#
a1863128 |
| 25-Mar-2014 |
Chuan Ma |
Fix #66942: openssl_seal() memory leak Fix #66952: memory leak in openssl_open()
|
Revision tags: php-5.5.11RC1, php-5.4.27RC1 |
|
#
17f6391b |
| 14-Mar-2014 |
Remi Collet |
Fixed Bug #66833 Default digest algo is still MD5 Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (defa
Fixed Bug #66833 Default digest algo is still MD5 Switch to SHA1, which match internal openssl hardcoded algo. In most case, won't even be noticed - priority on user input (default_md) - fallback on system config - fallback on this default value Recent system reject MD5 digest, noticed in bug36732.phpt failure. While SHA1 is better than MD5, SHA256 is recommenced, and defined as default algo in provided configuration on recent system (Fedora 21, RHEL-7, ...). But the idea is to keep in sync with openssl internal value for PHP internal value.
show more ...
|
#
737c1870 |
| 13-Mar-2014 |
Michael Meyer |
Typo fix: sicret -> secret
|
Revision tags: php-5.5.10, php-5.4.26 |
|
#
27849c99 |
| 04-Mar-2014 |
Daniel Lowrey |
Refactor + reorganize openssl files - All streams-related code now lives in xp_ssl.c. Previously stream code was split across both openssl.c and xp_ssl.c - Folded superfluous php_o
Refactor + reorganize openssl files - All streams-related code now lives in xp_ssl.c. Previously stream code was split across both openssl.c and xp_ssl.c - Folded superfluous php_openssl_structs.h into xp_ssl.c - Server-specific options now set on SSL_CTX instead of SSL - Deprecate SNI_server_name ctx option - Miscellaneous refactoring
show more ...
|
#
e8995c8c |
| 02-Mar-2014 |
Chris Wright |
Windows cert verify improvements + leak fixes - Clean up properly at all fail points in native Windows peer verification routine - Bring certificate usages and chain flags into lin
Windows cert verify improvements + leak fixes - Clean up properly at all fail points in native Windows peer verification routine - Bring certificate usages and chain flags into line with chromium implementation in windows environments
show more ...
|
Revision tags: php-5.6.0alpha3 |
|
#
d0a6f8c6 |
| 26-Feb-2014 |
Daniel Lowrey |
Deprecate CN_match in favor of peer_name in SSL contexts
|
#
82a98f6e |
| 26-Feb-2014 |
Anatol Belski |
kick redundant include this is already present from php.h
|
#
f8fe09dc |
| 25-Feb-2014 |
Daniel Lowrey |
Tolerate non-standard newlines when parsing stream CA files
|
#
47b5873c |
| 24-Feb-2014 |
Daniel Lowrey |
Change openssl directives to PHP_INI_PERDIR Because openssl.cafile and openssl.capath have implications for security these directives have been changed to PHP_INI_PERDIR (previously
Change openssl directives to PHP_INI_PERDIR Because openssl.cafile and openssl.capath have implications for security these directives have been changed to PHP_INI_PERDIR (previously PHP_INI_ALL)
show more ...
|
#
480e4f85 |
| 21-Feb-2014 |
Chris Wright |
Add peer certificate verification on windows Peer certificate verification on Windows using the native certificate store and the Windows API
|
#
5b6ef90b |
| 21-Feb-2014 |
Anatol Belski |
fix linkage "extern inline" looks like tricky case for portability, but extern is required with VS. So reduce the case to a starndard one to avoid unporbatibily.
|
#
b6edbd58 |
| 20-Feb-2014 |
Daniel Lowrey |
Mitigate client-initiated SSL renegotiation DoS
|
Revision tags: php-5.4.26RC1, php-5.5.10RC1, php-5.6.0alpha2 |
|
#
3a9829af |
| 11-Feb-2014 |
Daniel Lowrey |
Use crypto method flags; add tlsv1.0 wrapper; add wrapper tests
|
#
df6bfe3b |
| 11-Feb-2014 |
Daniel Lowrey |
Add openssl_get_cert_locations() function
|
#
258d04df |
| 11-Feb-2014 |
Daniel Lowrey |
Explicitly set cert verify depth if not specified
|
#
225f534b |
| 11-Feb-2014 |
Daniel Lowrey |
Strengthen default cipher list
|
#
633f898f |
| 19-Feb-2014 |
Daniel Lowrey |
Skip failing tests when EC unavailable (RHEL)
|
#
a80cec11 |
| 17-Feb-2014 |
Daniel Lowrey |
Fixed broken build when EC unavailable
|
#
c7220dc6 |
| 15-Feb-2014 |
Daniel Lowrey |
Fix Bug #65538 (cafile now supports stream wrappers)
|
Revision tags: php-5.5.9, php-5.4.25 |
|
#
19524fc6 |
| 22-Jan-2014 |
mk-j |
Fix for bug66501 - "key type not supported in this PHP build"
|
#
89292d95 |
| 15-Feb-2014 |
Daniel Lowrey |
Add missing TSRMLS_CC
|
#
ce8dc0ed |
| 14-Feb-2014 |
Daniel Lowrey |
Bug #47030 (separate host and peer verification)
|
#
b4b4d969 |
| 28-Jan-2014 |
Daniel Lowrey |
Verify peers by default in client socket operations
|
#
68883318 |
| 27-Jan-2014 |
Daniel Lowrey |
Prevent invalid SAN peer verification on null byte prefix attack
|
Revision tags: php-5.5.9RC1, php-5.4.25RC1, php-5.6.0alpha1, php-5.5.8, php-5.4.24 |
|
#
c081ce62 |
| 03-Jan-2014 |
Xinchen Hui |
Bump year
|