Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Fix CVE-2013-4073 - handling of certs with null bytes

Fix CVE-2013-4073 - handling of certs with null bytes

fix missing include

fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()

Happy New Year

Happy New Year

Happy New Year~

commit for php bug 61421
enabling SHA2 and RMD160 for openssl signature verification

Revert "Add PBKDF2 support via openssl()"

This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for n

Revert "Add PBKDF2 support via openssl()"

This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.

show more ...

Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell."

This reverts commit bccd1e672fabc3c788e93075221d47d9f077b167.
Looks like we don't have agreement

Revert "Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell."

This reverts commit bccd1e672fabc3c788e93075221d47d9f077b167.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.

show more ...

One more time

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in opens

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070

show more ...

Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell.

Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in opens

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070

show more ...

Rename openssl_pkcs5_pbkdf2_hmac() to something that doesn't sound like a spell.

Summary:
Stas pointed out that this is named pretty poorly. Go for openssl_pbkdf2()

- Fixed build (PKCS5_PBKDF2_HMAC is from 1.0.0)

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in opens

Add PBKDF2 support via openssl()

Summary:
No easy way to put these in the hash extension since we don't really support optional
parameters to certain algorithms. Implemented in openssl for now since it has it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070

show more ...

Fix bug #61413 ext\openssl\tests\openssl_encrypt_crash.phpt fails 5.3 only

Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).

Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).

Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).

- Year++

- Year++

- Year++