4946dc1ab9
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Added support for parsing ssl certificates using GeneralizedTime format.
2014-06-08 14:19:16 -07:00
76a7fd893b
Added support for parsing ssl certificates using GeneralizedTime format.
...
fix bug #65698
fix bug #66636
2014-06-08 14:17:58 -07:00
8bc82718ae
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix #66942 : openssl_seal() memory leak
ws fix
Conflicts:
ext/openssl/openssl.c
2014-04-14 13:35:24 -07:00
a186312832
Fix #66942 : openssl_seal() memory leak
...
Fix #66952 : memory leak in openssl_open()
2014-04-14 13:24:14 -07:00
e1d8c0a051
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #66833 Default digest algo is still MD5
2014-03-14 09:52:02 +01:00
17f6391bf8
Fixed Bug #66833 Default digest algo is still MD5
...
Switch to SHA1, which match internal openssl hardcoded algo.
In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value
Recent system reject MD5 digest, noticed in bug36732.phpt failure.
While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
2014-03-14 09:50:15 +01:00
356c442558
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Typo fix: sicret -> secret
2014-03-13 12:40:14 +02:00
737c187013
Typo fix: sicret -> secret
2014-03-13 12:37:25 +02:00
7d5c11c235
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
2014-03-06 10:16:16 +01:00
721b9a7c8d
Set default Digest Message to use SHA1 instead of MD5 in openssl tests
...
as MD5 signature are now rejected by newer openssl Version.
Noticed in RHEL-7 and Fedora 21 build.
2014-03-06 10:14:08 +01:00
a7d3606650
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Skip failing tests when EC unavailable (RHEL)
Conflicts:
ext/openssl/openssl.c
2014-02-19 04:01:08 -07:00
633f898f15
Skip failing tests when EC unavailable (RHEL)
2014-02-19 03:57:37 -07:00
bd9aa181dc
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed broken build when EC unavailable
2014-02-17 19:38:30 -05:00
a80cec1190
Fixed broken build when EC unavailable
2014-02-17 18:55:39 -05:00
65adb74984
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix for bug66501 - "key type not supported in this PHP build"
2014-02-14 18:15:24 -07:00
19524fc6fe
Fix for bug66501 - "key type not supported in this PHP build"
2014-02-14 18:11:46 -07:00
47c9027772
Bump year
2014-01-03 11:06:16 +08:00
c0d060f5c0
Bump year
2014-01-03 11:04:26 +08:00
da62fd5ed8
Fixed bug #65486 mysqli_poll() is broken on Win x64
...
While this issue is visible in mysqli_poll() functions, the cause
lays deeper in the stream to socket casting API. On Win x64 the
SOCKET datatype is a 64 or 32 bit unsigned, while on Linux/Unix-like
it's 32 bit signed integer. The game of casting 32 bit var to/from
64 bit pointer back and forth is the best way to break it.
Further more, while socket and file descriptors are always integers
on Linux, those are different things using different APIs on Windows.
Even though using integer instead of SOCKET might work on Windows, this
issue might need to be revamped more carefully later. By this time
this patch is tested well with phpt and apps and shows no regressions,
neither in mysqli_poll() nor in any other parts.
2013-12-12 10:17:01 +01:00
b6bcae5c10
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fix dir separator in cve-2013-6420 test
2013-12-11 13:33:16 +01:00
ff89066b3d
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
fix dir separator in cve-2013-6420 test
2013-12-11 13:32:49 +01:00
6f739318fd
fix dir separator in cve-2013-6420 test
2013-12-11 13:31:29 +01:00
41cd533298
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
5.3.29-dev
Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
2013-12-10 11:35:26 -08:00
71daf3229b
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
5.3.29-dev
Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
Conflicts:
configure.in
main/php_version.h
2013-12-10 11:34:35 -08:00
c1224573c7
Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
2013-12-10 11:03:49 -08:00
3b3c57e79e
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
C89 compatibility
2013-10-09 12:30:42 +02:00
22700890d4
C89 compatibility
2013-10-09 12:30:31 +02:00
36fb4ed968
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed segfault when built with OpenSSL >= 1.0.1
fixing a minor typo in CODING_STANDARDS document
FIX BUG #65219 - Typo correction
FIX BUG #65219 - USE DB not being sent for FreeTDS version < 0.92 FreeTDS <0.92 does not support DBSETLDBNAME option and therefore will not work with SQL Azure. Fallback to dbuse command in letter versions.
