#44900 [Asn->Csd]: OpenSSL extension fails to link with OpenSSL 0.9.6

pajoye Sun, 30 Nov 2008 13:42:40 -0800

 ID:               44900
 Updated by:       [EMAIL PROTECTED]
 Reported By:      jd at cpanel dot net
-Status:           Assigned
+Status:           Closed
 Bug Type:         OpenSSL related
 Operating System: RedHat Linux AS-2
 PHP Version:      5.2.6
 Assigned To:      pajoye
 New Comment:


Fixed in 5.2, 5.3+ requires a more decent version.


Previous Comments:
------------------------------------------------------------------------

[2008-05-05 11:09:09] Bjorn dot Wiberg at its dot uu dot se

Same problem on IBM AIX 5.3:

---8<---
/../
ld: 0711-317 ERROR: Undefined symbol: .EVP_MD_CTX_cleanup
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more
information.
collect2: ld returned 8 exit status
make: *** [sapi/cli/php] Error 1
--->8---

Using OpenSSL 0.9.6m from (IBM) RPM.

Best regards,
Björn

------------------------------------------------------------------------

[2008-05-03 11:50:06] [EMAIL PROTECTED]

Side note: 5.3.0 will have 0.9.8g as requirement (or at the 0.9.7 if
0.9.8 is too "new").

------------------------------------------------------------------------

[2008-05-03 11:48:25] [EMAIL PROTECTED]

Unless we explicitly stop to support this version, it costs nothing to
apply this patch for the person running Sarge and other conservative
OSes.

------------------------------------------------------------------------

[2008-05-03 11:46:02] [EMAIL PROTECTED]

The last 0.9.6 release was more than *four* years ago - you really
should upgrade as *numerous* security fixes where made there.

------------------------------------------------------------------------

[2008-05-02 23:55:58] jd at cpanel dot net

Description:
------------
PHP 5.2.6 introduces some memory cleanup code in the OpenSSL extension.
 Unfortunately, EVP_MD_CTX_cleanup() is only available with OpenSSL
0.9.7 and higher.  openssl.c needs to verify EVP_MD_CTX_cleanup() is
available...

diff -Nur php-5.2.6.orig/ext/openssl/openssl.c
php-5.2.6/ext/openssl/openssl.c
--- php-5.2.6.orig/ext/openssl/openssl.c        2008-04-07
05:44:03.000000000 -0500
+++ php-5.2.6/ext/openssl/openssl.c     2008-05-02 17:11:10.000000000
-0500
@@ -3522,7 +3522,9 @@
                efree(sigbuf);
                RETVAL_FALSE;
        }
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);
        }
@@ -3562,7 +3564,9 @@
        EVP_VerifyInit   (&md_ctx, mdtype);
        EVP_VerifyUpdate (&md_ctx, data, data_len);
        err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature,
signature_len, pkey);
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
 
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);




------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=44900&edit=1

#44900 [Asn->Csd]: OpenSSL extension fails to link with OpenSSL 0.9.6

Reply via email to