Fix CSR leaks in openssl

Merge branch 'PHP-7.4'

Fix compilation without deprecated OpenSSL 1.1 APIs

Merge branch 'PHP-7.4'

* PHP-7.4:
Cheaper checks for exceptions thrown from __toString()

Cheaper checks for exceptions thrown from __toString()

Merge branch 'PHP-7.4'

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error excep

Allow exceptions in __toString()

RFC: https://wiki.php.net/rfc/tostring_exceptions

And convert some object to string conversion related recoverable
fatal errors into Error exceptions.

Improve exception safety of internal code performing string
conversions.

show more ...

Convert fetch_resource warnings into TypeErrors

More type checks that are not part of zpp and should generate a
TypeError in PHP 8.

Merge branch 'PHP-7.3' into PHP-7.4

Merge branch 'PHP-7.2' into PHP-7.3

Fix bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c)

It also fixes invalid setting of tag length

Remove confusing spkstr checks

This is a required parameter, it can never be NULL.

Added tls 1.3 support for PHP

Use ZEND_TRY_ASSIGN_REF_... macros for arguments passed to internal function by reference

Replace PHP_TM_GMTOFF with AC_CHECK_MEMBERS

Changes:
- PHP_TM_GMTOFF removed
- HAVE_TM_GMTOFF replaced with HAVE_STRUCT_TM_TM_GMTOFF
- HAVE_TM_ZONE replaced with HAVE_STRUCT_TM_T

Replace PHP_TM_GMTOFF with AC_CHECK_MEMBERS

Changes:
- PHP_TM_GMTOFF removed
- HAVE_TM_GMTOFF replaced with HAVE_STRUCT_TM_TM_GMTOFF
- HAVE_TM_ZONE replaced with HAVE_STRUCT_TM_TM_ZONE
- HAVE_TZNAME removed

The PHP_TM_GMTOFF macro can be replaced with Autoconf's AC_CHECK_MEMBERS
that defines the HAVE_STRUCT_TM_TM_GMTOFF symbol instead of the
HAVE_TM_ZONE.

The HAVE_TZNAME symbol is not used in current code. The obsolete
HAVE_TM_ZONE symbol has been replaced with more proper
HAVE_STRUCT_TM_TM_ZONE. These are defined by the AC_STRUCT_TIMEZONE
macro.

show more ...

Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
Sync with behavior change in OpenSSL 1.1.1b

Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
Sync with behavior change in OpenSSL 1.1.1b

Sync with behavior change in OpenSSL 1.1.1b

A behavior change in revealed by some openssl_decrypt() based test,
where an encrypt API is used with a decrypt context. The EVP_Cipher*
f

Sync with behavior change in OpenSSL 1.1.1b

A behavior change in revealed by some openssl_decrypt() based test,
where an encrypt API is used with a decrypt context. The EVP_Cipher*
functions will automatically choose the right operation depending on the
context passed.

show more ...

Fix incorrect outbuf freeing

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.

show more ...

Remove yearly range from copyright notice

Refactor subset of openssl module.

Proposal to abstract a subset of the openssl module,
to be able to use two ways encryption outside of this context.

Implement typed properties

RFC: https://wiki.php.net/rfc/typed_properties_v2

This is a squash of PR #3734, which is a squash of PR #3313.

Co-authored-by: Bob Weinand <bobwe

Implement typed properties

RFC: https://wiki.php.net/rfc/typed_properties_v2

This is a squash of PR #3734, which is a squash of PR #3313.

Co-authored-by: Bob Weinand <bobwei9@hotmail.com>
Co-authored-by: Joe Watkins <krakjoe@php.net>
Co-authored-by: Dmitry Stogov <dmitry@zend.com>

show more ...

Improve openssl_random_pseudo_bytes()

CSPRNG implementations should always fail closed. Now
openssl_random_pseudo_bytes() will fail closed by throwing an
`\Exception` in fail conditi

Improve openssl_random_pseudo_bytes()

CSPRNG implementations should always fail closed. Now
openssl_random_pseudo_bytes() will fail closed by throwing an
`\Exception` in fail conditions.

RFC: https://wiki.php.net/rfc/improve-openssl-random-pseudo-bytes

show more ...

Add openssl_x509_verify() function

This patch introduces a wrapper around OpenSSL's X509_verify() function.