What's the difference between the data you save and the data that's
read in? In other words, how is this different from copying the file
from one place to another; why would you use it?
--Wez.
On 6/16/05, Marton Kenyeres <[EMAIL PROTECTED]> wrote:
> Hi!
>
> Dunno, if this is the right place to ask, but I give it a try anyway. If
> I'm misguided, please feel free to point me in the right direction!
>
> Attached is a patch which adds a 6th option to openssl_pkcs7_verify,
> which should be a string and point to a file where the contents of the
> signed message should be saved.
>
> [I believe this patch also fixes a minor safe-mode related bug]
>
> I've tried this on FreeBSD 4.11 / php-5.0.4 / OpenSSL 0.9.7d , so the
> patch is against openssl.c,v 1.89.2.6 , but should apply against HEAD also.
>
> This seems to work correctly with messages created with openssl and
> CAPICOM (The M$ PKI library.)
>
> Cheers,
>
> m.
>
>
>
> --- ext/openssl/openssl.c.orig Tue Mar 15 01:29:36 2005
> +++ ext/openssl/openssl.c Thu Jun 16 14:01:07 2005
> @@ -2152,7 +2152,7 @@
>
> /* {{{ PKCS7 S/MIME functions */
>
> -/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string
> signerscerts [, array cainfo [, string extracerts]]])
> +/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string
> signerscerts [, array cainfo [, string extracerts [, string content]]]])
> Verifys that the data block is intact, the signer is who they say they
> are, and returns the CERTs of the signers */
> PHP_FUNCTION(openssl_pkcs7_verify)
> {
> @@ -2161,17 +2161,18 @@
> STACK_OF(X509) *signers= NULL;
> STACK_OF(X509) *others = NULL;
> PKCS7 * p7 = NULL;
> - BIO * in = NULL, * datain = NULL;
> + BIO * in = NULL, * datain = NULL, * dataout = NULL;
> long flags = 0;
> char * filename; int filename_len;
> char * extracerts = NULL; int extracerts_len;
> char * signersfilename = NULL; int signersfilename_len;
> + char * datafilename = NULL; int datafilename_len;
>
> RETVAL_LONG(-1);
>
> - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sas",
> &filename, &filename_len,
> + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sass",
> &filename, &filename_len,
> &flags, &signersfilename,
> &signersfilename_len, &cainfo,
> - &extracerts, &extracerts_len) == FAILURE) {
> + &extracerts, &extracerts_len, &datafilename,
> &datafilename_len) == FAILURE) {
> return;
> }
>
> @@ -2204,18 +2205,30 @@
> #endif
> goto clean_exit;
> }
> +
> + if (datafilename) {
> +
> + if (php_openssl_safe_mode_chk(datafilename TSRMLS_CC)) {
> + goto clean_exit;
> + }
> +
> + dataout = BIO_new_file(datafilename, "w");
> + if (dataout == NULL) {
> + goto clean_exit;
> + }
> + }
> #if DEBUG_SMIME
> zend_printf("Calling PKCS7 verify\n");
> #endif
>
> - if (PKCS7_verify(p7, others, store, datain, NULL, flags)) {
> + if (PKCS7_verify(p7, others, store, datain, dataout, flags)) {
>
> RETVAL_TRUE;
>
> if (signersfilename) {
> BIO *certout;
>
> - if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
> + if (php_openssl_safe_mode_chk(signersfilename
> TSRMLS_CC)) {
> goto clean_exit;
> }
>
> @@ -2242,6 +2255,7 @@
> X509_STORE_free(store);
> BIO_free(datain);
> BIO_free(in);
> + BIO_free(dataout);
> PKCS7_free(p7);
> sk_X509_free(others);
> }
>
>
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
