84202c367e
commit for php bug 61421
...
enabling SHA2 and RMD160 for openssl signature verification
2012-09-15 22:59:34 -07:00
c7be96b08f
Revert "Add PBKDF2 support via openssl()"
...
This reverts commit b5b8ea1050
2012-06-12 11:22:49 -07:00
a2bfad051d
Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell."
...
This reverts commit bccd1e672f
2012-06-12 11:21:54 -07:00
bccd1e672f
Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell.
...
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
2012-06-11 15:41:41 -07:00
b5b8ea1050
Add PBKDF2 support via openssl()
...
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.
Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.
Will backport to 5.4 potentially with Stas' approval.
Test Plan:
Ran newly added tests which came from RFC 6070
2012-06-11 13:35:25 -07:00
fa0d507923
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Fix bug #61401 ext\openssl\tests\004.phpt fails
Fix bug #61404 ext\openssl\tests\021.phpt fails
Fix bug #61448 intl tests fail with icu >= 4.8
2012-03-28 17:13:16 +02:00
bff8152565
Fix bug #61401 ext\openssl\tests\004.phpt fails
2012-03-28 17:11:58 +02:00
4c5b427124
Fix bug #61404 ext\openssl\tests\021.phpt fails
2012-03-28 16:15:36 +02:00
bd7bb973b1
Fix bug #61404 ext\openssl\tests\021.phpt fails
2012-03-28 16:04:56 +02:00
8d7a489b97
Merge branch '5.3' into 5.4
...
* 5.3:
Fix bug #61405 ext\openssl\tests\022.phpt fails
Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
2012-03-27 16:15:15 +02:00
b638d3020c
Fix bug #61405 ext\openssl\tests\022.phpt fails
2012-03-27 16:07:59 +02:00
e55718b091
Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
2012-03-27 16:07:59 +02:00
7fdd35d697
Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
2012-03-27 16:07:25 +02:00
ad832abba1
test for bug #61124
2012-02-25 13:27:57 +00:00
118dd43555
test for bug #61124
2012-02-25 13:27:57 +00:00
5ef66f2cf5
Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
2012-02-23 01:26:46 +00:00
f424fe8aed
Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
2012-02-23 01:26:46 +00:00
b0678ea229
Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas
2012-02-07 01:15:13 +00:00
73ccc0a5e9
Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas
2012-02-07 01:15:13 +00:00
f6f283c3e2
Another openssl test that is dependent on the openssl version. The output has
...
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
2012-02-05 10:08:16 +00:00
8d5f83dde5
Another openssl test that is dependent on the openssl version. The output has
...
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
2012-02-05 10:08:16 +00:00
60df9abf95
Need EXPECTF here, of course
2012-02-05 09:52:41 +00:00
e4fb44c8b6
Need EXPECTF here, of course
2012-02-05 09:52:41 +00:00
e24b6cdf56
Getting different hashes here. But this test isn't testing the hashes,
...
it is just making sure we actually get a hash and don't crash.
2012-02-05 09:50:14 +00:00
f3a7ba75cf
Getting different hashes here. But this test isn't testing the hashes,
...
it is just making sure we actually get a hash and don't crash.
2012-02-05 09:50:14 +00:00
21c776850c
According to the reports on qa this test is failing the same way for everyone.
...
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
2012-02-05 09:32:20 +00:00
a06e8ca56d
According to the reports on qa this test is failing the same way for everyone.
...
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
2012-02-05 09:32:20 +00:00
398c6e6d11
MFH r322485
...
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389
2012-01-26 05:15:57 +00:00
e4ca0ed09f
- Year++
2012-01-01 13:15:04 +00:00
4e19825281
- Year++
2012-01-01 13:15:04 +00:00
2f15c1d717
fix uninitialized var that may lead to crash
2011-12-26 02:16:37 +00:00
6c841dfda3
Add tests for OpenSSL crash.
2011-12-19 03:09:05 +00:00
c36926ba4c
Add tests for OpenSSL crash.
2011-12-19 03:09:05 +00:00
095cbc48a8
Fix segfault in older versions of OpenSSL (before 0.9.8i)
2011-12-18 05:14:32 +00:00
beda5efd41
Fix segfault in older versions of OpenSSL (before 0.9.8i)
2011-12-18 05:14:32 +00:00
287e1917cf
Make sure that we set the strong crypto result to false as well as returning false.
2011-12-07 20:50:33 +00:00
2c970a52e8
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
...
ssl_handle of session_stream is not initialized.
2011-11-12 10:36:55 +00:00
a9482367f8
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
...
ssl_handle of session_stream is not initialized.
2011-11-12 10:36:55 +00:00
2f3adeb083
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
...
option, scottmac)
# This caused bug #55283 and #55848 , we should investigate a proper solution without
# breaking anything.
2011-10-05 05:20:51 +00:00
da4a27333d
- ext/openssl/tests/bug36732.phpt more portable.
2011-09-14 10:55:46 +00:00
4de9123b85
- ext/openssl/tests/bug36732.phpt more portable.
2011-09-14 10:55:46 +00:00
428ef23067
- Fixed test ext/openssl/tests/004.phpt.
...
- Made ext/openssl/tests/bug55646.phpt more reproducible by giving it a custom
openssl.cnf.
2011-09-14 09:56:59 +00:00
b6aabaae59
- Test for bug #55646 .
2011-09-12 20:05:07 +00:00
1d5028be3d
- Fixed bug #55646 : textual data is returned in UTF-8, but is input in
...
another encoding. 5.4 only as this implies a BC break.
2011-09-12 17:23:10 +00:00
41db75ccbe
Fix the path to the .pem
2011-09-08 09:27:47 +00:00
7e986b2a46
Fix the path to the .pem
2011-09-08 09:27:47 +00:00
0d2a921916
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
...
option, scottmac)
# This caused bug #55283 , we should investigate a proper solution without
# breaking anything.
2011-08-22 21:32:04 +00:00
23e438594d
- Make usage of new PHP_FE_END macro
2011-07-25 11:42:53 +00:00
4b30846b50
- Make usage of new PHP_FE_END macro
2011-07-25 11:35:02 +00:00
04c2df66a3
When we have a blocking SSL socket, respect the timeout option.
...
reading from SSL sockets could block indefinitely due to the lack
of timeout
2011-07-23 01:29:44 +00:00
Mark Jones