Since these go through a file, this can fail.
For some of these, the error is already checked but not propagated to
userland, causing a "true" return value but an incomplete file.
For others, the error is not checked and can also lead to an incomplete
file.
Solve this by always propagating failure, especially as the other write
calls are already checked for failure.
Closes GH-21360.
openssl_pkey_new() checks private_key_bits >= 384 before generating any
key. For EC, X25519, ED25519, X448, and ED448 the size is inherent to
the curve or algorithm, so this check doesn't apply and causes failures
when default_bits is missing from openssl.cnf (which is the case in
OpenSSL 3.6's default config).
Skip the minimum-bits check for key types that don't use private_key_bits.
Closes GH-21387.
This removes the following unused compile definitions:
- HAVE_OSSL_SET_MAX_THREADS
- HAVE_ARGON2ID_HASH_RAW
The CHECK_FUNC_IN_HEADER() function defines the 'HAVE_<FUNCTION>'
compile definitions to 0 or 1, but these aren't used in the code.
Defining such preprocessor macros makes it difficult to track and sync
with other build systems.
* PHP-8.5:
Update NEWS for OpenSSL changes
Fix memory leaks in openssl_cms_encrypt() when push fails
Fix memory leaks in openssl_pkcs7_encrypt() when push fails
Fix missing error propagation when php_array_to_X509_sk() fails
Fix memory leaks in php_array_to_X509_sk() when push fails
Fix memory leak in php_openssl_load_all_certs_from_file() when push fails
* PHP-8.4:
Update NEWS for OpenSSL changes
Fix memory leaks in openssl_cms_encrypt() when push fails
Fix memory leaks in openssl_pkcs7_encrypt() when push fails
Fix missing error propagation when php_array_to_X509_sk() fails
Fix memory leaks in php_array_to_X509_sk() when push fails
Fix memory leak in php_openssl_load_all_certs_from_file() when push fails
Closes GH-20986.
In a lot of places the return value is not checked, and when the
function fails the code continues execution. However, this means that
operations on the stack fail and will cause memory leaks on the objects
that weren't pushed.
We also notice an inconsistency in how these failures are handled.
For example, in one place we explicitly have a fatal error
`php_error_docref(NULL, E_ERROR, "Memory allocation failure");`
but this is the only place to do so.
Closes GH-20957.
This commit adds a seventh parameter to both two OpenSSL functions:
* openssl_seal(): The new parameter is by-ref and is populated with the computed tag.
* openssl_open(): The new parameter is by-value to provide the computed tag.
Closes GH-7737
This fixes incorrect type conversion and subsequent check for Windows
where returned socket is not an int.
It should be noted that this is not really an issue as previous int
would get negative so the check should still work. The issue actually
happens only in master (PHP 8.5) where refactoring has been done and the
type changed.
Closes GH-19881
* Fix Windows test for openssl-3.5 upgrade
* Update ext/openssl/tests/check_default_conf_path.phpt
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
* Fix Windows test for openssl-3.5 upgrade
* Update ext/openssl/tests/check_default_conf_path.phpt
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
---------
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
* tree-wide: Replace `CHECK_NULL_PATH()` by `zend_char_has_nul_byte()`
The former is a direct alias of the latter with a more explicit name and the
former is explicitly documented as a “compatibility” alias.
* tree-wide: Replace `CHECK_ZVAL_NULL_PATH()` by its definition
The former is explicitly documented as a “compatibility” alias.
* zend_API: Remove `CHECK*NULL_PATH`
The `CHECK_ZVAL_NULL_PATH()` macro is unsafe, because it implicitly assumes
that the given `zval*` is `IS_STRING`.
Based on a GitHub search there does not seem to be any user outside of PHP, all
hits were just forks / copies of php-src.