2013-10-09 09:17:48 +02:00
b026993a74
Fixed segfault when built with OpenSSL >= 1.0.1
...
(PR #481 )
2013-10-09 09:17:25 +02:00
1a00b9bd26
Remove compile warning:
...
warning: unused variable ‘j’ [-Wunused-variable]
2013-08-19 17:58:42 -07:00
cf7f50748a
Remove compile warnings:
...
variable ‘obj_cnt’ set but not used [-Wunused-but-set-variable]
unused variable ‘last’ [-Wunused-variable]
unused variable ‘j’ [-Wunused-variable]
2013-08-19 17:44:36 -07:00
8e0f110099
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fix using wrong buffer pointer
2013-08-19 01:04:19 -07:00
cf96aa155e
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
fix using wrong buffer pointer
2013-08-19 01:03:18 -07:00
c1c49d6e39
fix using wrong buffer pointer
2013-08-19 01:02:12 -07:00
bd29ff7c38
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix for php bug #64802 includes test case
Conflicts:
ext/openssl/openssl.c
2013-08-18 15:45:17 -07:00
9973658a44
Fix for php bug #64802 includes test case
2013-08-18 15:42:37 -07:00
39612afc72
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.
Conflicts:
ext/dba/libinifile/inifile.c
2013-08-14 20:43:25 -07:00
9ad97cd489
Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.
2013-08-14 20:36:50 -07:00
2b9f5ac252
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix CVE-2013-4073 - handling of certs with null bytes
Fix CVE-2013-4073 - handling of certs with null bytes
2013-08-13 22:25:47 -07:00
dcea4ec698
Fix CVE-2013-4073 - handling of certs with null bytes
2013-08-13 22:24:11 -07:00
2874696a5a
Fix CVE-2013-4073 - handling of certs with null bytes
2013-08-13 22:20:33 -07:00
c6d977dd39
Fix long-standing visual pain point: the misalignment of './configure help' text.
...
Whitespace changes and a couple of grammar fixes.
2013-08-06 11:06:09 -07:00
f00d796b7e
fix missing include
2013-07-23 18:06:51 +02:00
02e4d7a290
Merge branch 'pull-request/341'
...
* pull-request/341: (23 commits)
typofixes
2013-06-10 14:30:59 -07:00
ac40c0b562
Merge branch 'pull-request/341'
...
* pull-request/341: (23 commits)
typofixes
2013-06-10 14:20:18 -07:00
0841eca580
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fix bug #61930 : openssl corrupts ssl key resource when using openssl_get_publickey()
2013-02-17 13:29:34 -08:00
7b0107cc5d
fix bug #61930 : openssl corrupts ssl key resource when using openssl_get_publickey()
2013-02-17 13:28:42 -08:00
6b48a86a17
Merge branch 'PHP-5.4' into PHP-5.5
2013-01-31 00:33:46 +01:00
836a2b1131
NEWS entry new OpenSSL option [doc]
2013-01-31 00:32:44 +01:00
4a01ddfb55
Added ssl context option, "disable_compression"
...
The CRIME attack vector exploits TLS compression. This patch adds a stream context option
allowing servers to disable TLS compression for versions of OpenSSL >= 1.0.0 (which first
introduced the SSL_OP_NO_COMPRESSION option). A summary rundown of the CRIME attack can
be found at https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
Thanks to @DaveRandom for pointing out the relevant section of code.
2013-01-31 00:31:10 +01:00
Stanislav Malyshev