archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-20 09:24:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
81192 commits 526 branches 1434 tags 881 MiB
Commit graph

175 commits

Author SHA1 Message Date
Daniel Lowrey
2ddefbd2b3 Added support for TLSv1.1 and TLSv1.2 2013-10-08 14:09:17 -04:00
Daniel Lowrey
1970b96443 Added SAN matching during peer verification 2013-10-08 12:37:44 -04:00
Michael Wallner
ea0578e223 Merge branch 'ssl-streams-crypto-method' of https://github.com/mj/php-src 
* 'ssl-streams-crypto-method' of https://github.com/mj/php-src:
  Add unit test that covers setting the crypto method.
  Streams for ssl:// transports can now be configured to use a specific crypto method (SSLv3, SSLv2 etc.) by calling
 2013-10-08 16:10:00 +02:00
Michael Wallner
8300ced2f7 Merge branch 'bug65729' of https://github.com/datibbaw/php-src 
* 'bug65729' of https://github.com/datibbaw/php-src:
  DNS name comparison is now case insensitive.
  Use zend_bool as return value for _match()
  Added two more test cases for CN matching.
  yay, reduced one variable
  Fixed bug that would lead to out of bounds memory access
  added better wildcard matching for CN
 2013-10-08 15:58:28 +02:00
datibbaw
6106896440 DNS name comparison is now case insensitive. 2013-10-08 10:07:54 +08:00
Tjerk Meesters
674dd73f8c Added two more test cases for CN matching. 2013-10-07 22:10:05 +08:00
Martin Jansen
047877e810 Add unit test that covers setting the crypto method. 2013-10-04 21:55:29 +02:00
datibbaw
edd93f3452 Support string and array for peer fingerprint matching 2013-09-27 14:13:11 +08:00
Tjerk Meesters
1c7cabb2ca add md5 and sha1 fingerprint tests 2013-09-23 23:29:17 +08:00
Tjerk Meesters
2bfc5a253b Renamed to be more descriptive of what it does 2013-09-23 00:51:17 +08:00
Tjerk Meesters
521a5c9568 don't leak cert on errors, return null on zpp failure 2013-09-21 18:24:00 +08:00
Tjerk Meesters
8915c3fb4f added better wildcard matching for CN 2013-09-21 16:45:20 +08:00
Tjerk Meesters
a97aec16c0 Added test case for openssl_x509_digest() 2013-09-20 23:29:04 +08:00
Stanislav Malyshev
12c2a8a5eb Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix for php bug #64802 includes test case
 2013-08-18 16:55:03 -07:00
Stanislav Malyshev
bd29ff7c38 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for php bug #64802 includes test case

Conflicts:
	ext/openssl/openssl.c
 2013-08-18 15:45:17 -07:00
Mark Jones
9973658a44 Fix for php bug #64802 includes test case 2013-08-18 15:42:37 -07:00
Stanislav Malyshev
4da6273092 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
 2013-08-13 22:26:32 -07:00
Stanislav Malyshev
2b9f5ac252 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
 2013-08-13 22:25:47 -07:00
Stanislav Malyshev
dcea4ec698 Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:24:11 -07:00
Stanislav Malyshev
2874696a5a Fix CVE-2013-4073 - handling of certs with null bytes 2013-08-13 22:20:33 -07:00
Stanislav Malyshev
8ac131503d Merge branch 'PHP-5.5' 
* PHP-5.5:
  Merge branch 'pull-request/341'
  Merge branch 'pull-request/341'
 2013-06-10 14:31:57 -07:00
Stanislav Malyshev
02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
jas-
8f56ac8401 Address feature request #38917 for native SPKAC (HTML5 keygen element) support 2013-05-06 16:36:06 -06:00
Stanislav Malyshev
0841eca580 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()
 2013-02-17 13:29:34 -08:00
Stanislav Malyshev
7b0107cc5d fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() 2013-02-17 13:28:42 -08:00
Stanislav Malyshev
c7be96b08f Revert "Add PBKDF2 support via openssl()" 
This reverts commit b5b8ea1050.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:22:49 -07:00
Stanislav Malyshev
a2bfad051d Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell." 
This reverts commit bccd1e672f.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:21:54 -07:00
Scott MacVicar
bccd1e672f Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 15:41:41 -07:00
Scott MacVicar
b5b8ea1050 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 13:35:25 -07:00
Scott MacVicar
b481ebae55 Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 12:38:54 -07:00
Felipe Pena
733aaf23b1 - Fixed build (PKCS5_PBKDF2_HMAC is from 1.0.0) 2012-06-11 14:08:38 -03:00
Scott MacVicar
f4847efc5d Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 00:24:44 -07:00
Anatoliy Belsky
fa0d507923 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fix bug #61401 ext\openssl\tests\004.phpt fails
  Fix bug #61404 ext\openssl\tests\021.phpt fails
  Fix bug #61448 intl tests fail with icu >= 4.8
 2012-03-28 17:13:16 +02:00
Anatoliy Belsky
bff8152565 Fix bug #61401 ext\openssl\tests\004.phpt fails 2012-03-28 17:11:58 +02:00
Anatoliy Belsky
4c5b427124 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:15:36 +02:00
Anatoliy Belsky
bd7bb973b1 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:04:56 +02:00
Anatoliy Belsky
8d7a489b97 Merge branch '5.3' into 5.4 
* 5.3:
  Fix bug #61405 ext\openssl\tests\022.phpt fails
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 16:15:15 +02:00
Anatoliy Belsky
b638d3020c Fix bug #61405 ext\openssl\tests\022.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
e55718b091 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
7fdd35d697 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:25 +02:00
Olivier DOUCET
ad832abba1 test for bug #61124 2012-02-25 13:27:57 +00:00
Olivier DOUCET
118dd43555 test for bug #61124 2012-02-25 13:27:57 +00:00
Christopher Jones
b0678ea229 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Christopher Jones
73ccc0a5e9 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Rasmus Lerdorf
f6f283c3e2 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
8d5f83dde5 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
60df9abf95 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e4fb44c8b6 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e24b6cdf56 Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00