mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-01-13 06:24:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
72,266 Commits 505 Branches 1,389 Tags 777 MiB
966faa9a87
Commit Graph

444 Commits

Author SHA1 Message Date
Stanislav Malyshev
088640adb2 Merge branch 'PHp-5.4' 
* PHp-5.4:
  news for bug #61421
  commit for php bug 61421 enabling SHA2 and RMD160 for openssl signature verification
 2012-09-15 23:02:44 -07:00
Mark Jones
84202c367e commit for php bug 61421 
enabling SHA2 and RMD160 for openssl signature verification
 2012-09-15 22:59:34 -07:00
Stanislav Malyshev
c7be96b08f Revert "Add PBKDF2 support via openssl()" 
This reverts commit b5b8ea1050.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:22:49 -07:00
Stanislav Malyshev
a2bfad051d Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell." 
This reverts commit bccd1e672f.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
 2012-06-12 11:21:54 -07:00
Scott MacVicar
5b3c9f4fd1 One more time 2012-06-11 16:23:27 -07:00
Scott MacVicar
bcd671d999 Merge branch '5.4' 
* 5.4:
  Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell.
  Add PBKDF2 support via openssl()

Conflicts:
	ext/openssl/openssl.c
 2012-06-11 16:04:01 -07:00
Scott MacVicar
aadf59dfa4 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 15:59:58 -07:00
Scott MacVicar
bccd1e672f Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 15:41:41 -07:00
Scott MacVicar
b5b8ea1050 Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 13:35:25 -07:00
Scott MacVicar
b481ebae55 Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell. 
Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()
 2012-06-11 12:38:54 -07:00
Felipe Pena
733aaf23b1 - Fixed build (PKCS5_PBKDF2_HMAC is from 1.0.0) 2012-06-11 14:08:38 -03:00
Scott MacVicar
32040b574e Merge branch '5.4' 
* 5.4:
  Add PBKDF2 support via openssl()
 2012-06-11 00:29:02 -07:00
Scott MacVicar
f4847efc5d Add PBKDF2 support via openssl() 
Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070
 2012-06-11 00:24:44 -07:00
Anatoliy Belsky
40bbc7a1ed Merge branch 'PHP-5.4' 
* PHP-5.4:
  Fix bug #61401 ext\openssl\tests\004.phpt fails
  Fix bug #61404 ext\openssl\tests\021.phpt fails
  Fix bug #61404 ext\openssl\tests\021.phpt fails
  Fix bug #61448 intl tests fail with icu >= 4.8
 2012-03-28 17:25:23 +02:00
Anatoliy Belsky
fa0d507923 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fix bug #61401 ext\openssl\tests\004.phpt fails
  Fix bug #61404 ext\openssl\tests\021.phpt fails
  Fix bug #61448 intl tests fail with icu >= 4.8
 2012-03-28 17:13:16 +02:00
Anatoliy Belsky
bff8152565 Fix bug #61401 ext\openssl\tests\004.phpt fails 2012-03-28 17:11:58 +02:00
Anatoliy Belsky
b905167458 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:23:46 +02:00
Anatoliy Belsky
4c5b427124 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:15:36 +02:00
Anatoliy Belsky
bd7bb973b1 Fix bug #61404 ext\openssl\tests\021.phpt fails 2012-03-28 16:04:56 +02:00
Anatoliy Belsky
fe8494d781 Merge branch '5.4' 
* 5.4:
  Fix bug #61405 ext\openssl\tests\022.phpt fails
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 16:32:14 +02:00
Anatoliy Belsky
8d7a489b97 Merge branch '5.3' into 5.4 
* 5.3:
  Fix bug #61405 ext\openssl\tests\022.phpt fails
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 16:15:15 +02:00
Anatoliy Belsky
b638d3020c Fix bug #61405 ext\openssl\tests\022.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
e55718b091 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:59 +02:00
Anatoliy Belsky
7fdd35d697 Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 16:07:25 +02:00
Anatoliy Belsky
686effc677 Merge branch '5.4' 
* 5.4:
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 15:34:57 +02:00
Anatoliy Belsky
5f3ba55a3c Merge branch '5.3' into 5.4 
* 5.3:
  Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 2012-03-27 15:27:20 +02:00
Anatoliy Belsky
5f6bed180e Fix bug #61412 ext\openssl\tests\bug28382.phpt fails 2012-03-27 15:23:01 +02:00
Olivier DOUCET
ad832abba1 test for bug #61124 2012-02-25 13:27:57 +00:00
Olivier DOUCET
118dd43555 test for bug #61124 2012-02-25 13:27:57 +00:00
Olivier DOUCET
f14a1e0aed test for bug #61124 2012-02-25 13:27:57 +00:00
Scott MacVicar
5ef66f2cf5 Fixed bug #61124 (Crash when decoding an invalid base64 encoded string). 2012-02-23 01:26:46 +00:00
Scott MacVicar
6c331093b4 Fixed bug #61124 (Crash when decoding an invalid base64 encoded string). 2012-02-23 01:26:46 +00:00
Scott MacVicar
f424fe8aed Fixed bug #61124 (Crash when decoding an invalid base64 encoded string). 2012-02-23 01:26:46 +00:00
Christopher Jones
b0678ea229 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Christopher Jones
73ccc0a5e9 Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Christopher Jones
df02fbae3e Fix OpenSSL version-dependent diff. "Time Stamp signing" is not in openssl 0.9. Skip current test for 0.9. New test for 0.9 approved by Stas 2012-02-07 01:15:13 +00:00
Rasmus Lerdorf
f6f283c3e2 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
8d5f83dde5 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
38c3fd63e7 Another openssl test that is dependent on the openssl version. The output has 
changed in more recent versions. Synch with newer output and consider changing
the test to only pick out the more stable fields instead of all of them.
 2012-02-05 10:08:16 +00:00
Rasmus Lerdorf
60df9abf95 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
db65a539a1 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e4fb44c8b6 Need EXPECTF here, of course 2012-02-05 09:52:41 +00:00
Rasmus Lerdorf
e24b6cdf56 Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00
Rasmus Lerdorf
d99600ee4d Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00
Rasmus Lerdorf
f3a7ba75cf Getting different hashes here. But this test isn't testing the hashes, 
it is just making sure we actually get a hash and don't crash.
 2012-02-05 09:50:14 +00:00
Rasmus Lerdorf
21c776850c According to the reports on qa this test is failing the same way for everyone. 
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 2012-02-05 09:32:20 +00:00
Rasmus Lerdorf
ee19012eab According to the reports on qa this test is failing the same way for everyone. 
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 2012-02-05 09:32:20 +00:00
Rasmus Lerdorf
a06e8ca56d According to the reports on qa this test is failing the same way for everyone. 
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 2012-02-05 09:32:20 +00:00
Scott MacVicar
398c6e6d11 MFH r322485 
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389
 2012-01-26 05:15:57 +00:00
Scott MacVicar
96aa2eb234 Fix CVE-2011-3389. Possible attack on CBC mode with TLS 1.0. 
See http://www.openssl.org/~bodo/tls-cbc.txt

The biggest reason for this mode being in SSL_OP_ALL was older versions
of IE (2002) talking to servers using OpenSSL.

Can hopefully get this into 5.4.
 2012-01-20 05:31:53 +00:00