ad832abba1
test for bug #61124
2012-02-25 13:27:57 +00:00
5ef66f2cf5
Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
2012-02-23 01:26:46 +00:00
73ccc0a5e9
Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas
2012-02-07 01:15:13 +00:00
8d5f83dde5
Another openssl test that is dependent on the openssl version. The output has
...
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
2012-02-05 10:08:16 +00:00
e4fb44c8b6
Need EXPECTF here, of course
2012-02-05 09:52:41 +00:00
f3a7ba75cf
Getting different hashes here. But this test isn't testing the hashes,
...
it is just making sure we actually get a hash and don't crash.
2012-02-05 09:50:14 +00:00
a06e8ca56d
According to the reports on qa this test is failing the same way for everyone.
...
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
2012-02-05 09:32:20 +00:00
398c6e6d11
MFH r322485
...
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389
2012-01-26 05:15:57 +00:00
4e19825281
- Year++
2012-01-01 13:15:04 +00:00
2f15c1d717
fix uninitialized var that may lead to crash
2011-12-26 02:16:37 +00:00
c36926ba4c
Add tests for OpenSSL crash.
2011-12-19 03:09:05 +00:00
beda5efd41
Fix segfault in older versions of OpenSSL (before 0.9.8i)
2011-12-18 05:14:32 +00:00
287e1917cf
Make sure that we set the strong crypto result to false as well as returning false.
2011-12-07 20:50:33 +00:00
a9482367f8
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
...
ssl_handle of session_stream is not initialized.
2011-11-12 10:36:55 +00:00
2f3adeb083
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
...
option, scottmac)
# This caused bug #55283 and #55848 , we should investigate a proper solution without
# breaking anything.
2011-10-05 05:20:51 +00:00
4de9123b85
- ext/openssl/tests/bug36732.phpt more portable.
2011-09-14 10:55:46 +00:00
428ef23067
- Fixed test ext/openssl/tests/004.phpt.
...
- Made ext/openssl/tests/bug55646.phpt more reproducible by giving it a custom
openssl.cnf.
2011-09-14 09:56:59 +00:00
b6aabaae59
- Test for bug #55646 .
2011-09-12 20:05:07 +00:00
1d5028be3d
- Fixed bug #55646 : textual data is returned in UTF-8, but is input in
...
another encoding. 5.4 only as this implies a BC break.
2011-09-12 17:23:10 +00:00
7e986b2a46
Fix the path to the .pem
2011-09-08 09:27:47 +00:00
4b30846b50
- Make usage of new PHP_FE_END macro
2011-07-25 11:35:02 +00:00
ebbb2b1df1
When we have a blocking SSL socket, respect the timeout option.
...
reading from SSL sockets could block indefinitely due to the lack
of timeout
2011-07-23 01:29:44 +00:00
530311f4ba
removing openssl test for bug #55169 per Scott MacVicar's request; duplicate coverage of opensssl_random_pseudo_bytes.phpt
2011-07-20 21:25:39 +00:00
386abb9f5a
update test for bug #55169 , fix skipif
2011-07-20 21:13:03 +00:00
08cab10dc9
update test for bug #55169 , don't require the extension in INI
2011-07-20 20:57:17 +00:00
cd6f4bcf8d
tests for bug #55169 (mcrypt and openssl)
2011-07-20 18:59:05 +00:00
b03817afb5
- re apply the rng change specific to windows, long term it should be a std function but as this function was badly introduced in the 1st place, we have to fix the bad things here instead, pls do not revert again, bad idea.
2011-07-19 23:01:41 +00:00
591e0e446f
Revert change to use a special Windows version of openssl_random_pseudo_bytes().
...
Lets discuss this on internals first. We're advertising something from the OpenSSL library
and then subverting it with another Windows OS call.
What are the implications of this? Should we make this available in ext/standard/ instead?
2011-07-19 22:29:55 +00:00
64a0c79a07
openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.
...
The result is a key of 448 bits being passed to the blowfish algorithm would be truncated to 128 bit.
Also fixed an error in the zend_parse_parameters() having an invalid character being used.
2011-07-19 22:15:56 +00:00
5fb2570742
- use php_win32_get_random_bytes instead of over slow and partially wrong openssl's version
2011-07-10 14:59:33 +00:00
104cd28e95
- did I not kill that already? (do not use rand_screen, pointless on server and not TS)
2011-06-16 13:06:41 +00:00
15f5dd5cb3
- Fixed bug #55028 (// is abad comment)
2011-06-10 22:48:36 +00:00
c27079d9e0
- Fixed bug #54992 : Stream not closed and error not returned when SSL CN_match
...
fails.
2011-06-08 00:23:02 +00:00
32b5f8a1a3
- Added new parameter parsing option (p - for valid path (string without null byte in the middle))
...
# The tests will be fixed in the next commits
2011-06-06 21:28:16 +00:00
30f19bd524
Allow management of your own padding in openssl_encrypt/decrypt.
...
For using mcrypt / openssl interchangeabley managing your own padding is the only solution.
2011-05-20 18:56:13 +00:00
0c8438462c
The project calls itself OpenSSL and not openSSL, so let's keep it
...
that way in our code as well.
2011-04-25 16:50:30 +00:00
380c3e5127
SSLV2 patch cleanup
2011-04-24 23:27:48 +00:00
f1806e67e6
Support for openssl without SSLv2 supprot compiled in. Distros are starting to
...
remove support now and this wasn't compiling anymore on my Debian dev box.
2011-04-24 20:47:22 +00:00
a286fa3523
Add the libraries we actually test and need for LDAP and OpenSSL, fixes bug #53339
...
Patch by Clint Byrum
2011-03-18 18:47:09 +00:00
32c4a3a061
- fix bug #54061 , memory leak in openssl_decrypt
2011-02-21 12:50:26 +00:00
f922e31129
- fix bug #54061 , memory leak in openssl_decrypt
2011-02-21 12:47:38 +00:00
b526a6ef44
- fix bug #54060 , memory leak in openssl_encrypt
2011-02-21 10:07:31 +00:00
0203cc3d44
- Year++
2011-01-01 02:17:06 +00:00
063393f29b
- Fixed bug #53592 (stream_socket_enable_crypto() busy-waits in client mode).
...
- Fixed stream_socket_enable_crypto() not honoring the socket timeout in
server mode.
2010-12-23 01:44:54 +00:00
3722811395
make sure the stream context is present before looking for any options
...
and fix segfault
2010-12-04 21:54:20 +00:00
18ec6dae2c
Implemented FR #53447 (Cannot disable SessionTicket extension for servers that
...
do not support it).
I haven't written a test due to the need for such a test to have a HTTPS server
available which mishandles SessionTicket requests; it's likely that server
administrators will gradually fix this either intentionally or through OpenSSL
upgrades. That said, if there's a great clamoring for a test, I'll work one up.
2010-12-03 09:34:35 +00:00
3fd615cc8d
- not TS and useless on server, also not required anymore with the supported windows versions
2010-12-02 11:37:43 +00:00
6e8c2ba690
- Fixed bug #53136 (Invalid read on openssl_csr_new())
2010-11-12 23:34:03 +00:00
86944b47a6
Fix vim marker folds.
2010-10-13 09:23:39 +00:00
412d151681
Fixed extrenous warning inside openssl_encrypt() for cases where iv not provided, but algo does not require an iv
2010-10-07 12:32:00 +00:00
Olivier DOUCET