]> git.pld-linux.org Git - packages/php.git/blob - openssl.patch
projects / packages / php.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- fix building with icu 69
[packages/php.git] / openssl.patch
1 diff -urNp -x '*.orig' php-5.6.40.org/ext/openssl/openssl.c php-5.6.40/ext/openssl/openssl.c
2 --- php-5.6.40.org/ext/openssl/openssl.c        2021-08-23 23:18:57.552489303 +0200
3 +++ php-5.6.40/ext/openssl/openssl.c    2021-08-23 23:18:58.475821680 +0200
4 @@ -531,6 +531,14 @@ zend_module_entry openssl_module_entry =
5  ZEND_GET_MODULE(openssl)
6  #endif
7  
8 +/* {{{ OpenSSL compatibility functions and macros */
9 +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
10 +#define EVP_PKEY_get0_RSA(_pkey) _pkey->pkey.rsa
11 +#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh
12 +#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa
13 +#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec
14 +#endif
15 +
16  static int le_key;
17  static int le_x509;
18  static int le_csr;
19 @@ -1053,9 +1061,11 @@ static EVP_MD * php_openssl_get_evp_md_f
20                         mdtype = (EVP_MD *) EVP_md2();
21                         break;
22  #endif
23 +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
24                 case OPENSSL_ALGO_DSS1:
25                         mdtype = (EVP_MD *) EVP_dss1();
26                         break;
27 +#endif
28  #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
29                 case OPENSSL_ALGO_SHA224:
30                         mdtype = (EVP_MD *) EVP_sha224();
31 @@ -1893,6 +1903,7 @@ static int openssl_x509v3_subjectAltName
32  {
33         GENERAL_NAMES *names;
34         const X509V3_EXT_METHOD *method = NULL;
35 +       ASN1_OCTET_STRING *extension_data;
36         long i, length, num;
37         const unsigned char *p;
38  
39 @@ -1901,8 +1912,9 @@ static int openssl_x509v3_subjectAltName
40                 return -1;
41         }
42  
43 -       p = extension->value->data;
44 -       length = extension->value->length;
45 +       extension_data = X509_EXTENSION_get_data(extension);
46 +       p = extension_data->data;
47 +       length = extension_data->length;
48         if (method->it) {
49                 names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length,
50                                                        ASN1_ITEM_ptr(method->it)));
51 @@ -1965,6 +1977,8 @@ PHP_FUNCTION(openssl_x509_parse)
52         char * tmpstr;
53         zval * subitem;
54         X509_EXTENSION *extension;
55 +       X509_NAME *subject_name;
56 +       char *cert_name;
57         char *extname;
58         BIO  *bio_out;
59         BUF_MEM *bio_buf;
60 @@ -1979,12 +1993,12 @@ PHP_FUNCTION(openssl_x509_parse)
61         }
62         array_init(return_value);
63  
64 -       if (cert->name) {
65 -               add_assoc_string(return_value, "name", cert->name, 1);
66 -       }
67 -/*     add_assoc_bool(return_value, "valid", cert->valid); */
68 +       subject_name = X509_get_subject_name(cert);
69 +       cert_name = X509_NAME_oneline(subject_name, NULL, 0);
70 +       add_assoc_string(return_value, "name", cert_name, 1);
71 +       OPENSSL_free(cert_name);
72  
73 -       add_assoc_name_entry(return_value, "subject",           X509_get_subject_name(cert), useshortnames TSRMLS_CC);
74 +       add_assoc_name_entry(return_value, "subject",           subject_name, useshortnames TSRMLS_CC);
75         /* hash as used in CA directories to lookup cert by subject name */
76         {
77                 char buf[32];
78 @@ -2008,7 +2022,7 @@ PHP_FUNCTION(openssl_x509_parse)
79                 add_assoc_string(return_value, "alias", tmpstr, 1);
80         }
81  
82 -       sig_nid = OBJ_obj2nid((cert)->sig_alg->algorithm);
83 +       sig_nid = X509_get_signature_nid(cert);
84         add_assoc_string(return_value, "signatureTypeSN", (char*)OBJ_nid2sn(sig_nid), 1);
85         add_assoc_string(return_value, "signatureTypeLN", (char*)OBJ_nid2ln(sig_nid), 1);
86         add_assoc_long(return_value, "signatureTypeNID", sig_nid);
87 @@ -3482,13 +3496,20 @@ static int php_openssl_is_private_key(EV
88  {
89         assert(pkey != NULL);
90  
91 -       switch (pkey->type) {
92 +       switch (EVP_PKEY_id(pkey)) {
93  #ifndef NO_RSA
94                 case EVP_PKEY_RSA:
95                 case EVP_PKEY_RSA2:
96 -                       assert(pkey->pkey.rsa != NULL);
97 -                       if (pkey->pkey.rsa != NULL && (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)) {
98 -                               return 0;
99 +                       {
100 +                               RSA *rsa = EVP_PKEY_get0_RSA(pkey);
101 +                               if (rsa != NULL) {
102 +                                       const BIGNUM *p, *q;
103 +
104 +                                       RSA_get0_factors(rsa, &p, &q);
105 +                                       if (p == NULL || q == NULL) {
106 +                                               return 0;
107 +                                       }
108 +                               }
109                         }
110                         break;
111  #endif
112 @@ -3498,28 +3519,51 @@ static int php_openssl_is_private_key(EV
113                 case EVP_PKEY_DSA2:
114                 case EVP_PKEY_DSA3:
115                 case EVP_PKEY_DSA4:
116 -                       assert(pkey->pkey.dsa != NULL);
117 +                       {
118 +                               DSA *dsa = EVP_PKEY_get0_DSA(pkey);
119 +                               if (dsa != NULL) {
120 +                                       const BIGNUM *p, *q, *g, *pub_key, *priv_key;
