archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-17 06:28:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
122692 commits 526 branches 1434 tags 868 MiB
Commit graph

1665 commits

Author SHA1 Message Date
Nikita Popov
3e01f5afb1 Replace zend_bool uses with bool 
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.
 2021-01-15 12:33:06 +01:00
Nikita Popov
4b544f25ef Merge branch 'PHP-8.0' 
* PHP-8.0:
  Try to fix intermittent failures of stream_server_reneg_limit.phpt on macos
 2021-01-04 14:33:02 +01:00
Nikita Popov
af7445b9ac Try to fix intermittent failures of stream_server_reneg_limit.phpt on macos 
Make sure the server has started up before we try to connect to it.
 2021-01-04 14:31:42 +01:00
Nikita Popov
4ce33486d7 Merge branch 'PHP-8.0' 
* PHP-8.0:
  Next attempt to fix bug #80368
 2020-11-30 15:17:35 +01:00
Nikita Popov
32cd5a1bc8 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Next attempt to fix bug #80368
 2020-11-30 15:17:27 +01:00
Nikita Popov
ecee3f1209 Next attempt to fix bug #80368 
Apparently treating LibreSSL as OpenSSL 1.1 is not just something
we did in our code, it's something that upstream LibreSSL claims,
despite not actually being compatible. Duh.

Check for EVP_CIPH_OCB_MODE instead, which should reliably
determine support...
 2020-11-30 15:15:59 +01:00
Jakub Zelenka
4662a8c893 Merge branch 'PHP-8.0' 2020-11-27 16:35:46 +00:00
Jakub Zelenka
a87d620543 Merge branch 'PHP-7.4' into PHP-8.0 2020-11-27 16:35:16 +00:00
Jakub Zelenka
b855907f54 Merge branch 'PHP-7.3' into PHP-7.4 2020-11-27 16:33:47 +00:00
Jakub Zelenka
685708160e Fix test for bug62890 to not depend on system cert store 2020-11-27 16:32:43 +00:00
Nikita Popov
d56e255445 Merge branch 'PHP-8.0' 
* PHP-8.0:
  Fixed bug #80368
 2020-11-27 10:58:40 +01:00
Nikita Popov
f4e1768e21 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fixed bug #80368
 2020-11-27 10:58:34 +01:00
Nikita Popov
0f579fd7c8 Fixed bug #80368 
We assume that usually LibreSSL supports everything OpenSSL 1.1 does.
In this instance, this is not the case.
 2020-11-27 10:57:19 +01:00
Jakub Zelenka
c3a6debc08 Bump minimal OpenSSL version to 1.0.2 2020-11-01 20:10:37 +00:00
Nikita Popov
87d2bb7424 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix CCM tag length setting for old OpenSSL versions
 2020-10-20 10:52:50 +02:00
Nikita Popov
1359f793ee Fix CCM tag length setting for old OpenSSL versions 
While OpenSSL 1.1 allows unconditionally setting the CCM tag length
even for decryption, some older versions apparently do not. As such,
we do need to treat CCM and OCB separately after all.
 2020-10-20 10:50:50 +02:00
Nikita Popov
7727a02276 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix bug #79983: Add support for OCB mode
 2020-10-19 11:09:17 +02:00
Nikita Popov
750a74ed9c Fix bug #79983: Add support for OCB mode 
OCB mode ciphers were already exposed to openssl_encrypt/decrypt,
but misbehaved, because they were not treated as AEAD ciphers.
From that perspective, OCB should be treated the same way as GCM.
In OpenSSL 1.1 the necessary controls were unified under
EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1).

Closes GH-6337.
 2020-10-19 11:09:00 +02:00
Nikita Popov
251af7329f Fix nullability of openssl_cms_sign() parameter 2020-10-14 11:34:15 +02:00
Nikita Popov
2540f68d0e Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Allow passing $tag for non-authenticated encryption
 2020-10-14 10:56:51 +02:00
Nikita Popov
6c6a58e930 Allow passing $tag for non-authenticated encryption 
openssl_encrypt() currently throws a warning if the $tag out
parameter is passed for a non-authenticated cipher. This violates
the principle that a function should behave the same if a parameter
is not passed, and if the default value is passed for the parameter.

I believe this warning should simply be dropped and the $tag be
populated with null, as is already the case. Otherwise, it is not
possible to use openssl_encrypt() in generic wrapper APIs, that are
compatible with both authenticated and non-authenticated encryption.

Closes GH-6333.
 2020-10-14 10:54:06 +02:00
Nikita Popov
2cd2ca8884 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Revert "Add missing X509 purpose constants"
 2020-10-12 12:56:21 +02:00
Nikita Popov
41e4a77077 Revert "Add missing X509 purpose constants" 
This reverts commit 1e53e14bc3.

