Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fix #52093: openssl_csr_sign truncates $serial

Fix #52093: openssl_csr_sign truncates $serial

We use `ASN1_INTEGER_set_int64()` if supported[1], to avoid the
truncation of the integer.

[1] <https://www.openssl.org/docs/man1.

Fix #52093: openssl_csr_sign truncates $serial

We use `ASN1_INTEGER_set_int64()` if supported[1], to avoid the
truncation of the integer.

[1] <https://www.openssl.org/docs/man1.1.0/man3/ASN1_INTEGER_set_int64.html#HISTORY>

Closes GH-7209.

show more ...

Mark various functions with void arguments.

This fixes a bunch of [-Wstrict-prototypes] warning,
because in C func() and func(void) have different semantics.

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |

show more ...

Merge branch 'PHP-8.0'

* PHP-8.0:
Mark resource-like objects as non-comparable

Mark resource-like objects as non-comparable

As these hold on to some internal resource, there can't be two
"equal" objects with different identity. Make sure the lack of
public prop

Mark resource-like objects as non-comparable

As these hold on to some internal resource, there can't be two
"equal" objects with different identity. Make sure the lack of
public properties doesn't result in these being treated as always
equal.

show more ...

Merge branch 'PHP-8.0'

* PHP-8.0:
Suppress OpenSSL error on missing optional config

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Suppress OpenSSL error on missing optional config

Suppress OpenSSL error on missing optional config

openssl_pkey_new() fetches various options from the config file --
most of these are optional, and not specifying them is not an error

Suppress OpenSSL error on missing optional config

openssl_pkey_new() fetches various options from the config file --
most of these are optional, and not specifying them is not an error
condition from the perspective of the user. Unfortunately, the
CONF_get_string() API pushes an error when accessing a key that
doesn't exist (_CONF_get_string does not, but that is presumably a
private API). This commit adds a helper php_openssl_conf_get_string()
that automatically clears the error in this case. I've found that
OpenSSL occasionally does the same thing internally:
https://github.com/openssl/openssl/blob/22040fb790c854cefb04bed98ed38ea6357daf83/apps/req.c#L515-L517

Closes GH-6699.

show more ...

Merge branch 'PHP-8.0'

* PHP-8.0:
Fixed bug #80747

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fixed bug #80747

Fixed bug #80747

If RSA key generation fails, actually report that failure.

Generate class entries from stubs for oci8, odbc, openssl, pcntl, pdo, pgsql

Closes GH-6691

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.

show more ...

Merge branch 'PHP-8.0'

* PHP-8.0:
Next attempt to fix bug #80368

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Next attempt to fix bug #80368

Next attempt to fix bug #80368

Apparently treating LibreSSL as OpenSSL 1.1 is not just something
we did in our code, it's something that upstream LibreSSL claims,
despite not actuall

Next attempt to fix bug #80368

Apparently treating LibreSSL as OpenSSL 1.1 is not just something
we did in our code, it's something that upstream LibreSSL claims,
despite not actually being compatible. Duh.

Check for EVP_CIPH_OCB_MODE instead, which should reliably
determine support...

show more ...

Merge branch 'PHP-8.0'

* PHP-8.0:
Fixed bug #80368

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fixed bug #80368

Fixed bug #80368

We assume that usually LibreSSL supports everything OpenSSL 1.1 does.
In this instance, this is not the case.

Bump minimal OpenSSL version to 1.0.2

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fix CCM tag length setting for old OpenSSL versions

Fix CCM tag length setting for old OpenSSL versions

While OpenSSL 1.1 allows unconditionally setting the CCM tag length
even for decryption, some older versions apparently do not. As suc

Fix CCM tag length setting for old OpenSSL versions

While OpenSSL 1.1 allows unconditionally setting the CCM tag length
even for decryption, some older versions apparently do not. As such,
we do need to treat CCM and OCB separately after all.

show more ...

Merge branch 'PHP-7.4' into PHP-8.0

* PHP-7.4:
Fix bug #79983: Add support for OCB mode

Fix bug #79983: Add support for OCB mode

OCB mode ciphers were already exposed to openssl_encrypt/decrypt,
but misbehaved, because they were not treated as AEAD ciphers.
From that pe

Fix bug #79983: Add support for OCB mode

OCB mode ciphers were already exposed to openssl_encrypt/decrypt,
but misbehaved, because they were not treated as AEAD ciphers.
From that perspective, OCB should be treated the same way as GCM.
In OpenSSL 1.1 the necessary controls were unified under
EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1).

Closes GH-6337.

show more ...