121 +
122 +                                       DSA_get0_pqg(dsa, &p, &q, &g);
123 +                                       if (p == NULL || q == NULL) {
124 +                                               return 0;
125 +                                       }
126  
127 -                       if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key){ 
128 -                               return 0;
129 +                                       DSA_get0_key(dsa, &pub_key, &priv_key);
130 +                                       if (priv_key == NULL) {
131 +                                               return 0;
132 +                                       }
133 +                               }
134                         }
135                         break;
136  #endif
137  #ifndef NO_DH
138                 case EVP_PKEY_DH:
139 -                       assert(pkey->pkey.dh != NULL);
140 +                       {
141 +                               DH *dh = EVP_PKEY_get0_DH(pkey);
142 +                               if (dh != NULL) {
143 +                                       const BIGNUM *p, *q, *g, *pub_key, *priv_key;
144 +
145 +                                       DH_get0_pqg(dh, &p, &q, &g);
146 +                                       if (p == NULL) {
147 +                                               return 0;
148 +                                       }
149  
150 -                       if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key) {
151 -                               return 0;
152 +                                       DH_get0_key(dh, &pub_key, &priv_key);
153 +                                       if (priv_key == NULL) {
154 +                                               return 0;
155 +                                       }
156 +                               }
157                         }
158                         break;
159  #endif
160  #ifdef HAVE_EVP_PKEY_EC
161                 case EVP_PKEY_EC:
162 -                       assert(pkey->pkey.ec != NULL);
163 -
164 -                       if ( NULL == EC_KEY_get0_private_key(pkey->pkey.ec)) {
165 -                               return 0;
166 +                       {
167 +                               EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
168 +                               if (ec != NULL && NULL == EC_KEY_get0_private_key(ec)) {
169 +                                       return 0;
170 +                               }
171                         }
172                         break;
173  #endif
174 @@ -3531,42 +3575,89 @@ static int php_openssl_is_private_key(EV
175  }
176  /* }}} */
177  
178 -#define OPENSSL_PKEY_GET_BN(_type, _name) do {                                                 \
179 -               if (pkey->pkey._type->_name != NULL) {                                                  \
180 -                       int len = BN_num_bytes(pkey->pkey._type->_name);                        \
181 -                       char *str = emalloc(len + 1);                                                           \
182 -                       BN_bn2bin(pkey->pkey._type->_name, (unsigned char*)str);        \
183 -                       str[len] = 0;                                                   \
184 -                       add_assoc_stringl(_type, #_name, str, len, 0);                          \
185 -               }                                                                                                                               \
186 -       } while (0)
187 -
188 -#define OPENSSL_PKEY_SET_BN(_ht, _type, _name) do {                                            \
189 -               zval **bn;                                                                                                              \
190 -               if (zend_hash_find(_ht, #_name, sizeof(#_name), (void**)&bn) == SUCCESS && \
191 -                               Z_TYPE_PP(bn) == IS_STRING) {                                                   \
192 -                       _type->_name = BN_bin2bn(                                                                       \
193 -                               (unsigned char*)Z_STRVAL_PP(bn),                                                \
194 -                               Z_STRLEN_PP(bn), NULL);                                                                 \
195 -           }                                                               \
196 -       } while (0);
197 +#define OPENSSL_GET_BN(_array, _bn, _name) do { \
198 +       if (_bn != NULL) { \
199 +               int len = BN_num_bytes(_bn); \
200 +               char *str = emalloc(len + 1); \
201 +               BN_bn2bin(_bn, (unsigned char*)str); \
202 +               str[len] = 0; \
203 +               add_assoc_stringl(&_array, #_name, str, len, 0); \
204 +       } \
205 +} while (0);
206 +
207 +#define OPENSSL_PKEY_GET_BN(_type, _name) OPENSSL_GET_BN(_type, _name, _name)
208 +
209 +#define OPENSSL_PKEY_SET_BN(_data, _name) do { \
210 +       zval **bn; \
211 +       if (zend_hash_find(Z_ARRVAL_PP(_data), #_name, sizeof(#_name), (void**)bn) == SUCCESS && \
212 +                       Z_TYPE_PP(bn) == IS_STRING) { \
213 +               _name = BN_bin2bn( \
214 +                               (unsigned char*)Z_STRVAL_PP(bn), \
215 +                               (int)Z_STRLEN_PP(bn), NULL); \
216 +       } else { \
217 +               _name = NULL; \
218 +       } \
219 +} while (0);
220 +
221 +/* {{{ php_openssl_pkey_init_rsa */
222 +zend_bool php_openssl_pkey_init_and_assign_rsa(EVP_PKEY *pkey, RSA *rsa, zval **data)
223 +{
