]> git.pld-linux.org Git - packages/php4.git/blob - php4-openssl.patch
projects / packages / php4.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- rel 59; openssl 1.1.1 support
[packages/php4.git] / php4-openssl.patch
1 --- php-4.4.9/ext/openssl/openssl.c.org 2010-04-11 08:09:20.114283832 +0200
2 +++ php-4.4.9/ext/openssl/openssl.c     2010-04-11 08:08:40.851370731 +0200
3 @@ -179,8 +179,13 @@
4  static char default_ssl_conf_filename[MAXPATHLEN];
5  
6  struct php_x509_request {
7 +#if OPENSSL_VERSION_NUMBER >= 0x10000002L                                                                                                                    
8 +       LHASH_OF(CONF_VALUE) * global_config;   /* Global SSL config */                                                                                          
9 +       LHASH_OF(CONF_VALUE) * req_config;      /* SSL config for this request */
10 +#else
11         LHASH * global_config;  /* Global SSL config */
12         LHASH * req_config;             /* SSL config for this request */
13 +#endif
14         const EVP_MD * md_alg;
15         const EVP_MD * digest;
16         char    * section_name,
17 @@ -340,7 +345,12 @@
18                 const char * section_label,
19                 const char * config_filename,
20                 const char * section,
21 -               LHASH * config TSRMLS_DC)
22 +#if OPENSSL_VERSION_NUMBER >= 0x10000002L
23 +               LHASH_OF(CONF_VALUE) * config TSRMLS_DC
24 +#else
25 +               LHASH * config TSRMLS_DC
26 +#endif
27 +               )
28  {
29         X509V3_CTX ctx;
30         
31 --- php-4.4.9/ext/openssl/config0.m4    2018-09-14 15:52:03.411575594 +0200
32 +++ php-4.4.9.new/ext/openssl/config0.m4        2018-09-14 15:32:01.321716395 +0200
33 @@ -16,6 +16,8 @@
34      PHP_SETUP_KERBEROS(OPENSSL_SHARED_LIBADD)
35    fi
36  
37 +  AC_CHECK_FUNCS([RAND_egd])
38 +
39    PHP_SETUP_OPENSSL(OPENSSL_SHARED_LIBADD, 
40    [
41      if test "$ext_shared" = "yes"; then
42 --- php-4.4.9/ext/openssl/openssl.c     2018-09-14 15:52:03.468243972 +0200
43 +++ php-4.4.9.new/ext/openssl/openssl.c 2018-09-14 15:50:08.114771489 +0200
44 @@ -131,6 +131,13 @@
45  ZEND_GET_MODULE(openssl)
46  #endif
47  
48 +/* {{{ OpenSSL compatibility functions and macros */
49 +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
50 +#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh
51 +#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa
52 +#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec
53 +#endif
54 +
55  static int le_key;
56  static int le_x509;
57  static int le_csr;
58 @@ -524,12 +531,14 @@
59  #endif
60         if (file == NULL)
61                 file = RAND_file_name(buffer, sizeof(buffer));
62 +#ifdef HAVE_RAND_EGD
63         else if (RAND_egd(file) > 0) {
64                 /* if the given filename is an EGD socket, don't
65                  * write anything back to it */
66                 *egdsocket = 1;
67                 return SUCCESS;
68         }
69 +#endif
70         if (file == NULL || !RAND_load_file(file, -1)) {
71                 if (RAND_status() == 0) {
72                         php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to load random state; not enough random data!");
73 @@ -730,7 +739,7 @@
74                 if (in == NULL)
75                         return NULL;
76  
77 -               cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509,
78 +               cert = (X509 *) PEM_ASN1_read_bio((d2i_of_void *)d2i_X509,
79                                 PEM_STRING_X509, in,
80                                 NULL, NULL, NULL);
81                 BIO_free(in);
82 @@ -868,6 +877,8 @@
83  {
84         zval * zcert;
85         X509 * cert = NULL;
86 +       X509_NAME *subject_name;
87 +       char *cert_name;
88         long certresource = -1;
89         int i;
90         zend_bool useshortnames = 1;
91 @@ -883,11 +894,12 @@
92  
93         array_init(return_value);
94  
95 -       if (cert->name)
96 -               add_assoc_string(return_value, "name", cert->name, 1);
97 -/*     add_assoc_bool(return_value, "valid", cert->valid); */
98 +       subject_name = X509_get_subject_name(cert);
99 +       cert_name = X509_NAME_oneline(subject_name, NULL, 0);
100 +       add_assoc_string(return_value, "name", cert_name, 1);
101 +       OPENSSL_free(cert_name);
102  
