archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-21 01:45:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
80790 commits 526 branches 1434 tags 883 MiB
Commit graph

643 commits

Author SHA1 Message Date
Ferenc Kovacs
feadaaed56 Revert "Merge branch 'PHP-5.5' into PHP-5.6" 
This reverts commit 98e67add15, reversing
changes made to 2cdc1a2b74.
 2014-10-15 19:34:07 +02:00
Ferenc Kovacs
4fb998d42f Revert "fix TS build" 
This reverts commit 84a4041ba4.
 2014-10-15 19:33:47 +02:00
Ferenc Kovacs
7b8222aa44 Revert "Merge branch 'PHP-5.4' into PHP-5.5" 
This reverts commit 30a73658c6, reversing
changes made to 7fac56e072.
 2014-10-15 19:33:31 +02:00
Ferenc Kovacs
528e4166a6 Revert "Bug #67965: Fix blocking behavior in non-blocking crypto streams" 
This reverts commit f86b2193a4.
 2014-10-15 19:32:46 +02:00
Ferenc Kovacs
ff91a48f6e Revert "Bug #41631: Fix regression from first attempt (6569db8)" 
This reverts commit 372844918a.
 2014-10-15 19:32:14 +02:00
Tjerk Meesters
836a5dfddb Fixed bug #68234 
Certificate will now expire in 2034
 2014-10-15 21:12:13 +08:00
Ferenc Kovacs
d27f3e7b64 update the certificate used for the test, as it expired recently 2014-09-24 13:40:52 +02:00
Remi Collet
0d776ef87b Fix bug #68074 Allow to use system cipher list instead of hardcoded value 2014-09-24 10:34:55 +02:00
Daniel Lowrey
edb2799333 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #41631: Fix regression from first attempt (6569db8)
  Bug #67965: Fix blocking behavior in non-blocking crypto streams
 2014-09-09 10:24:40 -06:00
Daniel Lowrey
bf2f80b223 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Bug #41631: Fix regression from first attempt (6569db8)
  Bug #67965: Fix blocking behavior in non-blocking crypto streams
 2014-09-09 09:27:20 -06:00
Daniel Lowrey
372844918a Bug #41631: Fix regression from first attempt (6569db8) 2014-09-09 09:01:42 -06:00
Daniel Lowrey
f86b2193a4 Bug #67965: Fix blocking behavior in non-blocking crypto streams 2014-09-09 07:37:57 -06:00
Chris Wright
db03216e62 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix stream_select() issue with OpenSSL buffer
 2014-08-27 16:06:28 +01:00
Chris Wright
30a73658c6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix stream_select() issue with OpenSSL buffer

Conflicts:
	ext/openssl/xp_ssl.c
 2014-08-27 16:01:18 +01:00
Chris Wright
32be79dcfa Fix stream_select() issue with OpenSSL buffer 
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed

Addresses bug #65137
https://bugs.php.net/bug.php?id=65137

Conflicts:
	ext/openssl/xp_ssl.c
 2014-08-27 13:25:50 +01:00
Daniel Lowrey
546a32e2b3 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #67850: Build when OpenSSL compiled without SSLv3 support

Conflicts:
	ext/openssl/xp_ssl.c
 2014-08-25 18:16:38 +02:00
Daniel Lowrey
640214701c Bug #67850: Build when OpenSSL compiled without SSLv3 support 2014-08-25 17:28:09 +02:00
Anatol Belski
8b8297170e Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix TS build
 2014-08-07 19:50:45 +02:00
Anatol Belski
75991561d6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix TS build
 2014-08-07 19:50:25 +02:00
Anatol Belski
84a4041ba4 fix TS build 2014-08-07 19:49:59 +02:00
Daniel Lowrey
98e67add15 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #41631: Observe socket read timeouts in SSL streams

Conflicts:
	ext/openssl/xp_ssl.c
 2014-08-07 12:07:55 -04:00
Daniel Lowrey
5ac2e5f850 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Bug #41631: Observe socket read timeouts in SSL streams
 2014-08-07 11:51:42 -04:00
Daniel Lowrey
6569db8808 Bug #41631: Observe socket read timeouts in SSL streams 2014-08-07 11:47:42 -04:00
Tjerk Meesters
8f345a7148 Moved streams related functions to xp_ssl.c 2014-07-31 12:17:17 +08:00
Tjerk Meesters
a7dad26c4b Wildcards should only be used in the first name component; fixed comment style 2014-07-29 19:15:01 +08:00
Stanislav Malyshev
c41ca94824 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix missing type checks in various functions

