-05-27 12:52:57 +01:00
Ilija Tovilo
f07f3b4078
Merge branch 'PHP-8.3' 
* PHP-8.3:
  [skip ci] Fix typo
 2024-05-13 13:08:56 +02:00
Ilija Tovilo
614323e4b6
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  [skip ci] Fix typo
 2024-05-13 13:08:49 +02:00
Ilija Tovilo
fa7933ef17
[skip ci] Fix typo 2024-05-13 13:08:28 +02:00
Ilija Tovilo
7a20168800
Merge branch 'PHP-8.3' 
* PHP-8.3:
  [skip ci] Adjust port for gh13860.phpt
 2024-05-13 12:17:12 +02:00
Ilija Tovilo
018ee8dc6e
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  [skip ci] Adjust port for gh13860.phpt
 2024-05-13 12:17:05 +02:00
Ilija Tovilo
91c53e43c4
[skip ci] Adjust port for gh13860.phpt 
Port 64325 is already used in ext/standard/tests/streams/gh11418.phpt. The test
randomly times out, and it's unclear whether it might be related to the
conflicting port.
 2024-05-13 12:16:57 +02:00
Jakub Zelenka
1b015947a0
Merge branch 'PHP-8.3' 2024-04-19 14:10:18 +01:00
Jakub Zelenka
353571e29b
Merge branch 'PHP-8.2' into PHP-8.3 2024-04-19 14:09:53 +01:00
Jakub Zelenka
04b864e566
Fix GH-13806: openssl_x509_parse_basic test fails with OpenSSL 3.2+ (#13961) 
Closes GH-13961
 2024-04-19 14:09:22 +01:00
Niels Dossche
68592c84a1
Merge branch 'PHP-8.3' 
* PHP-8.3:
  Improve stability of test gh13860.phpt
 2024-04-07 22:50:28 +02:00
Niels Dossche
73218e063a
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Improve stability of test gh13860.phpt
 2024-04-07 22:50:09 +02:00
Niels Dossche
a86256c950
Improve stability of test gh13860.phpt 2024-04-07 22:49:58 +02:00
Niels Dossche
1e4bb039eb
Merge branch 'PHP-8.3' 
* PHP-8.3:
  Fix GH-13860: Incorrect PHP_STREAM_OPTION_CHECK_LIVENESS case in ext/openssl/xp_ssl.c - causing use of dead socket
 2024-04-07 21:37:09 +02:00