224 +       BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
225 +
226 +       OPENSSL_PKEY_SET_BN(data, n);
227 +       OPENSSL_PKEY_SET_BN(data, e);
228 +       OPENSSL_PKEY_SET_BN(data, d);
229 +       if (!n || !d || !RSA_set0_key(rsa, n, e, d)) {
230 +               return 0;
231 +       }
232 +
233 +       OPENSSL_PKEY_SET_BN(data, p);
234 +       OPENSSL_PKEY_SET_BN(data, q);
235 +       if ((p || q) && !RSA_set0_factors(rsa, p, q)) {
236 +               return 0;
237 +       }
238 +
239 +       OPENSSL_PKEY_SET_BN(data, dmp1);
240 +       OPENSSL_PKEY_SET_BN(data, dmq1);
241 +       OPENSSL_PKEY_SET_BN(data, iqmp);
242 +       if ((dmp1 || dmq1 || iqmp) && !RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) {
243 +               return 0;
244 +       }
245 +
246 +       if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
247 +               return 0;
248 +       }
249 +
250 +       return 1;
251 +}
252  
253  /* {{{ php_openssl_pkey_init_dsa */
254 -zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
255 +zend_bool php_openssl_pkey_init_dsa(DSA *dsa, zval **data)
256  {
257 -       if (!dsa->p || !dsa->q || !dsa->g) {
258 +       BIGNUM *p, *q, *g, *priv_key, *pub_key;
259 +       const BIGNUM *priv_key_const, *pub_key_const;
260 +
261 +       OPENSSL_PKEY_SET_BN(data, p);
262 +       OPENSSL_PKEY_SET_BN(data, q);
263 +       OPENSSL_PKEY_SET_BN(data, g);
264 +       if (!p || !q || !g || !DSA_set0_pqg(dsa, p, q, g)) {
265                 return 0;
266         }
267 -       if (dsa->priv_key || dsa->pub_key) {
268 -               return 1;
269 +       OPENSSL_PKEY_SET_BN(data, pub_key);
270 +       OPENSSL_PKEY_SET_BN(data, priv_key);
271 +       if (pub_key) {
272 +               return DSA_set0_key(dsa, pub_key, priv_key);
273         }
274 +
275 +       /* generate key */
276         PHP_OPENSSL_RAND_ADD_TIME();
277         if (!DSA_generate_key(dsa)) {
278                 return 0;
279         }
280         /* if BN_mod_exp return -1, then DSA_generate_key succeed for failed key
281          * so we need to double check that public key is created */
282 -       if (!dsa->pub_key || BN_is_zero(dsa->pub_key)) {
283 +       DSA_get0_key(dsa, &pub_key_const, &priv_key_const);
284 +       if (!pub_key_const || BN_is_zero(pub_key_const)) {
285                 return 0;
286         }
287         /* all good */
288 @@ -3574,15 +3665,68 @@ zend_bool php_openssl_pkey_init_dsa(DSA
289  }
290  /* }}} */
291  
292 +/* {{{ php_openssl_dh_pub_from_priv */
293 +static BIGNUM *php_openssl_dh_pub_from_priv(BIGNUM *priv_key, BIGNUM *g, BIGNUM *p)
294 +{
295 +       BIGNUM *pub_key, *priv_key_const_time;
296 +       BN_CTX *ctx;
297 +
298 +       pub_key = BN_new();
299 +       if (pub_key == NULL) {
300 +               return NULL;
301 +       }
302 +
303 +       priv_key_const_time = BN_new();
304 +       if (priv_key_const_time == NULL) {
305 +               BN_free(pub_key);
306 +               return NULL;
307 +       }
308 +       ctx = BN_CTX_new();
309 +       if (ctx == NULL) {
310 +               BN_free(pub_key);
311 +               BN_free(priv_key_const_time);
312 +               return NULL;
313 +       }
314 +
315 +       BN_with_flags(priv_key_const_time, priv_key, BN_FLG_CONSTTIME);
316 +
317 +       if (!BN_mod_exp_mont(pub_key, g, priv_key_const_time, p, ctx, NULL)) {
318 +               BN_free(pub_key);
319 +               pub_key = NULL;
320 +       }
321 +
322 +       BN_free(priv_key_const_time);
323 +       BN_CTX_free(ctx);
324 +
325 +       return pub_key;
326 +}
327 +/* }}} */
328 +
329  /* {{{ php_openssl_pkey_init_dh */
330 -zend_bool php_openssl_pkey_init_dh(DH *dh)
331 +zend_bool php_openssl_pkey_init_dh(DH *dh, zval **data)
332  {
333 -       if (!dh->p || !dh->g) {
334 +       BIGNUM *p, *q, *g, *priv_key, *pub_key;
335 +
336 +       OPENSSL_PKEY_SET_BN(data, p);
337 +       OPENSSL_PKEY_SET_BN(data, q);
338 +       OPENSSL_PKEY_SET_BN(data, g);
339 +       if (!p || !g || !DH_set0_pqg(dh, p, q, g)) {
340                 return 0;
341         }
342 -       if (dh->pub_key) {
343 -               return 1;
344 +       OPENSSL_PKEY_SET_BN(data, priv_key);
345 +       OPENSSL_PKEY_SET_BN(data, pub_key);
346 +       if (pub_key) {
347 +               return DH_set0_key(dh, pub_key, priv_key);
348 +       }
349 +       if (priv_key) {
350 +               pub_key = php_openssl_dh_pub_from_priv(priv_key, g, p);
351 +               if (pub_key == NULL) {
352 +                       return 0;
353 +               }
354 +               return DH_set0_key(dh, pub_key, priv_key);
355         }
356 +
357 +       /* generate key */
358         PHP_OPENSSL_RAND_ADD_TIME();
359         if (!DH_generate_key(dh)) {
360                 return 0;
361 @@ -3614,18 +3758,8 @@ PHP_FUNCTION(openssl_pkey_new)
362                     if (pkey) {
363                                 RSA *rsa = RSA_new();
364                                 if (rsa) {
365 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, n);
366 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, e);
367 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, d);
368 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, p);
369 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, q);
370 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmp1);
371 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmq1);
372 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, iqmp);
373 -                                       if (rsa->n && rsa->d) {
374 -                                               if (EVP_PKEY_assign_RSA(pkey, rsa)) {
