| #
994e866c |
| 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix memory leak in php_openssl_pkey_from_zval()
Closes GH-16691.
|
| #
2f4f09f7 |
| 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix various memory leaks related to openssl exports
Closes GH-16692.
|
| #
ac8d0e57 |
| 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Prevent unexpected array entry conversion when reading key
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original
Prevent unexpected array entry conversion when reading key
When passing an array, the key entry can get converted to a string if it
is an object, but this actually modifies the original array entry.
The test originally outputted:
```
array(2) {
[0]=>
string(...) => ...
[1]=>
string(0) ""
}
```
This is unexpected. Use zval_try_get_string() to prevent this behaviour.
Closes GH-16693.
show more ...
|
| #
5ddb7566 |
| 03-Nov-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix various memory leaks on error conditions in openssl_x509_parse()
Closes GH-16690.
|
| #
2bdf2f91 |
| 14-Oct-2024 |
Christoph M. Becker |
Fix GH-16433: Large values for openssl_csr_sign() $days overflow
The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `
Fix GH-16433: Large values for openssl_csr_sign() $days overflow
The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `zend_long`. We must
avoid signed integer overflow (UB), but also must not silently truncate.
Thus we check the given `$days` for the permissible range, and bail out
otherwise.
Closes GH-16437.
show more ...
|
| #
549bcdb7 |
| 11-Oct-2024 |
Christoph M. Becker |
Fix GH-16357: openssl may modify member types of certificate arrays
We must not use `try_convert_to_string()` on members of unseparated
array arguments; instead of separating, we use `zv
Fix GH-16357: openssl may modify member types of certificate arrays
We must not use `try_convert_to_string()` on members of unseparated
array arguments; instead of separating, we use `zval_try_get_string()`.
Closes GH-16370.
show more ...
|
| #
5e2a586c |
| 10-Dec-2023 |
David Carlier |
ext/openssl: fix libressl build.
Close GH-12919 |
| #
7c4763ab |
| 21-Dec-2023 |
Jakub Zelenka |
Fix GH-12987: openssl_csr_sign might leak new cert on error
Closes GH-12988 |
| #
f90b4041 |
| 23-Oct-2023 |
Jakub Zelenka |
Fix #50713: openssl_pkcs7_verify() may ignore untrusted CAs
Closes GH-12499 |
| #
b2f6b6ea |
| 22-Oct-2023 |
Jakub Zelenka |
Merge branch 'PHP-8.1' into PHP-8.2
|
| #
83a242ec |
| 21-Oct-2023 |
Jakub Zelenka |
Fix GH-12489: Missing sigbio creation checking in openssl_cms_verify
Closes GH-12490 |
| #
a13cca8a |
| 05-Mar-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Merge branch 'PHP-8.1' into PHP-8.2
* PHP-8.1:
Add missing error check on PEM_write_bio_PKCS7()
Add missing error check on PEM_write_bio_CMS()
Add missing error check on i2
Merge branch 'PHP-8.1' into PHP-8.2
* PHP-8.1:
Add missing error check on PEM_write_bio_PKCS7()
Add missing error check on PEM_write_bio_CMS()
Add missing error check on i2d_PKCS12_bio()
Add missing error checks on EVP_MD_CTX_create() and EVP_VerifyInit()
show more ...
|
| #
22c9e7e2 |
| 04-Mar-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Add missing error check on PEM_write_bio_PKCS7()
Closes GH-10752. |
| #
51ea4a68 |
| 02-Mar-2023 |
nielsdos <7771979+nielsdos@users.noreply.github.com> |
Add missing error check on PEM_write_bio_CMS()
On failure, this function returns 0. 2 other callers of this function
already check the return value, but this one was missed. |
| #
d2ef1561 |
| 03-Mar-2023 |
nielsdos <7771979+nielsdos@users.noreply.github.com> |
Add missing error check on i2d_PKCS12_bio()
This function returns 0 on error and 1 on success. The error case was
not checked and the function therefore would've returned true.
The o
Add missing error check on i2d_PKCS12_bio()
This function returns 0 on error and 1 on success. The error case was
not checked and the function therefore would've returned true.
The only other caller of i2d_PKCS12_bio() in the file has
a correct error check.
Closes GH-10761.
show more ...
|
| #
0d011e46 |
| 16-Jan-2023 |
Dmitry Stogov |
Revert "Merge branch 'PHP-8.0' into PHP-8.1"
This reverts commit 0116864cd312f9756f38a0ee0f83bb302a7e367b, reversing
changes made to 1f715f5658f5909a9346f56812fa605744d23880. |
| #
0116864c |
| 12-Jan-2023 |
Tim Düsterhus |
Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
Revert "Make build work with newer OpenSSL"
[ci skip] Next release will be 8.0.28
[ci skip] Prepare for PHP 8.0.27 GA
|
| #
255e08ac |
| 03-Jan-2023 |
Gabriel Caruso |
Revert "Make build work with newer OpenSSL"
This reverts commit 5f90134bb69a345c7edb5013e6461e84caa32dbc. |
| #
5f90134b |
| 19-Dec-2022 |
Stanislav Malyshev |
Make build work with newer OpenSSL |
| #
c8d8bf7c |
| 25-Nov-2022 |
Jakub Zelenka |
Merge branch 'PHP-8.1' into PHP-8.2
|
| #
500b28ad |
| 25-Nov-2022 |
Jakub Zelenka |
Fix GH-10000: Test failures when OpenSSL compiled with no-dsa |
| #
c022ce92 |
| 25-Nov-2022 |
Jakub Zelenka |
Merge branch 'PHP-8.1' into PHP-8.2
|
| #
ce572213 |
| 25-Nov-2022 |
Jakub Zelenka |
Fix GH-9064: PHP fails to build if openssl was built with no-ec |
| #
3d90a24e |
| 24-Nov-2022 |
Jakub Zelenka |
Fix GH-9997: OpenSSL engine clean up segfault |
| #
3e2184f7 |
| 22-Oct-2022 |
Jakub Zelenka |
Fix OpenSSL conflicting merge for compilation issue with old digests |
