Hi Pierre, > > By the way, it would be nice (and faster) if you can join a couple of > tests and examples (with required data). it will make my work a bit > easier while testing your patch.
It took some time - but I now managed to put together some test cases (which hopefully can also serve as examples). I noticed that the current "openssl_x509_checkpurpose" function does not allow for passing verification flags so I introduced a new function "openssl_x509_check" (verify might be better but might cause confusion with openssl_verify) which does pretty much the same thing but takes a flags parameter which can be used to enable CRL checking and some other checking features which I did not test yet. I chose to add a new function because a) adding the argument to the end forces passing two (one unused in most cases) optional arguments b) _checkpurpose is a bit too specific. I hope that approach is okay. The updated patch is at http://mbechler.eenterphace.org/php6-openssl-crl.patch and the phpt and required data (needs a small CA, included files are valid for 5 years) at http://mbechler.eenterphace.org/php6-openssl-crl-tests.tar.bz2 I noted my test fails (even for ascii filenames) when run in unicode mode which is a result of this check in php_openssl_x509_from_zval: if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { return NULL; } maybe I'll find some time to have a look at proper filesystem encoding conversions for ext/openssl. best regards Moritz Bechler PS: Is there any way to recover/reset a lost bug password so I can add these links to my feature request? -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php