103 -       add_assoc_name_entry(return_value, "subject",           X509_get_subject_name(cert), useshortnames TSRMLS_CC);
104 +       add_assoc_name_entry(return_value, "subject",           subject_name, useshortnames TSRMLS_CC);
105         /* hash as used in CA directories to lookup cert by subject name */
106         {
107                 char buf[32];
108 @@ -1863,14 +1875,21 @@
109  {
110         assert(pkey != NULL);
111  
112 -       switch (pkey->type) {
113 +       switch (EVP_PKEY_id(pkey)) {
114  #ifndef NO_RSA
115                 case EVP_PKEY_RSA:
116                 case EVP_PKEY_RSA2:
117 -                       assert(pkey->pkey.rsa != NULL);
118 -
119 -                       if (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)
120 -                               return 0;
121 +                       {
122 +                               RSA *rsa = EVP_PKEY_get0_RSA(pkey);
123 +                               if (rsa != NULL) {
124 +                                       const BIGNUM *p, *q;
125 +
126 +                                       RSA_get0_factors(rsa, &p, &q);
127 +                                       if (p == NULL || q == NULL) {
128 +                                               return 0;
129 +                                       }
130 +                               }
131 +                       }
132                         break;
133  #endif
134  #ifndef NO_DSA
135 @@ -1879,18 +1898,41 @@
136                 case EVP_PKEY_DSA2:
137                 case EVP_PKEY_DSA3:
138                 case EVP_PKEY_DSA4:
139 -                       assert(pkey->pkey.dsa != NULL);
140 +                       {
141 +                               DSA *dsa = EVP_PKEY_get0_DSA(pkey);
142 +                               if (dsa != NULL) {
143 +                                       const BIGNUM *p, *q, *g, *pub_key, *priv_key;
144 +
145 +                                       DSA_get0_pqg(dsa, &p, &q, &g);
146 +                                       if (p == NULL || q == NULL) {
147 +                                               return 0;
148 +                                       }
149  
150 -                       if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key)
151 -                               return 0;
152 -                       break;
153 +                                       DSA_get0_key(dsa, &pub_key, &priv_key);
154 +                                       if (priv_key == NULL) {
155 +                                               return 0;
156 +                                       }
157 +                               }
158 +                       }
159  #endif
160  #ifndef NO_DH
161                 case EVP_PKEY_DH:
162 -                       assert(pkey->pkey.dh != NULL);
163 +                       {
164 +                               DH *dh = EVP_PKEY_get0_DH(pkey);
165 +                               if (dh != NULL) {
166 +                                       const BIGNUM *p, *q, *g, *pub_key, *priv_key;
167 +
168 +                                       DH_get0_pqg(dh, &p, &q, &g);
169 +                                       if (p == NULL) {
170 +                                               return 0;
171 +                                       }
172  
173 -                       if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key)
174 -                               return 0;
175 +                                       DH_get0_key(dh, &pub_key, &priv_key);
176 +                                       if (priv_key == NULL) {
177 +                                               return 0;
178 +                                       }
179 +                               }
180 +                       }
181                         break;
182  #endif
183                 default:
184 @@ -2521,13 +2563,13 @@
185         cryptedlen = EVP_PKEY_size(pkey);
186         cryptedbuf = emalloc(cryptedlen + 1);
187  
188 -       switch (pkey->type) {
189 +       switch (EVP_PKEY_id(pkey)) {
190                 case EVP_PKEY_RSA:
191                 case EVP_PKEY_RSA2:
192                         successful =  (RSA_private_encrypt(data_len, 
193                                                 data, 
194                                                 cryptedbuf, 
195 -                                               pkey->pkey.rsa, 