Conflicts:
	ext/openssl/openssl.c
 2014-07-28 00:37:32 -07:00
Stanislav Malyshev
531be9662f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix missing type checks in various functions
 2014-07-28 00:34:27 -07:00
Stanislav Malyshev
b4a4db467b Fix missing type checks in various functions 2014-07-27 02:42:49 -07:00
Tjerk Meesters
38e714ece5 Fixed #67666 - Subject altName doesn't match wildcards 2014-07-24 14:36:31 +08:00
Lior Kaplan
cbcbf73fe8 Add ifdef on ecdh for single_ecdh_use 
Allows build with OpenSSL < 0.9.8
 2014-07-16 00:10:29 +03:00
Remi Collet
e9c9169e05 skip this test which fails without network 2014-06-20 06:45:16 +02:00
Remi Collet
fc36277eb6 Fix test on modern distro where old unsecure algo are disabled in openssl config. 
Testing recent algo should be enough to check this function.
 2014-06-16 09:42:55 +02:00
Stanislav Malyshev
3d9f922c03 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:50 -07:00
Stanislav Malyshev
4946dc1ab9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added support for parsing ssl certificates using GeneralizedTime format.
 2014-06-08 14:19:16 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Chuan Ma
f413a77b3d Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:36:17 -07:00
Stanislav Malyshev
8bc82718ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66942: openssl_seal() memory leak
  ws fix

Conflicts:
	ext/openssl/openssl.c
 2014-04-14 13:35:24 -07:00
Chuan Ma
a186312832 Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:24:14 -07:00
Daniel Lowrey
0e023e9784 Bug #66840: Fix broken build when extension built separately 2014-04-13 15:17:50 -06:00
Remi Collet
89dc5924c9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  NEWS
  Fixed Bug #66833 Default digest algo is still MD5
  Fix 5.5.10 NEWS
 2014-03-14 09:52:47 +01:00
Remi Collet
e1d8c0a051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  NEWS
  Fixed Bug #66833 Default digest algo is still MD5
 2014-03-14 09:52:02 +01:00
Remi Collet
17f6391bf8 Fixed Bug #66833 Default digest algo is still MD5 
Switch to SHA1, which match internal openssl hardcoded algo.

In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value

Recent system reject MD5 digest, noticed in bug36732.phpt failure.

While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
 2014-03-14 09:50:15 +01:00
Lior Kaplan
f120463efe Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Typo fix: sicret -> secret
 2014-03-13 12:41:48 +02:00
Lior Kaplan
356c442558 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Typo fix: sicret -> secret
 2014-03-13 12:40:14 +02:00
Michael Meyer
737c187013 Typo fix: sicret -> secret 2014-03-13 12:37:25 +02:00
Remi Collet
518a6ed95b Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
 2014-03-06 10:16:30 +01:00
Remi Collet
7d5c11c235 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
 2014-03-06 10:16:16 +01:00
Remi Collet
721b9a7c8d Set default Digest Message to use SHA1 instead of MD5 in openssl tests 
as MD5 signature are now rejected by newer openssl Version.

Noticed in RHEL-7 and Fedora 21 build.
 2014-03-06 10:14:08 +01:00
Daniel Lowrey
fad14e3180 Add encrypted server SNI support 
- New "SNI_server_certs" context option maps host names to
  appropriate certs should client handshakes advertise the
  SNI extension:

    $ctx = stream_context_create(["ssl" => [
        "local_cert" => "/path/to/cert.pem",
        "SNI_server_certs" => [
            "domain1.com" => "/path/to/domain1.pem",
            "*.domain2.com" => "/path/to/domain2.pem",
            "domain3.com" => "/path/to/domain3.pem"
        ]
    ]]);

- Prefixing a "*." will utilize the matching cert if a client
  requests the primary host name or any subdomain thereof. So
  in the above example our "domain2.pem" will be used for both
  requests to "domain2.com" -and- "subdomain.domain2.com"
- The "SNI_server_certs" ctx option has no effect for client
  streams.
- SNI support is enabled by default as of 5.6 for both servers
  and clients. Servers must specify the "SNI_server_certs" array
  to actually use the SNI extension, though.
- If the `"SNI_enabled" => false` ctx option is also passed then
  "SNI_server_certs" has no effect.
- While supporting SNI by itself is enough to successfully
  negotiate the TLS handshake with many clients, servers MUST
  still specify a "local_cert" ctx option or run the risk of
  connection failures from clients that do not support the SNI
  extension.
 2014-03-05 10:03:33 -07:00
datibbaw
020e161966 Raise timeout to 2s, reworded ssl timeout warning 2014-03-05 10:03:23 -07:00