dmitry Wed Jul 11 12:18:14 2007 UTC Modified files: (Branch: PHP_5_2) /php-src NEWS /php-src/ext/openssl openssl.c /php-src/ext/openssl/tests bug28382.phpt Log: mproced openssl_x509_parse() to return extensions in readable form http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.826&r2=1.2027.2.547.2.827&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.826 php-src/NEWS:1.2027.2.547.2.827 --- php-src/NEWS:1.2027.2.547.2.826 Tue Jul 10 20:25:49 2007 +++ php-src/NEWS Wed Jul 11 12:18:13 2007 @@ -6,6 +6,7 @@ - Upgraded PCRE to version 7.2 (Nuno) - Updated timezone database to version 2007.6. (Derick) +- Improced openssl_x509_parse() to return extensions in readable form. (Dmitry) - Improved fix for MOPB-03-2007. (Ilia) - Corrected fix for CVE-2007-2872. (Ilia) - Enabled statement cache for non-persistent OCI8 connections. @@ -30,6 +31,7 @@ - Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. (Andrey A. Belashkov, Tony) +- Fixed crash in OpenSSL extension because of non-strin passphrase. (Dmitry) - Fixed var_export() to use the new H modifier so that it can generate parseable PHP code for floats, independent of the locale. (Derick) - Fixed regression introduced by the fix for the libgd bug #74. (Pierre) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.37&r2=1.98.2.5.2.38&diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.37 php-src/ext/openssl/openssl.c:1.98.2.5.2.38 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.37 Wed Jul 11 07:36:12 2007 +++ php-src/ext/openssl/openssl.c Wed Jul 11 12:18:14 2007 @@ -20,7 +20,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: openssl.c,v 1.98.2.5.2.37 2007/07/11 07:36:12 dmitry Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.38 2007/07/11 12:18:14 dmitry Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -999,8 +999,10 @@ char * tmpstr; zval * subitem; X509_EXTENSION *extension; - ASN1_OCTET_STRING *extdata; char *extname; + BIO *bio_out; + BUF_MEM *bio_buf; + char buf[256]; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z|b", &zcert, &useshortnames) == FAILURE) { return; @@ -1082,9 +1084,20 @@ for (i = 0; i < X509_get_ext_count(cert); i++) { extension = X509_get_ext(cert, i); - extdata = X509_EXTENSION_get_data(extension); - extname = (char *)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension))); - add_assoc_asn1_string(subitem, extname, extdata); + if (OBJ_obj2nid(X509_EXTENSION_get_object(extension)) != NID_undef) { + extname = (char *)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension))); + } else { + OBJ_obj2txt(buf, sizeof(buf)-1, X509_EXTENSION_get_object(extension), 1); + extname = buf; + } + bio_out = BIO_new(BIO_s_mem()); + if (X509V3_EXT_print(bio_out, extension, 0, 0)) { + BIO_get_mem_ptr(bio_out, &bio_buf); + add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1); + } else { + add_assoc_asn1_string(subitem, extname, X509_EXTENSION_get_data(extension)); + } + BIO_free(bio_out); } add_assoc_zval(return_value, "extensions", subitem); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug28382.phpt?r1=1.1.2.5&r2=1.1.2.6&diff_format=u Index: php-src/ext/openssl/tests/bug28382.phpt diff -u php-src/ext/openssl/tests/bug28382.phpt:1.1.2.5 php-src/ext/openssl/tests/bug28382.phpt:1.1.2.6 --- php-src/ext/openssl/tests/bug28382.phpt:1.1.2.5 Wed May 30 15:40:26 2007 +++ php-src/ext/openssl/tests/bug28382.phpt Wed Jul 11 12:18:14 2007 @@ -14,25 +14,28 @@ --EXPECTF-- array(11) { ["basicConstraints"]=> - string(2) "%s" + string(8) "CA:FALSE" ["nsComment"]=> - string(40) "%s" + string(38) "For Grid use only; request tag userTag" ["nsCertType"]=> - string(4) "%s" + string(30) "SSL Client, SSL Server, S/MIME" ["crlDistributionPoints"]=> - string(56) "%s" + string(51) "URI:http://mobile.blue-software.ro:90/ca/crl.shtml +" ["nsCaPolicyUrl"]=> - string(40) "%s" + string(38) "http://mobile.blue-software.ro:90/pub/" ["subjectAltName"]=> - string(26) "%s" + string(28) "email:[EMAIL PROTECTED]" ["subjectKeyIdentifier"]=> - string(22) "%s" + string(59) "B0:A7:FF:F9:41:15:DE:23:39:BD:DD:31:0F:97:A0:B2:A2:74:E0:FC" ["authorityKeyIdentifier"]=> - string(159) "%s" + string(115) "DirName:/C=RO/ST=Romania/L=Craiova/O=Sergiu/OU=Sergiu SRL/CN=Sergiu CA/[EMAIL PROTECTED] +serial:00 +" ["keyUsage"]=> - string(4) "%s" + string(71) "Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment" ["nsBaseUrl"]=> - string(22) "%s" - ["UNDEF"]=> + string(20) "http://62.231.98.52/" + ["1.2.3.4"]=> string(4) "%s" }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php