archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
112493 commits 526 branches 1434 tags 877 MiB
Commit graph

787 commits

Author SHA1 Message Date
Lior Kaplan
356c442558 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Typo fix: sicret -> secret
 2014-03-13 12:40:14 +02:00
Michael Meyer
737c187013 Typo fix: sicret -> secret 2014-03-13 12:37:25 +02:00
Daniel Lowrey
1f5459572e Merge branch 'PHP-5.6' 
* PHP-5.6:
  Add encrypted server SNI support
  Raise timeout to 2s, reworded ssl timeout warning
  Refactor + reorganize openssl files
 2014-03-05 10:23:54 -07:00
Daniel Lowrey
27849c998a Refactor + reorganize openssl files 
- All streams-related code now lives in xp_ssl.c. Previously
  stream code was split across both openssl.c and xp_ssl.c
- Folded superfluous php_openssl_structs.h into xp_ssl.c
- Server-specific options now set on SSL_CTX instead of SSL
- Deprecate SNI_server_name ctx option
- Miscellaneous refactoring
 2014-03-05 10:03:11 -07:00
Daniel Lowrey
41bde3f0a7 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Capture peer cert even if verify fails
  Windows cert verify improvements + leak fixes
 2014-03-02 10:39:03 -07:00
Chris Wright
e8995c8cb0 Windows cert verify improvements + leak fixes 
- Clean up properly at all fail points in native Windows peer
  verification routine
- Bring certificate usages and chain flags into line with chromium
  implementation in windows environments
 2014-03-02 10:30:21 -07:00
Daniel Lowrey
ed00de58bf Merge branch 'PHP-5.6' 
* PHP-5.6:
  Deprecate CN_match in favor of peer_name in SSL contexts
 2014-02-26 13:24:07 -07:00
Daniel Lowrey
d0a6f8c68e Deprecate CN_match in favor of peer_name in SSL contexts 2014-02-26 13:20:06 -07:00
Anatol Belski
8ece03a679 Merge branch 'PHP-5.6' 
* PHP-5.6:
  kick redundant include
 2014-02-26 11:24:22 +01:00
Anatol Belski
82a98f6e52 kick redundant include 
this is already present from php.h
 2014-02-26 11:23:43 +01:00
Daniel Lowrey
33914b5166 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Remove test case invalidated by openssl.cafile accessibility change
  Tolerate non-standard newlines when parsing stream CA files
  Remove openssl tests that shouldn't have survived last merge
  Add openssl.cafile ini check when loading cainfo
  Change openssl directives to PHP_INI_PERDIR
  Update openssl tests with new server/client test harness
  Add peer certificate verification on windows
 2014-02-25 13:27:10 -07:00
Daniel Lowrey
bd95716b8e Merge branch 'windowsPeerVerification' of https://github.com/DaveRandom/php-src into PHP-5.6 
* 'windowsPeerVerification' of https://github.com/DaveRandom/php-src:
  Update openssl tests with new server/client test harness
  Add peer certificate verification on windows
 2014-02-25 12:43:52 -07:00
Daniel Lowrey
f8fe09dcef Tolerate non-standard newlines when parsing stream CA files 2014-02-25 09:59:13 -07:00
Daniel Lowrey
47b5873c5d Change openssl directives to PHP_INI_PERDIR 
Because openssl.cafile and openssl.capath have implications for
security these directives have been changed to PHP_INI_PERDIR
(previously PHP_INI_ALL)
 2014-02-25 09:59:13 -07:00
Chris Wright
480e4f8541 Add peer certificate verification on windows 
Peer certificate verification on Windows using the native certificate store and the Windows API
 2014-02-25 16:51:49 +00:00
Anatol Belski
38d02db86d Merge branch 'PHP-5.6' 
* PHP-5.6:
  fix linkage
  More openssl UPGRADING updates
  Fix build against older OpenSSL libs
  Update NEWS/UPGRADING with openssl additions
 2014-02-21 23:14:48 +01:00
Anatol Belski
5b6ef90bc0 fix linkage 
"extern inline" looks like tricky case for portability, but extern
is required with VS. So reduce the case to a starndard one to avoid
unporbatibily.
 2014-02-21 23:09:16 +01:00
Daniel Lowrey
1268bd6045 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Mitigate client-initiated SSL renegotiation DoS
 2014-02-21 09:15:53 -07:00
Daniel Lowrey
b6edbd5897 Mitigate client-initiated SSL renegotiation DoS 2014-02-21 06:31:56 -07:00
Daniel Lowrey
86d9235de5 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Improve OpenSSL compile flag compatibility, minor updates
  Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests
  Improve server forward secrecy, refactor client SNI
  Add 'honor_cipher_order' server context option
  Add 'capture_session_meta' context option
  Disable TLS compression by default in both clients and servers
  Release ssl buffers
  Add openssl_get_cert_locations() function
  Explicitly set cert verify depth if not specified
  Strengthen default cipher list
 2014-02-20 17:46:54 -07:00
Daniel Lowrey
3a9829af20 Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests 2014-02-20 17:10:06 -07:00
Daniel Lowrey
df6bfe3be2 Add openssl_get_cert_locations() function 2014-02-20 17:10:06 -07:00
Daniel Lowrey
258d04df5c Explicitly set cert verify depth if not specified 2014-02-20 17:10:06 -07:00
Daniel Lowrey
225f534b1a Strengthen default cipher list 2014-02-20 17:10:06 -07:00
Daniel Lowrey
af318419ad Merge branch 'PHP-5.6' 
* PHP-5.6:
  Add tests for Bug #65538
  Fix Bug #65538 (cafile now supports stream wrappers)
 2014-02-19 04:19:30 -07:00
Daniel Lowrey
e272225e2a Merge branch 'bug-65538' of https://github.com/rdlowrey/php-src into PHP-5.6 
* 'bug-65538' of https://github.com/rdlowrey/php-src:
  Add tests for Bug #65538
  Fix Bug #65538 (cafile now supports stream wrappers)
 2014-02-19 04:17:33 -07:00
Daniel Lowrey
4c1baa8263 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Skip failing tests when EC unavailable (RHEL)
 2014-02-19 04:03:16 -07:00
Daniel Lowrey
d9036d14f7 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Skip failing tests when EC unavailable (RHEL)
 2014-02-19 04:01:57 -07:00
Daniel Lowrey
a7d3606650 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Skip failing tests when EC unavailable (RHEL)

