- re apply the rng change specific to windows, long term it should be a std function but as this function was badly introduced in the 1st place, we have to fix the bad things here instead, pls do not

- re apply the rng change specific to windows, long term it should be a std function but as this function was badly introduced in the 1st place, we have to fix the bad things here instead, pls do not revert again, bad idea.

show more ...

- re apply the rng change specific to windows, long term it should be a std function but as this function was badly introduced in the 1st place, we have to fix the bad things here instead, pls do not

- re apply the rng change specific to windows, long term it should be a std function but as this function was badly introduced in the 1st place, we have to fix the bad things here instead, pls do not revert again, bad idea.

show more ...

Revert change to use a special Windows version of openssl_random_pseudo_bytes().

Lets discuss this on internals first. We're advertising something from the OpenSSL library
and then subve

Revert change to use a special Windows version of openssl_random_pseudo_bytes().

Lets discuss this on internals first. We're advertising something from the OpenSSL library
and then subverting it with another Windows OS call.

What are the implications of this? Should we make this available in ext/standard/ instead?

show more ...

Revert change to use a special Windows version of openssl_random_pseudo_bytes().

Lets discuss this on internals first. We're advertising something from the OpenSSL library
and then subve

Revert change to use a special Windows version of openssl_random_pseudo_bytes().

Lets discuss this on internals first. We're advertising something from the OpenSSL library
and then subverting it with another Windows OS call.

What are the implications of this? Should we make this available in ext/standard/ instead?

show more ...

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the blowfish algorithm would be truncated to 128 bit.

Also fixed an error in the zend_parse_parameters() having an invalid character being used.

show more ...

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the blowfish algorithm would be truncated to 128 bit.

Also fixed an error in the zend_parse_parameters() having an invalid character being used.

show more ...

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the

openssl_encrypt() / openssl_decrypt() were flawed and truncated the key to the default size for the case of a variable key length cipher.

The result is a key of 448 bits being passed to the blowfish algorithm would be truncated to 128 bit.

Also fixed an error in the zend_parse_parameters() having an invalid character being used.

show more ...

- use php_win32_get_random_bytes instead of over slow and partially wrong openssl's version

- use php_win32_get_random_bytes instead of over slow and partially wrong openssl's version

- did I not kill that already? (do not use rand_screen, pointless on server and not TS)

- did I not kill that already? (do not use rand_screen, pointless on server and not TS)

- did I not kill that already? (do not use rand_screen, pointless on server and not TS)

- Added new parameter parsing option (p - for valid path (string without null byte in the middle))
# The tests will be fixed in the next commits

- Added new parameter parsing option (p - for valid path (string without null byte in the middle))
# The tests will be fixed in the next commits

Allow management of your own padding in openssl_encrypt/decrypt.

For using mcrypt / openssl interchangeabley managing your own padding is the only solution.

Allow management of your own padding in openssl_encrypt/decrypt.

For using mcrypt / openssl interchangeabley managing your own padding is the only solution.

MFH: The project calls itself OpenSSL and not openSSL, so let's keep it
that way in our code as well.

The project calls itself OpenSSL and not openSSL, so let's keep it
that way in our code as well.

SSLV2 patch cleanup

SSLV2 patch cleanup

- fix bug #54061, memory leak in openssl_decrypt

- fix bug #54061, memory leak in openssl_decrypt

- fix test 025

- fix bug #54060, memory leak in openssl_encrypt

- fix bug #54060, memory leak in openssl_encrypt