196 +                                               EVP_PKEY_get0_RSA(pkey),
197                                                 padding) == cryptedlen);
198                         break;
199                 default:
200 @@ -2577,13 +2619,13 @@
201         cryptedlen = EVP_PKEY_size(pkey);
202         crypttemp = emalloc(cryptedlen + 1);
203  
204 -       switch (pkey->type) {
205 +       switch (EVP_PKEY_id(pkey)) {
206                 case EVP_PKEY_RSA:
207                 case EVP_PKEY_RSA2:
208                         cryptedlen = RSA_private_decrypt(data_len, 
209                                         data, 
210                                         crypttemp, 
211 -                                       pkey->pkey.rsa, 
212 +                                       EVP_PKEY_get0_RSA(pkey),
213                                         padding);
214                         if (cryptedlen != -1) {
215                                 cryptedbuf = emalloc(cryptedlen + 1);
216 @@ -2640,13 +2682,13 @@
217         cryptedlen = EVP_PKEY_size(pkey);
218         cryptedbuf = emalloc(cryptedlen + 1);
219  
220 -       switch (pkey->type) {
221 +       switch (EVP_PKEY_id(pkey)) {
222                 case EVP_PKEY_RSA:
223                 case EVP_PKEY_RSA2:
224                         successful = (RSA_public_encrypt(data_len, 
225                                                 data, 
226                                                 cryptedbuf, 
227 -                                               pkey->pkey.rsa, 
228 +                                               EVP_PKEY_get0_RSA(pkey),
229                                                 padding) == cryptedlen);
230                         break;
231                 default:
232 @@ -2697,13 +2739,13 @@
233         cryptedlen = EVP_PKEY_size(pkey);
234         crypttemp = emalloc(cryptedlen + 1);
235  
236 -       switch (pkey->type) {
237 +       switch (EVP_PKEY_id(pkey)) {
238                 case EVP_PKEY_RSA:
239                 case EVP_PKEY_RSA2:
240                         cryptedlen = RSA_public_decrypt(data_len, 
241                                         data, 
242                                         crypttemp, 
243 -                                       pkey->pkey.rsa, 
244 +                                       EVP_PKEY_get0_RSA(pkey),
245                                         padding);
246                         if (cryptedlen != -1) {
247                                 cryptedbuf = emalloc(cryptedlen + 1);
248 @@ -2767,7 +2809,7 @@
249         unsigned char *sigbuf;
250         long keyresource = -1;
251         char * data;    int data_len;
252 -       EVP_MD_CTX md_ctx;
253 +       EVP_MD_CTX *md_ctx;
254  
255         if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szz", &data, &data_len, &signature, &key) == FAILURE)
256                 return;
257 @@ -2781,9 +2823,11 @@
258         siglen = EVP_PKEY_size(pkey);
259         sigbuf = emalloc(siglen + 1);
260  
261 -       EVP_SignInit(&md_ctx, EVP_sha1());
262 -       EVP_SignUpdate(&md_ctx, data, data_len);
263 -       if (EVP_SignFinal (&md_ctx, sigbuf, &siglen, pkey)) {
264 +       md_ctx = EVP_MD_CTX_create();
265 +       if (md_ctx != NULL &&
266 +               EVP_SignInit(md_ctx, EVP_sha1()) &&
267 +               EVP_SignUpdate(md_ctx, data, data_len) &&
268 +               EVP_SignFinal(md_ctx, (unsigned char*)sigbuf, &siglen, pkey)) {
269                 zval_dtor(signature);
270                 sigbuf[siglen] = '\0';
271                 ZVAL_STRINGL(signature, sigbuf, siglen, 0);
272 @@ -2792,6 +2836,7 @@
273                 efree(sigbuf);
274                 RETVAL_FALSE;
275         }
276 +       EVP_MD_CTX_destroy(md_ctx);
277         if (keyresource == -1)
278                 EVP_PKEY_free(pkey);
279  }
280 @@ -2803,8 +2848,8 @@
281  {
282         zval *key;
283         EVP_PKEY *pkey;
284 -       int err;
285 -       EVP_MD_CTX     md_ctx;
286 +       int err = 0;
287 +       EVP_MD_CTX     *md_ctx;
288         long keyresource = -1;
289         char * data;    int data_len;
290         char * signature;       int signature_len;
291 @@ -2819,9 +2864,13 @@
292                 RETURN_FALSE;
293         }
294  
295 -       EVP_VerifyInit   (&md_ctx, EVP_sha1());
296 -       EVP_VerifyUpdate (&md_ctx, data, data_len);