Conflicts:
	ext/openssl/openssl.c
 2014-02-19 04:01:08 -07:00
Daniel Lowrey
633f898f15 Skip failing tests when EC unavailable (RHEL) 2014-02-19 03:57:37 -07:00
Daniel Lowrey
491d492ada Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fixed broken build when EC unavailable
 2014-02-17 19:39:43 -05:00
Daniel Lowrey
4e4d319e62 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed broken build when EC unavailable
 2014-02-17 19:38:49 -05:00
Daniel Lowrey
bd9aa181dc Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed broken build when EC unavailable
 2014-02-17 19:38:30 -05:00
Daniel Lowrey
a80cec1190 Fixed broken build when EC unavailable 2014-02-17 18:55:39 -05:00
Daniel Lowrey
c7220dc6c5 Fix Bug #65538 (cafile now supports stream wrappers) 2014-02-16 08:47:37 -07:00
Daniel Lowrey
1b4af87af4 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:24:04 -07:00
Daniel Lowrey
b60cb2b88a Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:20:01 -07:00
Daniel Lowrey
65adb74984 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix for bug66501 - "key type not supported in this PHP build"
 2014-02-14 18:15:24 -07:00
mk-j
19524fc6fe Fix for bug66501 - "key type not supported in this PHP build" 2014-02-14 18:11:46 -07:00
Daniel Lowrey
89292d95ad Add missing TSRMLS_CC 2014-02-14 17:27:29 -07:00
Daniel Lowrey
ce8dc0ede2 Bug #47030 (separate host and peer verification) 2014-02-14 15:17:30 -07:00
Daniel Lowrey
b4b4d9697f Verify peers by default in client socket operations 2014-01-28 10:05:56 -07:00
Daniel Lowrey
68883318aa Prevent invalid SAN peer verification on null byte prefix attack 2014-01-27 14:51:22 -07:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Stanislav Malyshev
293984ac33 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:36:06 -08:00
Stanislav Malyshev
41cd533298 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
 2013-12-10 11:35:26 -08:00
Stanislav Malyshev
71daf3229b Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse

Conflicts:
	configure.in
	main/php_version.h
 2013-12-10 11:34:35 -08:00
Stanislav Malyshev
c1224573c7 Fix CVE-2013-6420 - memory corruption in openssl_x509_parse 2013-12-10 11:03:49 -08:00