375 -                                                       RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
376 -                                               }
377 +                                       if (php_openssl_pkey_init_and_assign_rsa(pkey, rsa, data)) {
378 +                                               RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
379                                         }
380                                         RSA_free(rsa);
381                                 }
382 @@ -3638,12 +3772,7 @@ PHP_FUNCTION(openssl_pkey_new)
383                     if (pkey) {
384                                 DSA *dsa = DSA_new();
385                                 if (dsa) {
386 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, p);
387 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, q);
388 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, g);
389 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, priv_key);
390 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, pub_key);
391 -                                       if (php_openssl_pkey_init_dsa(dsa)) {
392 +                                       if (php_openssl_pkey_init_dsa(dsa, data)) {
393                                                 if (EVP_PKEY_assign_DSA(pkey, dsa)) {
394                                                         RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
395                                                 }
396 @@ -3659,11 +3788,7 @@ PHP_FUNCTION(openssl_pkey_new)
397                     if (pkey) {
398                                 DH *dh = DH_new();
399                                 if (dh) {
400 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, p);
401 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, g);
402 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, priv_key);
403 -                                       OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, pub_key);
404 -                                       if (php_openssl_pkey_init_dh(dh)) {
405 +                                       if (php_openssl_pkey_init_dh(dh, data)) {
406                                                 if (EVP_PKEY_assign_DH(pkey, dh)) {
407                                                         RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
408                                                 }
409 @@ -3738,7 +3863,7 @@ PHP_FUNCTION(openssl_pkey_export_to_file
410                         cipher = NULL;
411                 }
412  
413 -               switch (EVP_PKEY_type(key->type)) {
414 +               switch (EVP_PKEY_base_id(key)) {
415  #ifdef HAVE_EVP_PKEY_EC
416                         case EVP_PKEY_EC:
417                                 pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
418 @@ -3807,7 +3932,7 @@ PHP_FUNCTION(openssl_pkey_export)
419                         cipher = NULL;
420                 }
421  
422 -               switch (EVP_PKEY_type(key->type)) {
423 +               switch (EVP_PKEY_base_id(key)) {
424  #ifdef HAVE_EVP_PKEY_EC
425                         case EVP_PKEY_EC:
426                                 pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
427 @@ -3928,25 +4053,32 @@ PHP_FUNCTION(openssl_pkey_get_details)
428         /*TODO: Use the real values once the openssl constants are used 
429          * See the enum at the top of this file
430          */
431 -       switch (EVP_PKEY_type(pkey->type)) {
432 +       switch (EVP_PKEY_base_id(pkey)) {
433                 case EVP_PKEY_RSA:
434                 case EVP_PKEY_RSA2:
435 -                       ktype = OPENSSL_KEYTYPE_RSA;
436 -
437 -                       if (pkey->pkey.rsa != NULL) {
438 -                               zval *rsa;
439 -
440 -                               ALLOC_INIT_ZVAL(rsa);
441 -                               array_init(rsa);
442 -                               OPENSSL_PKEY_GET_BN(rsa, n);
443 -                               OPENSSL_PKEY_GET_BN(rsa, e);
444 -                               OPENSSL_PKEY_GET_BN(rsa, d);
445 -                               OPENSSL_PKEY_GET_BN(rsa, p);
446 -                               OPENSSL_PKEY_GET_BN(rsa, q);
447 -                               OPENSSL_PKEY_GET_BN(rsa, dmp1);
448 -                               OPENSSL_PKEY_GET_BN(rsa, dmq1);
449 -                               OPENSSL_PKEY_GET_BN(rsa, iqmp);
450 -                               add_assoc_zval(return_value, "rsa", rsa);
451 +                       {
452 +                               RSA *rsa = EVP_PKEY_get0_RSA(pkey);
453 +                               ktype = OPENSSL_KEYTYPE_RSA;
454 +
455 +                               if (rsa != NULL) {
456 +                                       zval z_rsa;
457 +                                       const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
458 +
459 +                                       RSA_get0_key(rsa, &n, &e, &d);
460 +                                       RSA_get0_factors(rsa, &p, &q);
461 +                                       RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
462 +
463 +                                       array_init(&z_rsa);
464 +                                       OPENSSL_PKEY_GET_BN(z_rsa, n);
465 +                                       OPENSSL_PKEY_GET_BN(z_rsa, e);
466 +                                       OPENSSL_PKEY_GET_BN(z_rsa, d);
467 +                                       OPENSSL_PKEY_GET_BN(z_rsa, p);
468 +                                       OPENSSL_PKEY_GET_BN(z_rsa, q);
469 +                                       OPENSSL_PKEY_GET_BN(z_rsa, dmp1);