297 -       err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey);
298 +       md_ctx = EVP_MD_CTX_create();
299 +       if (md_ctx != NULL) {
300 +               EVP_VerifyInit(md_ctx, EVP_sha1());
301 +               EVP_VerifyUpdate (md_ctx, data, data_len);
302 +               err = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey);
303 +       }
304 +       EVP_MD_CTX_destroy(md_ctx);
305  
306         if (keyresource == -1)
307                 EVP_PKEY_free(pkey);
308 @@ -2842,7 +2891,7 @@
309         int i, len1, len2, *eksl, nkeys;
310         unsigned char *buf = NULL, **eks;
311         char * data; int data_len;
312 -       EVP_CIPHER_CTX ctx;
313 +       EVP_CIPHER_CTX *ctx;
314  
315         if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/",
316                                 &data, &data_len, &sealdata, &ekeys, &pubkeys) == FAILURE)
317 @@ -2878,7 +2927,9 @@
318         }
319  
320  #if OPENSSL_VERSION_NUMBER >= 0x0090600fL
321 -       if (!EVP_EncryptInit(&ctx,EVP_rc4(),NULL,NULL)) {
322 +       ctx = EVP_CIPHER_CTX_new();
323 +       if (ctx == NULL || !EVP_EncryptInit(ctx,EVP_rc4(),NULL,NULL)) {
324 +               EVP_CIPHER_CTX_free(ctx);
325                 RETVAL_FALSE;
326                 goto clean_exit;
327         }
328 @@ -2892,24 +2943,25 @@
329         iv = ivlen ? emalloc(ivlen + 1) : NULL;
330  #endif
331         /* allocate one byte extra to make room for \0 */
332 -       buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
333 +       buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx));
334  
335 -       if (!EVP_SealInit(&ctx, EVP_rc4(), eks, eksl, NULL, pkeys, nkeys)
336 +       if (!EVP_SealInit(ctx, EVP_rc4(), eks, eksl, NULL, pkeys, nkeys)
337  #if OPENSSL_VERSION_NUMBER >= 0x0090600fL
338 -                       || !EVP_SealUpdate(&ctx, buf, &len1, data, data_len)
339 +                       || !EVP_SealUpdate(ctx, buf, &len1, data, data_len)
340  #endif
341                 ) 
342         {
343                 RETVAL_FALSE;
344                 efree(buf);
345 +               EVP_CIPHER_CTX_free(ctx);
346                 goto clean_exit;
347  
348         }
349  
350  #if OPENSSL_VERSION_NUMBER < 0x0090600fL
351 -       EVP_SealUpdate(&ctx, buf, &len1, data, data_len);
352 +       EVP_SealUpdate(ctx, buf, &len1, data, data_len);
353  #endif
354 -       EVP_SealFinal(&ctx, buf + len1, &len2);
355 +       EVP_SealFinal(ctx, buf + len1, &len2);
356  
357         if (len1 + len2 > 0) {
358                 zval_dtor(sealdata);
359 @@ -2944,6 +2996,7 @@
360                 efree(buf);
361  
362         RETVAL_LONG(len1 + len2);
363 +       EVP_CIPHER_CTX_free(ctx);
364  
365  clean_exit:
366         for (i=0; i<nkeys; i++) {
367 @@ -2968,7 +3021,7 @@
368         int len1, len2;
369         unsigned char *buf;
370         long keyresource = -1;
371 -       EVP_CIPHER_CTX ctx;
372 +       EVP_CIPHER_CTX *ctx;
373         char * data;    int data_len;
374         char * ekey;    int ekey_len;
375  
376 @@ -2983,15 +3036,16 @@
377         }
378         buf = emalloc(data_len + 1);
379  
380 -       if (EVP_OpenInit(&ctx, EVP_rc4(), ekey, ekey_len, NULL, pkey)
381 +       ctx = EVP_CIPHER_CTX_new();
382 +       if (ctx != NULL && EVP_OpenInit(ctx, EVP_rc4(), ekey, ekey_len, NULL, pkey)
383  #if OPENSSL_VERSION_NUMBER >= 0x0090600fL
384 -                       && EVP_OpenUpdate(&ctx, buf, &len1, data, data_len)
385 +                       && EVP_OpenUpdate(ctx, buf, &len1, data, data_len)
386  #endif
387                 ) {
388  #if OPENSSL_VERSION_NUMBER < 0x0090600fL
389 -               EVP_OpenUpdate(&ctx, buf, &len1, data, data_len);
390 +               EVP_OpenUpdate(ctx, buf, &len1, data, data_len);
391  #endif
392 -               if (!EVP_OpenFinal(&ctx, buf + len1, &len2) ||
393 +               if (!EVP_OpenFinal(ctx, buf + len1, &len2) ||
394                                 (len1 + len2 == 0)) {
395                         efree(buf);
396                         if (keyresource == -1)
397 @@ -3011,6 +3065,7 @@
398         zval_dtor(opendata);
399         buf[len1 + len2] = '\0';
400         ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0);
401 +       EVP_CIPHER_CTX_free(ctx);
402         RETURN_TRUE;
403  }
404  /* }}} */
PHP: Hypertext Preprocessor
This page took 0.086494 seconds and 3 git commands to generate.