From: Arkadiusz Miśkiewicz Date: Fri, 14 Sep 2018 13:56:19 +0000 (+0200) Subject: - rel 59; openssl 1.1.1 support X-Git-Tag: auto/th/php4-4.4.9-59 X-Git-Url: http://git.pld-linux.org/?p=packages%2Fphp4.git;a=commitdiff_plain;h=472a0c0 - rel 59; openssl 1.1.1 support --- diff --git a/php4-openssl.patch b/php4-openssl.patch index 0171cd6..a9bd276 100644 --- a/php4-openssl.patch +++ b/php4-openssl.patch @@ -28,3 +28,377 @@ { X509V3_CTX ctx; +--- php-4.4.9/ext/openssl/config0.m4 2018-09-14 15:52:03.411575594 +0200 ++++ php-4.4.9.new/ext/openssl/config0.m4 2018-09-14 15:32:01.321716395 +0200 +@@ -16,6 +16,8 @@ + PHP_SETUP_KERBEROS(OPENSSL_SHARED_LIBADD) + fi + ++ AC_CHECK_FUNCS([RAND_egd]) ++ + PHP_SETUP_OPENSSL(OPENSSL_SHARED_LIBADD, + [ + if test "$ext_shared" = "yes"; then +--- php-4.4.9/ext/openssl/openssl.c 2018-09-14 15:52:03.468243972 +0200 ++++ php-4.4.9.new/ext/openssl/openssl.c 2018-09-14 15:50:08.114771489 +0200 +@@ -131,6 +131,13 @@ + ZEND_GET_MODULE(openssl) + #endif + ++/* {{{ OpenSSL compatibility functions and macros */ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER) ++#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh ++#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa ++#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec ++#endif ++ + static int le_key; + static int le_x509; + static int le_csr; +@@ -524,12 +531,14 @@ + #endif + if (file == NULL) + file = RAND_file_name(buffer, sizeof(buffer)); ++#ifdef HAVE_RAND_EGD + else if (RAND_egd(file) > 0) { + /* if the given filename is an EGD socket, don't + * write anything back to it */ + *egdsocket = 1; + return SUCCESS; + } ++#endif + if (file == NULL || !RAND_load_file(file, -1)) { + if (RAND_status() == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to load random state; not enough random data!"); +@@ -730,7 +739,7 @@ + if (in == NULL) + return NULL; + +- cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509, ++ cert = (X509 *) PEM_ASN1_read_bio((d2i_of_void *)d2i_X509, + PEM_STRING_X509, in, + NULL, NULL, NULL); + BIO_free(in); +@@ -868,6 +877,8 @@ + { + zval * zcert; + X509 * cert = NULL; ++ X509_NAME *subject_name; ++ char *cert_name; + long certresource = -1; + int i; + zend_bool useshortnames = 1; +@@ -883,11 +894,12 @@ + + array_init(return_value); + +- if (cert->name) +- add_assoc_string(return_value, "name", cert->name, 1); +-/* add_assoc_bool(return_value, "valid", cert->valid); */ ++ subject_name = X509_get_subject_name(cert); ++ cert_name = X509_NAME_oneline(subject_name, NULL, 0); ++ add_assoc_string(return_value, "name", cert_name, 1); ++ OPENSSL_free(cert_name); + +- add_assoc_name_entry(return_value, "subject", X509_get_subject_name(cert), useshortnames TSRMLS_CC); ++ add_assoc_name_entry(return_value, "subject", subject_name, useshortnames TSRMLS_CC); + /* hash as used in CA directories to lookup cert by subject name */ + { + char buf[32]; +@@ -1863,14 +1875,21 @@ + { + assert(pkey != NULL); + +- switch (pkey->type) { ++ switch (EVP_PKEY_id(pkey)) { + #ifndef NO_RSA + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: +- assert(pkey->pkey.rsa != NULL); +- +- if (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q) +- return 0; ++ { ++ RSA *rsa = EVP_PKEY_get0_RSA(pkey); ++ if (rsa != NULL) { ++ const BIGNUM *p, *q; ++ ++ RSA_get0_factors(rsa, &p, &q); ++ if (p == NULL || q == NULL) { ++ return 0; ++ } ++ } ++ } + break; + #endif + #ifndef NO_DSA +@@ -1879,18 +1898,41 @@ + case EVP_PKEY_DSA2: + case EVP_PKEY_DSA3: + case EVP_PKEY_DSA4: +- assert(pkey->pkey.dsa != NULL); ++ { ++ DSA *dsa = EVP_PKEY_get0_DSA(pkey); ++ if (dsa != NULL) { ++ const BIGNUM *p, *q, *g, *pub_key, *priv_key; ++ ++ DSA_get0_pqg(dsa, &p, &q, &g); ++ if (p == NULL || q == NULL) { ++ return 0; ++ } + +- if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key) +- return 0; +- break; ++ DSA_get0_key(dsa, &pub_key, &priv_key); ++ if (priv_key == NULL) { ++ return 0; ++ } ++ } ++ } + #endif + #ifndef NO_DH + case EVP_PKEY_DH: +- assert(pkey->pkey.dh != NULL); ++ { ++ DH *dh = EVP_PKEY_get0_DH(pkey); ++ if (dh != NULL) { ++ const BIGNUM *p, *q, *g, *pub_key, *priv_key; ++ ++ DH_get0_pqg(dh, &p, &q, &g); ++ if (p == NULL) { ++ return 0; ++ } + +- if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key) +- return 0; ++ DH_get0_key(dh, &pub_key, &priv_key); ++ if (priv_key == NULL) { ++ return 0; ++ } ++ } ++ } + break; + #endif + default: +@@ -2521,13 +2563,13 @@ + cryptedlen = EVP_PKEY_size(pkey); + cryptedbuf = emalloc(cryptedlen + 1); + +- switch (pkey->type) { ++ switch (EVP_PKEY_id(pkey)) { + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + successful = (RSA_private_encrypt(data_len, + data, + cryptedbuf, +- pkey->pkey.rsa, ++ EVP_PKEY_get0_RSA(pkey), + padding) == cryptedlen); + break; + default: +@@ -2577,13 +2619,13 @@ + cryptedlen = EVP_PKEY_size(pkey); + crypttemp = emalloc(cryptedlen + 1); + +- switch (pkey->type) { ++ switch (EVP_PKEY_id(pkey)) { + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + cryptedlen = RSA_private_decrypt(data_len, + data, + crypttemp, +- pkey->pkey.rsa, ++ EVP_PKEY_get0_RSA(pkey), + padding); + if (cryptedlen != -1) { + cryptedbuf = emalloc(cryptedlen + 1); +@@ -2640,13 +2682,13 @@ + cryptedlen = EVP_PKEY_size(pkey); + cryptedbuf = emalloc(cryptedlen + 1); + +- switch (pkey->type) { ++ switch (EVP_PKEY_id(pkey)) { + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + successful = (RSA_public_encrypt(data_len, + data, + cryptedbuf, +- pkey->pkey.rsa, ++ EVP_PKEY_get0_RSA(pkey), + padding) == cryptedlen); + break; + default: +@@ -2697,13 +2739,13 @@ + cryptedlen = EVP_PKEY_size(pkey); + crypttemp = emalloc(cryptedlen + 1); + +- switch (pkey->type) { ++ switch (EVP_PKEY_id(pkey)) { + case EVP_PKEY_RSA: + case EVP_PKEY_RSA2: + cryptedlen = RSA_public_decrypt(data_len, + data, + crypttemp, +- pkey->pkey.rsa, ++ EVP_PKEY_get0_RSA(pkey), + padding); + if (cryptedlen != -1) { + cryptedbuf = emalloc(cryptedlen + 1); +@@ -2767,7 +2809,7 @@ + unsigned char *sigbuf; + long keyresource = -1; + char * data; int data_len; +- EVP_MD_CTX md_ctx; ++ EVP_MD_CTX *md_ctx; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szz", &data, &data_len, &signature, &key) == FAILURE) + return; +@@ -2781,9 +2823,11 @@ + siglen = EVP_PKEY_size(pkey); + sigbuf = emalloc(siglen + 1); + +- EVP_SignInit(&md_ctx, EVP_sha1()); +- EVP_SignUpdate(&md_ctx, data, data_len); +- if (EVP_SignFinal (&md_ctx, sigbuf, &siglen, pkey)) { ++ md_ctx = EVP_MD_CTX_create(); ++ if (md_ctx != NULL && ++ EVP_SignInit(md_ctx, EVP_sha1()) && ++ EVP_SignUpdate(md_ctx, data, data_len) && ++ EVP_SignFinal(md_ctx, (unsigned char*)sigbuf, &siglen, pkey)) { + zval_dtor(signature); + sigbuf[siglen] = '\0'; + ZVAL_STRINGL(signature, sigbuf, siglen, 0); +@@ -2792,6 +2836,7 @@ + efree(sigbuf); + RETVAL_FALSE; + } ++ EVP_MD_CTX_destroy(md_ctx); + if (keyresource == -1) + EVP_PKEY_free(pkey); + } +@@ -2803,8 +2848,8 @@ + { + zval *key; + EVP_PKEY *pkey; +- int err; +- EVP_MD_CTX md_ctx; ++ int err = 0; ++ EVP_MD_CTX *md_ctx; + long keyresource = -1; + char * data; int data_len; + char * signature; int signature_len; +@@ -2819,9 +2864,13 @@ + RETURN_FALSE; + } + +- EVP_VerifyInit (&md_ctx, EVP_sha1()); +- EVP_VerifyUpdate (&md_ctx, data, data_len); +- err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey); ++ md_ctx = EVP_MD_CTX_create(); ++ if (md_ctx != NULL) { ++ EVP_VerifyInit(md_ctx, EVP_sha1()); ++ EVP_VerifyUpdate (md_ctx, data, data_len); ++ err = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey); ++ } ++ EVP_MD_CTX_destroy(md_ctx); + + if (keyresource == -1) + EVP_PKEY_free(pkey); +@@ -2842,7 +2891,7 @@ + int i, len1, len2, *eksl, nkeys; + unsigned char *buf = NULL, **eks; + char * data; int data_len; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/", + &data, &data_len, &sealdata, &ekeys, &pubkeys) == FAILURE) +@@ -2878,7 +2927,9 @@ + } + + #if OPENSSL_VERSION_NUMBER >= 0x0090600fL +- if (!EVP_EncryptInit(&ctx,EVP_rc4(),NULL,NULL)) { ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL || !EVP_EncryptInit(ctx,EVP_rc4(),NULL,NULL)) { ++ EVP_CIPHER_CTX_free(ctx); + RETVAL_FALSE; + goto clean_exit; + } +@@ -2892,24 +2943,25 @@ + iv = ivlen ? emalloc(ivlen + 1) : NULL; + #endif + /* allocate one byte extra to make room for \0 */ +- buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx)); ++ buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx)); + +- if (!EVP_SealInit(&ctx, EVP_rc4(), eks, eksl, NULL, pkeys, nkeys) ++ if (!EVP_SealInit(ctx, EVP_rc4(), eks, eksl, NULL, pkeys, nkeys) + #if OPENSSL_VERSION_NUMBER >= 0x0090600fL +- || !EVP_SealUpdate(&ctx, buf, &len1, data, data_len) ++ || !EVP_SealUpdate(ctx, buf, &len1, data, data_len) + #endif + ) + { + RETVAL_FALSE; + efree(buf); ++ EVP_CIPHER_CTX_free(ctx); + goto clean_exit; + + } + + #if OPENSSL_VERSION_NUMBER < 0x0090600fL +- EVP_SealUpdate(&ctx, buf, &len1, data, data_len); ++ EVP_SealUpdate(ctx, buf, &len1, data, data_len); + #endif +- EVP_SealFinal(&ctx, buf + len1, &len2); ++ EVP_SealFinal(ctx, buf + len1, &len2); + + if (len1 + len2 > 0) { + zval_dtor(sealdata); +@@ -2944,6 +2996,7 @@ + efree(buf); + + RETVAL_LONG(len1 + len2); ++ EVP_CIPHER_CTX_free(ctx); + + clean_exit: + for (i=0; i= 0x0090600fL +- && EVP_OpenUpdate(&ctx, buf, &len1, data, data_len) ++ && EVP_OpenUpdate(ctx, buf, &len1, data, data_len) + #endif + ) { + #if OPENSSL_VERSION_NUMBER < 0x0090600fL +- EVP_OpenUpdate(&ctx, buf, &len1, data, data_len); ++ EVP_OpenUpdate(ctx, buf, &len1, data, data_len); + #endif +- if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || ++ if (!EVP_OpenFinal(ctx, buf + len1, &len2) || + (len1 + len2 == 0)) { + efree(buf); + if (keyresource == -1) +@@ -3011,6 +3065,7 @@ + zval_dtor(opendata); + buf[len1 + len2] = '\0'; + ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0); ++ EVP_CIPHER_CTX_free(ctx); + RETURN_TRUE; + } + /* }}} */ diff --git a/php4.spec b/php4.spec index 22030e2..a765232 100644 --- a/php4.spec +++ b/php4.spec @@ -73,7 +73,7 @@ %undefine with_msession %endif -%define rel 58 +%define rel 59 Summary: PHP: Hypertext Preprocessor Summary(fr.UTF-8): Le langage de script embarque-HTML PHP Summary(pl.UTF-8): Język skryptowy PHP