470 +                                       OPENSSL_PKEY_GET_BN(z_rsa, dmq1);
471 +                                       OPENSSL_PKEY_GET_BN(z_rsa, iqmp);
472 +                                       add_assoc_zval(return_value, "rsa", &z_rsa);
473 +                               }
474                         }
475  
476                         break;  
477 @@ -3954,42 +4086,53 @@ PHP_FUNCTION(openssl_pkey_get_details)
478                 case EVP_PKEY_DSA2:
479                 case EVP_PKEY_DSA3:
480                 case EVP_PKEY_DSA4:
481 -                       ktype = OPENSSL_KEYTYPE_DSA;
482 -
483 -                       if (pkey->pkey.dsa != NULL) {
484 -                               zval *dsa;
485 -
486 -                               ALLOC_INIT_ZVAL(dsa);
487 -                               array_init(dsa);
488 -                               OPENSSL_PKEY_GET_BN(dsa, p);
489 -                               OPENSSL_PKEY_GET_BN(dsa, q);
490 -                               OPENSSL_PKEY_GET_BN(dsa, g);
491 -                               OPENSSL_PKEY_GET_BN(dsa, priv_key);
492 -                               OPENSSL_PKEY_GET_BN(dsa, pub_key);
493 -                               add_assoc_zval(return_value, "dsa", dsa);
494 +                       {
495 +                               DSA *dsa = EVP_PKEY_get0_DSA(pkey);
496 +                               ktype = OPENSSL_KEYTYPE_DSA;
497 +
498 +                               if (dsa != NULL) {
499 +                                       zval z_dsa;
500 +                                       const BIGNUM *p, *q, *g, *priv_key, *pub_key;
501 +
502 +                                       DSA_get0_pqg(dsa, &p, &q, &g);
503 +                                       DSA_get0_key(dsa, &pub_key, &priv_key);
504 +
505 +                                       array_init(&z_dsa);
506 +                                       OPENSSL_PKEY_GET_BN(z_dsa, p);
507 +                                       OPENSSL_PKEY_GET_BN(z_dsa, q);
508 +                                       OPENSSL_PKEY_GET_BN(z_dsa, g);
509 +                                       OPENSSL_PKEY_GET_BN(z_dsa, priv_key);
510 +                                       OPENSSL_PKEY_GET_BN(z_dsa, pub_key);
511 +                                       add_assoc_zval(return_value, "dsa", &z_dsa);
512 +                               }
513                         }
514                         break;
515                 case EVP_PKEY_DH:
516 -                       
517 -                       ktype = OPENSSL_KEYTYPE_DH;
518 -
519 -                       if (pkey->pkey.dh != NULL) {
520 -                               zval *dh;
521 -
522 -                               ALLOC_INIT_ZVAL(dh);
523 -                               array_init(dh);
524 -                               OPENSSL_PKEY_GET_BN(dh, p);
525 -                               OPENSSL_PKEY_GET_BN(dh, g);
526 -                               OPENSSL_PKEY_GET_BN(dh, priv_key);
527 -                               OPENSSL_PKEY_GET_BN(dh, pub_key);
528 -                               add_assoc_zval(return_value, "dh", dh);
529 +                       {
530 +                               DH *dh = EVP_PKEY_get0_DH(pkey);
531 +                               ktype = OPENSSL_KEYTYPE_DH;
532 +
533 +                               if (dh != NULL) {
534 +                                       zval z_dh;
535 +                                       const BIGNUM *p, *q, *g, *priv_key, *pub_key;
536 +
537 +                                       DH_get0_pqg(dh, &p, &q, &g);
538 +                                       DH_get0_key(dh, &pub_key, &priv_key);
539 +
540 +                                       array_init(&z_dh);
541 +                                       OPENSSL_PKEY_GET_BN(z_dh, p);
542 +                                       OPENSSL_PKEY_GET_BN(z_dh, g);
543 +                                       OPENSSL_PKEY_GET_BN(z_dh, priv_key);
544 +                                       OPENSSL_PKEY_GET_BN(z_dh, pub_key);
545 +                                       add_assoc_zval(return_value, "dh", &z_dh);
546 +                               }
547                         }
548  
549                         break;
550  #ifdef HAVE_EVP_PKEY_EC
551                 case EVP_PKEY_EC:
552                         ktype = OPENSSL_KEYTYPE_EC;
553 -                       if (pkey->pkey.ec != NULL) {
554 +                       if (EVP_PKEY_get0_EC_KEY(pkey) != NULL) {
555                                 zval *ec;
556                                 const EC_GROUP *ec_group;
557                                 int nid;
558 @@ -4546,13 +4689,13 @@ PHP_FUNCTION(openssl_private_encrypt)
559         cryptedlen = EVP_PKEY_size(pkey);
560         cryptedbuf = emalloc(cryptedlen + 1);
561  
562 -       switch (pkey->type) {
563 +       switch (EVP_PKEY_id(pkey)) {
564                 case EVP_PKEY_RSA:
565                 case EVP_PKEY_RSA2:
566                         successful =  (RSA_private_encrypt(data_len, 
567                                                 (unsigned char *)data, 
568                                                 cryptedbuf, 
569 -                                               pkey->pkey.rsa, 
570 +                                               EVP_PKEY_get0_RSA(pkey),
571                                                 padding) == cryptedlen);
572                         break;
573                 default:
574 @@ -4604,13 +4747,13 @@ PHP_FUNCTION(openssl_private_decrypt)
575         cryptedlen = EVP_PKEY_size(pkey);
576         crypttemp = emalloc(cryptedlen + 1);
577  
578 -       switch (pkey->type) {
