php-src

mirror of https://github.com/php/php-src.git synced 2025-08-18 23:18:56 +02:00

Author	SHA1	Message	Date
Remi Collet	89dc5924c9	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: NEWS NEWS Fixed Bug #66833 Default digest algo is still MD5 Fix 5.5.10 NEWS	2014-03-14 09:52:47 +01:00
Remi Collet	e1d8c0a051	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: NEWS Fixed Bug #66833 Default digest algo is still MD5	2014-03-14 09:52:02 +01:00
Remi Collet	17f6391bf8	Fixed Bug #66833 Default digest algo is still MD5 Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (default_md) - fallback on system config - fallback on this default value Recent system reject MD5 digest, noticed in bug36732.phpt failure. While SHA1 is better than MD5, SHA256 is recommenced, and defined as default algo in provided configuration on recent system (Fedora 21, RHEL-7, ...). But the idea is to keep in sync with openssl internal value for PHP internal value.	2014-03-14 09:50:15 +01:00
Lior Kaplan	f120463efe	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: Typo fix: sicret -> secret	2014-03-13 12:41:48 +02:00
Lior Kaplan	356c442558	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Typo fix: sicret -> secret	2014-03-13 12:40:14 +02:00
Michael Meyer	737c187013	Typo fix: sicret -> secret	2014-03-13 12:37:25 +02:00
Daniel Lowrey	27849c998a	Refactor + reorganize openssl files - All streams-related code now lives in xp_ssl.c. Previously stream code was split across both openssl.c and xp_ssl.c - Folded superfluous php_openssl_structs.h into xp_ssl.c - Server-specific options now set on SSL_CTX instead of SSL - Deprecate SNI_server_name ctx option - Miscellaneous refactoring	2014-03-05 10:03:11 -07:00
Chris Wright	e8995c8cb0	Windows cert verify improvements + leak fixes - Clean up properly at all fail points in native Windows peer verification routine - Bring certificate usages and chain flags into line with chromium implementation in windows environments	2014-03-02 10:30:21 -07:00
Daniel Lowrey	d0a6f8c68e	Deprecate CN_match in favor of peer_name in SSL contexts	2014-02-26 13:20:06 -07:00
Anatol Belski	82a98f6e52	kick redundant include this is already present from php.h	2014-02-26 11:23:43 +01:00
Daniel Lowrey	bd95716b8e	Merge branch 'windowsPeerVerification' of https://github.com/DaveRandom/php-src into PHP-5.6 * 'windowsPeerVerification' of https://github.com/DaveRandom/php-src: Update openssl tests with new server/client test harness Add peer certificate verification on windows	2014-02-25 12:43:52 -07:00
Daniel Lowrey	f8fe09dcef	Tolerate non-standard newlines when parsing stream CA files	2014-02-25 09:59:13 -07:00
Daniel Lowrey	47b5873c5d	Change openssl directives to PHP_INI_PERDIR Because openssl.cafile and openssl.capath have implications for security these directives have been changed to PHP_INI_PERDIR (previously PHP_INI_ALL)	2014-02-25 09:59:13 -07:00
Chris Wright	480e4f8541	Add peer certificate verification on windows Peer certificate verification on Windows using the native certificate store and the Windows API	2014-02-25 16:51:49 +00:00
Anatol Belski	5b6ef90bc0	fix linkage "extern inline" looks like tricky case for portability, but extern is required with VS. So reduce the case to a starndard one to avoid unporbatibily.	2014-02-21 23:09:16 +01:00
Daniel Lowrey	b6edbd5897	Mitigate client-initiated SSL renegotiation DoS	2014-02-21 06:31:56 -07:00
Daniel Lowrey	3a9829af20	Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests	2014-02-20 17:10:06 -07:00
Daniel Lowrey	df6bfe3be2	Add openssl_get_cert_locations() function	2014-02-20 17:10:06 -07:00
Daniel Lowrey	258d04df5c	Explicitly set cert verify depth if not specified	2014-02-20 17:10:06 -07:00
Daniel Lowrey	225f534b1a	Strengthen default cipher list	2014-02-20 17:10:06 -07:00
