Edit report at https://bugs.php.net/bug.php?id=55362&edit=1
ID: 55362 User updated by: anders at ingemann dot de Reported by: anders at ingemann dot de -Summary: X509_PURPOSE_ANY is not supported +Summary: X509_PURPOSE_ANY is not recognized by openssl Status: Open Type: Bug Package: OpenSSL related Operating System: Windows 7 PHP Version: 5.3.6 Block user comment: N Private report: N New Comment: I just found out that the "any" purpose IS actually supported, but it is simply not documented. It seems the constant is somehow referring to a wrong value. Previous Comments: ------------------------------------------------------------------------ [2011-08-04 12:14:53] anders at ingemann dot de Description: ------------ On http://www.php.net/manual/en/function.openssl-x509-checkpurpose.php the purpose check X509_PURPOSE_ANY is mentioned and the constant is defined as well. openssl_x509_checkpurpose() however reports "error:0B086079:x509 certificate routines:X509_STORE_CTX_purpose_inherit:unknown purpose id". Checking up in the documentation i can see that this purpose is not supported (http://www.openssl.org/docs/apps/verify.html#COMMAND_OPTIONS). This constant should be removed, and a note should be put in the documentation, specifying that this is not supported. Test script: --------------- openssl_x509_checkpurpose( mixed $x509cert , X509_PURPOSE_ANY ); while($error = openssl_error_string()) echo $error."\n"; Expected result: ---------------- With a valid certificate openssl_x509_checkpurpose($cert, X509_PURPOSE_ANY) returns true. Actual result: -------------- With a valid certificate openssl_x509_checkpurpose($cert, X509_PURPOSE_ANY) returns false. ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=55362&edit=1