579 +       switch (EVP_PKEY_id(pkey)) {
580                 case EVP_PKEY_RSA:
581                 case EVP_PKEY_RSA2:
582                         cryptedlen = RSA_private_decrypt(data_len, 
583                                         (unsigned char *)data, 
584                                         crypttemp, 
585 -                                       pkey->pkey.rsa, 
586 +                                       EVP_PKEY_get0_RSA(pkey),
587                                         padding);
588                         if (cryptedlen != -1) {
589                                 cryptedbuf = emalloc(cryptedlen + 1);
590 @@ -4669,13 +4812,13 @@ PHP_FUNCTION(openssl_public_encrypt)
591         cryptedlen = EVP_PKEY_size(pkey);
592         cryptedbuf = emalloc(cryptedlen + 1);
593  
594 -       switch (pkey->type) {
595 +       switch (EVP_PKEY_id(pkey)) {
596                 case EVP_PKEY_RSA:
597                 case EVP_PKEY_RSA2:
598                         successful = (RSA_public_encrypt(data_len, 
599                                                 (unsigned char *)data, 
600 -                                               cryptedbuf, 
601 -                                               pkey->pkey.rsa, 
602 +                                               cryptedbuf,
603 +                                               EVP_PKEY_get0_RSA(pkey),
604                                                 padding) == cryptedlen);
605                         break;
606                 default:
607 @@ -4728,13 +4871,13 @@ PHP_FUNCTION(openssl_public_decrypt)
608         cryptedlen = EVP_PKEY_size(pkey);
609         crypttemp = emalloc(cryptedlen + 1);
610  
611 -       switch (pkey->type) {
612 +       switch (EVP_PKEY_id(pkey)) {
613                 case EVP_PKEY_RSA:
614                 case EVP_PKEY_RSA2:
615                         cryptedlen = RSA_public_decrypt(data_len, 
616                                         (unsigned char *)data, 
617 -                                       crypttemp, 
618 -                                       pkey->pkey.rsa, 
619 +                                       crypttemp,
620 +                                       EVP_PKEY_get0_RSA(pkey),
621                                         padding);
622                         if (cryptedlen != -1) {
623                                 cryptedbuf = emalloc(cryptedlen + 1);
624 @@ -4798,7 +4941,7 @@ PHP_FUNCTION(openssl_sign)
625         long keyresource = -1;
626         char * data;
627         int data_len;
628 -       EVP_MD_CTX md_ctx;
629 +       EVP_MD_CTX *md_ctx;
630         zval *method = NULL;
631         long signature_algo = OPENSSL_ALGO_SHA1;
632         const EVP_MD *mdtype;
633 @@ -4831,9 +4974,11 @@ PHP_FUNCTION(openssl_sign)
634         siglen = EVP_PKEY_size(pkey);
635         sigbuf = emalloc(siglen + 1);
636  
637 -       EVP_SignInit(&md_ctx, mdtype);
638 -       EVP_SignUpdate(&md_ctx, data, data_len);
639 -       if (EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, pkey)) {
640 +       md_ctx = EVP_MD_CTX_create();
641 +       if (md_ctx != NULL &&
642 +               EVP_SignInit(md_ctx, mdtype) &&
643 +               EVP_SignUpdate(md_ctx, data, data_len) &&
644 +               EVP_SignFinal(md_ctx, (unsigned char*)sigbuf, &siglen, pkey)) {
645                 zval_dtor(signature);
646                 sigbuf[siglen] = '\0';
647                 ZVAL_STRINGL(signature, (char *)sigbuf, siglen, 0);
648 @@ -4842,7 +4987,7 @@ PHP_FUNCTION(openssl_sign)
649                 efree(sigbuf);
650                 RETVAL_FALSE;
651         }
652 -       EVP_MD_CTX_cleanup(&md_ctx);
653 +       EVP_MD_CTX_destroy(md_ctx);
654         if (keyresource == -1) {
655                 EVP_PKEY_free(pkey);
656         }
657 @@ -4855,8 +5000,8 @@ PHP_FUNCTION(openssl_verify)
658  {
659         zval **key;
660         EVP_PKEY *pkey;
661 -       int err;
662 -       EVP_MD_CTX     md_ctx;
663 +       int err = 0;
664 +       EVP_MD_CTX     *md_ctx;
665         const EVP_MD *mdtype;
666         long keyresource = -1;
667         char * data;    int data_len;
668 @@ -4890,10 +5035,13 @@ PHP_FUNCTION(openssl_verify)
669                 RETURN_FALSE;
670         }
671  
672 -       EVP_VerifyInit   (&md_ctx, mdtype);
673 -       EVP_VerifyUpdate (&md_ctx, data, data_len);
674 -       err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
675 -       EVP_MD_CTX_cleanup(&md_ctx);
676 +       md_ctx = EVP_MD_CTX_create();
677 +       if (md_ctx != NULL) {
678 +               EVP_VerifyInit(md_ctx, mdtype);
679 +               EVP_VerifyUpdate (md_ctx, data, data_len);
680 +               err = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey);
681 +       }
682 +       EVP_MD_CTX_destroy(md_ctx);
683  
684         if (keyresource == -1) {
685                 EVP_PKEY_free(pkey);
686 @@ -4917,7 +5065,7 @@ PHP_FUNCTION(openssl_seal)
687         char *method =NULL;
688         int method_len = 0;
689         const EVP_CIPHER *cipher;
690 -       EVP_CIPHER_CTX ctx;
691 +       EVP_CIPHER_CTX *ctx;
692  
693         if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/|s", &data, &data_len, &sealdata, &ekeys, &pubkeys, &method, &method_len) == FAILURE) {
694                 return;
695 @@ -4968,9 +5116,10 @@ PHP_FUNCTION(openssl_seal)
696                 i++;
697         }
698  
699 -       if (!EVP_EncryptInit(&ctx,cipher,NULL,NULL)) {
700 +       ctx = EVP_CIPHER_CTX_new();
701 +       if (ctx == NULL || !EVP_EncryptInit(ctx,cipher,NULL,NULL)) {
702 +               EVP_CIPHER_CTX_free(ctx);
703                 RETVAL_FALSE;