Daniel Lowrey	e272225e2a	Merge branch 'bug-65538' of https://github.com/rdlowrey/php-src into PHP-5.6 * 'bug-65538' of https://github.com/rdlowrey/php-src: Add tests for Bug #65538 Fix Bug #65538 (cafile now supports stream wrappers)	2014-02-19 04:17:33 -07:00
Daniel Lowrey	d9036d14f7	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: Skip failing tests when EC unavailable (RHEL)	2014-02-19 04:01:57 -07:00
Daniel Lowrey	a7d3606650	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Skip failing tests when EC unavailable (RHEL) Conflicts: ext/openssl/openssl.c	2014-02-19 04:01:08 -07:00
Daniel Lowrey	633f898f15	Skip failing tests when EC unavailable (RHEL)	2014-02-19 03:57:37 -07:00
Daniel Lowrey	4e4d319e62	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: Fixed broken build when EC unavailable	2014-02-17 19:38:49 -05:00
Daniel Lowrey	bd9aa181dc	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fixed broken build when EC unavailable	2014-02-17 19:38:30 -05:00
Daniel Lowrey	a80cec1190	Fixed broken build when EC unavailable	2014-02-17 18:55:39 -05:00
Daniel Lowrey	c7220dc6c5	Fix Bug #65538 (cafile now supports stream wrappers)	2014-02-16 08:47:37 -07:00
Daniel Lowrey	b60cb2b88a	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: Fix for bug66501 - "key type not supported in this PHP build"	2014-02-14 18:20:01 -07:00
Daniel Lowrey	65adb74984	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix for bug66501 - "key type not supported in this PHP build"	2014-02-14 18:15:24 -07:00
mk-j	19524fc6fe	Fix for bug66501 - "key type not supported in this PHP build"	2014-02-14 18:11:46 -07:00
Daniel Lowrey	ce8dc0ede2	Bug #47030 (separate host and peer verification)	2014-02-14 15:17:30 -07:00
Daniel Lowrey	b4b4d9697f	Verify peers by default in client socket operations	2014-01-28 10:05:56 -07:00
Daniel Lowrey	68883318aa	Prevent invalid SAN peer verification on null byte prefix attack	2014-01-27 14:51:22 -07:00
Xinchen Hui	c081ce628f	Bump year	2014-01-03 11:08:10 +08:00
Xinchen Hui	47c9027772	Bump year	2014-01-03 11:06:16 +08:00
Xinchen Hui	c0d060f5c0	Bump year	2014-01-03 11:04:26 +08:00
Stanislav Malyshev	293984ac33	Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse	2013-12-10 11:36:06 -08:00
Stanislav Malyshev	41cd533298	Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse	2013-12-10 11:35:26 -08:00
Stanislav Malyshev	71daf3229b	Merge branch 'PHP-5.3' into PHP-5.4 * PHP-5.3: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse Conflicts: configure.in main/php_version.h	2013-12-10 11:34:35 -08:00
Stanislav Malyshev	c1224573c7	Fix CVE-2013-6420 - memory corruption in openssl_x509_parse	2013-12-10 11:03:49 -08:00
Michael Wallner	c86862cb3c	Merge branch 'openssl_compile_warning_fix' of https://github.com/bukka/php-src * 'openssl_compile_warning_fix' of https://github.com/bukka/php-src: Fix compiler warnings in openssl.c	2013-10-18 12:03:02 +02:00
Michael Wallner	3f2fba4c34	Merge branch 'updated_tls_support' of https://github.com/rdlowrey/php-src * 'updated_tls_support' of https://github.com/rdlowrey/php-src: Added support for TLSv1.1 and TLSv1.2 Conflicts: ext/openssl/xp_ssl.c	2013-10-17 15:27:15 +02:00
Michael Wallner	dd3a4c303b	Merge branch 'PHP-5.5' * PHP-5.5: Revert "TLS news" Revert "Added support for TLSv1.1 and TLSv1.2"	2013-10-17 15:22:07 +02:00
Michael Wallner	8aaecef524	Revert "Added support for TLSv1.1 and TLSv1.2" This reverts commit `2aaa3d538a`.	2013-10-17 15:20:38 +02:00
Michael Wallner	5a7ca69e56	Merge branch 'PHP-5.5' * PHP-5.5: Added support for TLSv1.1 and TLSv1.2 Conflicts: ext/openssl/xp_ssl.c	2013-10-17 14:53:50 +02:00
Daniel Lowrey	2aaa3d538a	Added support for TLSv1.1 and TLSv1.2 Conflicts: ext/openssl/xp_ssl.c	2013-10-17 14:49:44 +02:00
Jakub Zelenka	c092d286fc	Fix compiler warnings in openssl.c	2013-10-13 15:52:39 +01:00
Daniel Lowrey	9d57243794	Fixes broken zts build (recent openssl changes)	2013-10-12 22:28:15 +02:00
Michael Wallner	e2d123a720	C89	2013-10-09 17:16:25 +02:00

1 2 3 4 5 ...

378 commits