This fails on Travis.
 2020-10-12 12:56:07 +02:00
Nikita Popov
da60849fa1 Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Add missing X509 purpose constants
 2020-10-12 11:53:22 +02:00
Vincent JARDIN
1e53e14bc3 Add missing X509 purpose constants 
X509_PURPOSE_OCSP_HELPER, X509_PURPOSE_TIMESTAMP_SIGN are available
from OpenSSL for many years:

  - X509_PURPOSE_OCSP_HELPER, since 2001
  - X509_PURPOSE_TIMESTAMP_SIGN, since 2006

Also drop the ifdef check for X509_PURPOSE_ANY, as it is always
available in supported OpenSSL versions.

Closes GH-6312.
 2020-10-12 11:51:08 +02:00
Nikita Popov
62c6d6952e Add test instantiating all objects 
Intended to find issues in opaque object destructors.

Closes GH-6251.
 2020-10-01 18:37:24 +02:00
Stanislav Malyshev
e14f835d8c Merge branch 'PHP-7.4' 
* PHP-7.4:
  Update UPGRADING
  Update UPGRADING
  Update NEWS & UPGRADING
  Do not decode cookie names anymore
  Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
 2020-09-28 22:55:37 -07:00
Stanislav Malyshev
c4dc080245 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Update UPGRADING
  Update NEWS & UPGRADING
  Do not decode cookie names anymore
  Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
 2020-09-28 22:54:57 -07:00
Stanislav Malyshev
2f5cb702ff Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV) 2020-09-28 21:43:11 -07:00
Stanislav Malyshev
a9e4321846 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Update NEWS & UPGRADING
  Do not decode cookie names anymore
  Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
 2020-09-28 21:39:34 -07:00
Stanislav Malyshev
0216630ea2 Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV) 2020-09-26 23:46:53 -07:00
Máté Kocsis
9d9bcc2b7c
Improve parameter names in ext/hash and ext/openssl 
Closes GH-6156
 2020-09-24 22:15:30 +02:00
Nikita Popov
c5401854fc Run tidy 
This should fix most of the remaining issues with tabs and spaces
being mixed in tests.
 2020-09-18 14:28:32 +02:00
Remi Collet
effa3b0883 missing fix for test for new param. name 2020-09-16 07:58:53 +02:00
Máté Kocsis
fa5a25b8bb
Adjust ext/openssl parameter names 
Closes GH-6121
 2020-09-15 14:27:54 +02:00
Matteo Beccati
385423442a Fix broken test 
Since e8e4ddce
 2020-09-13 10:02:13 +02:00
Máté Kocsis
e8e4ddce77
Improve parameter handling in ext/openssl 
Closes GH-6025
 2020-09-12 22:08:41 +02:00
Máté Kocsis
c98d47696f
Consolidate new union type ZPP macro names 
They will now follow the canonical order of types. Older macros are
left intact due to maintaining BC.

Closes GH-6112
 2020-09-11 11:00:18 +02:00
Máté Kocsis
9975986b7e
Improve error messages mentioning parameters instead of arguments 
Closes GH-5999
 2020-09-09 10:47:43 +02:00
Nikita Popov
3e14942756 Require $method parameter in openssl_seal/openssl_open 
RC4 is considered insecure, and it's not possible to change the
default of these functions. As such, require the method to be
passed explicitly.

Closes GH-6093.
 2020-09-08 14:21:01 +02:00
George Peter Banyard
4522cbb789 Promote various OpenSSL warnings into Errors 
Closes GH-5111
 2020-08-16 18:59:52 +02:00
Nikita Popov
ca20f36b2a Fix types in openssl stub 
These two $recipcert parameters don't use proper union types
right now. They are a bit tricky due to the $recipkey -> $recipcert
fallback.
 2020-08-14 15:19:18 +02:00
Nikita Popov
90a2c79be0 Remove some unnnecessary null checks in openssl 
Remove null checks before EVP_PKEY_free and BIO_free. NULL is a
no-op for both of these. Probably applies to most other freeing
function as well...
 2020-08-10 12:10:30 +02:00
Nikita Popov
80d3ce3d19 Improve X509_PKEY management in OpenSSL 
Remove the free_pkey argument from php_openssl_pkey_from_zval,
instead return an EVP_PKEY that always needs to be freed
(by incrementing refcount if necessary).

This makes the code simpler and fixes a number of bugs in the
existing handling.

Closes GH-5946.
 2020-08-10 11:43:49 +02:00
Máté Kocsis
7aacc705d0
Add many missing closing PHP tags to tests 
Closes GH-5958
 2020-08-09 22:03:36 +02:00
Máté Kocsis
bdacd2ae8f
Add a few missing types to stubs 2020-08-01 23:55:08 +02:00
Máté Kocsis
9f44eca6b6
Convert resources to objects in ext/openssl 
Closes GH-5860

Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
 2020-08-01 22:47:20 +02:00
Nikita Popov
80b4d49f90 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fixed bug #79881
 2020-07-22 10:21:29 +02:00
Nikita Popov
657a832a77 Fixed bug #79881 2020-07-22 10:21:24 +02:00
Max Semenik
2b5de6f839
Remove proto comments from C files 
Closes GH-5758
 2020-07-06 21:13:34 +02:00