704 -               EVP_CIPHER_CTX_cleanup(&ctx);
705                 goto clean_exit;
706         }
707  
708 @@ -4980,15 +5129,15 @@ PHP_FUNCTION(openssl_seal)
709         iv = ivlen ? emalloc(ivlen + 1) : NULL;
710  #endif
711         /* allocate one byte extra to make room for \0 */
712 -       buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
713 -       EVP_CIPHER_CTX_cleanup(&ctx);
714 +       buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx));
715 +       EVP_CIPHER_CTX_cleanup(ctx);
716  
717 -       if (EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 ||
718 -                       !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len) ||
719 -                       !EVP_SealFinal(&ctx, buf + len1, &len2)) {
720 +       if (EVP_SealInit(ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 ||
721 +                       !EVP_SealUpdate(ctx, buf, &len1, (unsigned char *)data, data_len) ||
722 +                       !EVP_SealFinal(ctx, buf + len1, &len2)) {
723                 RETVAL_FALSE;
724                 efree(buf);
725 -               EVP_CIPHER_CTX_cleanup(&ctx);
726 +               EVP_CIPHER_CTX_free(ctx);
727                 goto clean_exit;
728         }
729  
730 @@ -5019,7 +5168,7 @@ PHP_FUNCTION(openssl_seal)
731                 efree(buf);
732         }
733         RETVAL_LONG(len1 + len2);
734 -       EVP_CIPHER_CTX_cleanup(&ctx);
735 +       EVP_CIPHER_CTX_free(ctx);
736  
737  clean_exit:
738         for (i=0; i<nkeys; i++) {
739 @@ -5046,7 +5195,7 @@ PHP_FUNCTION(openssl_open)
740         int len1, len2;
741         unsigned char *buf;
742         long keyresource = -1;
743 -       EVP_CIPHER_CTX ctx;
744 +       EVP_CIPHER_CTX *ctx;
745         char * data;    int data_len;
746         char * ekey;    int ekey_len;
747         char *method =NULL;
748 @@ -5072,27 +5221,26 @@ PHP_FUNCTION(openssl_open)
749         } else {
750                 cipher = EVP_rc4();
751         }
752 -       
753 +
754         buf = emalloc(data_len + 1);
755  
756 -       if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
757 -               if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) {
758 -                       efree(buf);
759 -                       RETVAL_FALSE;
760 -               } else {
761 -                       zval_dtor(opendata);
762 -                       buf[len1 + len2] = '\0';
763 -                       ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0);
764 -                       RETVAL_TRUE;
765 -               }
766 +       ctx = EVP_CIPHER_CTX_new();
767 +       if (ctx != NULL && EVP_OpenInit(ctx, cipher, (unsigned char *)ekey, (int)ekey_len, NULL, pkey) &&
768 +                       EVP_OpenUpdate(ctx, buf, &len1, (unsigned char *)data, (int)data_len) &&
769 +                       EVP_OpenFinal(ctx, buf + len1, &len2) && (len1 + len2 > 0)) {
770 +               zval_dtor(opendata);
771 +               buf[len1 + len2] = '\0';
772 +               ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0);
773 +               RETVAL_TRUE;
774         } else {
775 -               efree(buf);
776                 RETVAL_FALSE;
777         }
778 +
779 +       efree(buf);
780         if (keyresource == -1) {
781                 EVP_PKEY_free(pkey);
782         }
783 -       EVP_CIPHER_CTX_cleanup(&ctx);
784 +       EVP_CIPHER_CTX_free(ctx);
785  }
786  /* }}} */
787  
788 @@ -5152,7 +5300,7 @@ PHP_FUNCTION(openssl_digest)
789         char *data, *method;
790         int data_len, method_len;
791         const EVP_MD *mdtype;
792 -       EVP_MD_CTX md_ctx;
793 +       EVP_MD_CTX *md_ctx;
794         int siglen;
795         unsigned char *sigbuf;
796  
797 @@ -5168,9 +5316,10 @@ PHP_FUNCTION(openssl_digest)
798         siglen = EVP_MD_size(mdtype);
799         sigbuf = emalloc(siglen + 1);
800  
801 -       EVP_DigestInit(&md_ctx, mdtype);
802 -       EVP_DigestUpdate(&md_ctx, (unsigned char *)data, data_len);
803 -       if (EVP_DigestFinal (&md_ctx, (unsigned char *)sigbuf, (unsigned int *)&siglen)) {
804 +       md_ctx = EVP_MD_CTX_create();
805 +       if (EVP_DigestInit(md_ctx, mdtype) &&
806 +                       EVP_DigestUpdate(md_ctx, (unsigned char *)data, data_len) &&
807 +                       EVP_DigestFinal (md_ctx, (unsigned char *)sigbuf, &siglen)) {
808                 if (raw_output) {
809                         sigbuf[siglen] = '\0';
810                         RETVAL_STRINGL((char *)sigbuf, siglen, 0);
811 @@ -5186,6 +5335,8 @@ PHP_FUNCTION(openssl_digest)
812                 efree(sigbuf);
813                 RETVAL_FALSE;
814         }
815 +
816 +       EVP_MD_CTX_destroy(md_ctx);
817  }
818  /* }}} */
819  
820 @@ -5231,7 +5382,7 @@ PHP_FUNCTION(openssl_encrypt)
821         char *data, *method, *password, *iv = "";
822         int data_len, method_len, password_len, iv_len = 0, max_iv_len;
823         const EVP_CIPHER *cipher_type;
824 -       EVP_CIPHER_CTX cipher_ctx;
825 +       EVP_CIPHER_CTX *cipher_ctx;
826         int i=0, outlen, keylen;
827         unsigned char *outbuf, *key;
828         zend_bool free_iv;
829 @@ -5245,6 +5396,12 @@ PHP_FUNCTION(openssl_encrypt)
830                 RETURN_FALSE;
831         }
832  
833 +       cipher_ctx = EVP_CIPHER_CTX_new();
834 +       if (!cipher_ctx) {
835 +               php_error_docref(NULL, E_WARNING, "Failed to create cipher context");
836 +               RETURN_FALSE;
837 +       }
838 +
839         keylen = EVP_CIPHER_key_length(cipher_type);
840         if (keylen > password_len) {
841                 key = emalloc(keylen);
842 @@ -5263,19 +5420,19 @@ PHP_FUNCTION(openssl_encrypt)
