- #41423. PHP assumes wrongly that certain ciphers are enabled in OpenSSL

2024-12-11 10:54:47 +08:00 · 2007-05-19 22:05:08 +00:00 · 2007-05-19 22:05:08 +00:00 · 26e22f34fa
commit 26e22f34fa
parent b828d1939f
2 changed files with 12 additions and 0 deletions
--- a/2
+++ b/2
@ -21,6 +21,8 @@ PHP                                                                        NEWS
 - Fixed segfault in strripos(). (Tony, Joxean Koret)
 - Fixed bug #41430 (Fatal error with negative values of maxlen parameter of 
  file_get_contents()). (Tony)
+- fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in 
+  OpenSSL) (Pierre)
 - Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). 
  (Tony, Dmitry)
 - Fixed bug #41403 (json_decode cannot decode floats if localeconv 
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@ -707,11 +707,15 @@ PHP_MINIT_FUNCTION(openssl)
 	REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);

 	/* Ciphers */
+#ifndef OPENSSL_NO_RC2
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_40", PHP_OPENSSL_CIPHER_RC2_40, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_128", PHP_OPENSSL_CIPHER_RC2_128, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_64", PHP_OPENSSL_CIPHER_RC2_64, CONST_CS|CONST_PERSISTENT);
+#endif
+#ifndef OPENSSL_NO_DES
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES", PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES", PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
+#endif

 	/* Values for key types */
 	REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA", OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
@ -2928,6 +2932,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)

 	/* sanity check the cipher */
 	switch (cipherid) {
+#ifndef OPENSSL_NO_RC2
 		case PHP_OPENSSL_CIPHER_RC2_40:
 			cipher = EVP_rc2_40_cbc();
 			break;
@ -2937,12 +2942,17 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
 		case PHP_OPENSSL_CIPHER_RC2_128:
 			cipher = EVP_rc2_cbc();
 			break;
+#endif
+
+#ifndef OPENSSL_NO_DES
 		case PHP_OPENSSL_CIPHER_DES:
 			cipher = EVP_des_cbc();
 			break;
 		case PHP_OPENSSL_CIPHER_3DES:
 			cipher = EVP_des_ede3_cbc();
 			break;
+#endif
+
 		default:
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid cipher type `%ld'", cipherid);
 			goto clean_exit;