843         outlen = data_len + EVP_CIPHER_block_size(cipher_type);
844         outbuf = safe_emalloc(outlen, 1, 1);
845  
846 -       EVP_EncryptInit(&cipher_ctx, cipher_type, NULL, NULL);
847 +       EVP_EncryptInit(cipher_ctx, cipher_type, NULL, NULL);
848         if (password_len > keylen) {
849 -               EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
850 +               EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len);
851         }
852 -       EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
853 +       EVP_EncryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
854         if (options & OPENSSL_ZERO_PADDING) {
855 -               EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
856 +               EVP_CIPHER_CTX_set_padding(cipher_ctx, 0);
857         }
858         if (data_len > 0) {
859 -               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
860 +               EVP_EncryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
861         }
862         outlen = i;
863 -       if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
864 +       if (EVP_EncryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) {
865                 outlen += i;
866                 if (options & OPENSSL_RAW_DATA) {
867                         outbuf[outlen] = '\0';
868 @@ -5302,7 +5459,7 @@ PHP_FUNCTION(openssl_encrypt)
869         if (free_iv) {
870                 efree(iv);
871         }
872 -       EVP_CIPHER_CTX_cleanup(&cipher_ctx);
873 +       EVP_CIPHER_CTX_free(cipher_ctx);
874  }
875  /* }}} */
876  
877 @@ -5314,7 +5471,7 @@ PHP_FUNCTION(openssl_decrypt)
878         char *data, *method, *password, *iv = "";
879         int data_len, method_len, password_len, iv_len = 0;
880         const EVP_CIPHER *cipher_type;
881 -       EVP_CIPHER_CTX cipher_ctx;
882 +       EVP_CIPHER_CTX *cipher_ctx;
883         int i, outlen, keylen;
884         unsigned char *outbuf, *key;
885         int base64_str_len;
886 @@ -5336,10 +5493,17 @@ PHP_FUNCTION(openssl_decrypt)
887                 RETURN_FALSE;
888         }
889  
890 +       cipher_ctx = EVP_CIPHER_CTX_new();
891 +       if (!cipher_ctx) {
892 +               php_error_docref(NULL, E_WARNING, "Failed to create cipher context");
893 +               RETURN_FALSE;
894 +       }
895 +
896         if (!(options & OPENSSL_RAW_DATA)) {
897                 base64_str = (char*)php_base64_decode((unsigned char*)data, data_len, &base64_str_len);
898                 if (!base64_str) {
899                         php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to base64 decode the input");
900 +                       EVP_CIPHER_CTX_free(cipher_ctx);
901                         RETURN_FALSE;
902                 }
903                 data_len = base64_str_len;
904 @@ -5360,17 +5524,17 @@ PHP_FUNCTION(openssl_decrypt)
905         outlen = data_len + EVP_CIPHER_block_size(cipher_type);
906         outbuf = emalloc(outlen + 1);
907  
908 -       EVP_DecryptInit(&cipher_ctx, cipher_type, NULL, NULL);
909 +       EVP_DecryptInit(cipher_ctx, cipher_type, NULL, NULL);
910         if (password_len > keylen) {
911 -               EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
912 +               EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len);
913         }
914 -       EVP_DecryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
915 +       EVP_DecryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
916         if (options & OPENSSL_ZERO_PADDING) {
917 -               EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
918 +               EVP_CIPHER_CTX_set_padding(cipher_ctx, 0);
919         }
920 -       EVP_DecryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
921 +       EVP_DecryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
922         outlen = i;
923 -       if (EVP_DecryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
924 +       if (EVP_DecryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) {
925                 outlen += i;
926                 outbuf[outlen] = '\0';
927                 RETVAL_STRINGL((char *)outbuf, outlen, 0);
928 @@ -5387,7 +5551,7 @@ PHP_FUNCTION(openssl_decrypt)
929         if (base64_str) {
930                 efree(base64_str);
931         }
932 -       EVP_CIPHER_CTX_cleanup(&cipher_ctx);
933 +       EVP_CIPHER_CTX_free(cipher_ctx);
934  }
935  /* }}} */
936  
937 @@ -5425,6 +5589,7 @@ PHP_FUNCTION(openssl_dh_compute_key)
938         zval *key;
939         char *pub_str;
940         int pub_len;
941 +       DH *dh;
942         EVP_PKEY *pkey;
943         BIGNUM *pub;
944         char *data;
945 @@ -5434,14 +5599,18 @@ PHP_FUNCTION(openssl_dh_compute_key)
946                 return;
947         }
948         ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, &key, -1, "OpenSSL key", le_key);
949 -       if (!pkey || EVP_PKEY_type(pkey->type) != EVP_PKEY_DH || !pkey->pkey.dh) {
950 +       if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) {
951 +               RETURN_FALSE;
952 +       }
953 +       dh = EVP_PKEY_get0_DH(pkey);
954 +       if (dh == NULL) {
955                 RETURN_FALSE;
956         }
957  
958         pub = BN_bin2bn((unsigned char*)pub_str, pub_len, NULL);
959  
960 -       data = emalloc(DH_size(pkey->pkey.dh) + 1);
961 -       len = DH_compute_key((unsigned char*)data, pub, pkey->pkey.dh);
962 +       data = emalloc(DH_size(dh) + 1);
963 +       len = DH_compute_key((unsigned char*)data, pub, dh);
964  
965         if (len >= 0) {
966                 data[len] = 0;
PHP: Hypertext Preprocessor
This page took 0.171724 seconds and 3 git commands to generate.