php-general Digest 28 Mar 2013 14:22:47 -0000 Issue 8177
Topics (messages 320705 through 320709):
Re: magic_quotes_gpc stays on even when disabled in php.ini
320705 by: Daniel Fenn
320709 by: Jim Giner
Re: php, openssl and GOST ciphers
320706 by: czirzow.gmail.com
320708 by: Eugene M. Zheganin
Re: Compiler for the PHP code
320707 by: czirzow.gmail.com
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
I think ";magic_quotes_gpc = Off" should be "magic_quotes_gpc = Off"
Then restart apache/php or whatever it is your running
Regards,
Daniel Fenn
On Thu, Mar 28, 2013 at 11:39 AM, Madan Thapa <madan.feedb...@gmail.com> wrote:
> Hi,
>
> I installed php 5.3.23 recently on a CentOS sever and magic_quotes_gpc
> stays on even when disabled in php.ini
>
>
> root@server [~]# grep magic_quo /usr/local/php5.3/lib/php.ini
> ; magic_quotes_gpc
> ;magic_quotes_gpc = Off
> magic_quotes_runtime = Off
> magic_quotes_sybase = Off
> root@server [~]#
>
>
>
>
> php info results:
>
> magic_quotes_gpcOnOnmagic_quotes_runtimeOffOffmagic_quotes_sybaseOffOff
>
>
>
> Is anyone aware of such issues for php 5.3.23 ? or any where i might look
> at in troubleshooting this?
>
>
> Please advise.
>
> Thank you
--- End Message ---
--- Begin Message ---
On 3/27/2013 8:43 PM, Daniel Fenn wrote:
I think ";magic_quotes_gpc = Off" should be "magic_quotes_gpc = Off"
Then restart apache/php or whatever it is your running
Regards,
Daniel Fenn
On Thu, Mar 28, 2013 at 11:39 AM, Madan Thapa <madan.feedb...@gmail.com> wrote:
Hi,
I installed php 5.3.23 recently on a CentOS sever and magic_quotes_gpc
stays on even when disabled in php.ini
root@server [~]# grep magic_quo /usr/local/php5.3/lib/php.ini
; magic_quotes_gpc
;magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
root@server [~]#
php info results:
magic_quotes_gpcOnOnmagic_quotes_runtimeOffOffmagic_quotes_sybaseOffOff
Is anyone aware of such issues for php 5.3.23 ? or any where i might look
at in troubleshooting this?
Please advise.
Thank you
could also be that there is another ini file conflicting with your
settings. That happened to me.
--- End Message ---
--- Begin Message ---
My suggestion is to ensure all the paths to what you use are valid
This should help:
var_dump('file://'.realpath('./p12.pem'));
Does that and the rest of the files
Exists?
I do hope these files are not in your document root
Curt.
--
Resistance is futile
On Mar 22, 2013, at 12:35 PM, "Eugene M. Zheganin" <e...@norma.perm.ru> wrote:
> Hi.
>
> I'm trying to sign an S/MIME with PHP, using a pair of GOST-encrypted
> certificate and a private key.
>
> When using openssl itself from a console everything is fine:
>
> /usr/local/openssl/bin/openssl cms -sign -in file.txt -out signedfile.txt
> -signer p12.pem
> (signedfile.txt is created)
>
> /usr/local/openssl/bin/openssl cms -verify -in signedfile.txt -out
> signedddata.txt -no_signer_cert_verify -issuer_checks -ignore_critical
> Verification successful
>
> When using PHP code I'm kinda stuck:
>
> $res = openssl_pkcs7_sign("file.txt", "phpsignedfile.txt",
> 'file://'.realpath('./p12.pem'), 'file://'.realpath('./p12.pem'), array("To"
> => "f...@bar.com", "From: FooBar <f...@bar.com>", "Subject" => "Foo Bar"));
>
> if (!$res) {
> while ($msg = openssl_error_string())
> echo $msg . "<br />\n";
> echo "Failed to sign.\n"; exit;
> }
>
> I get:
>
> # /usr/local/php/bin/php sign-clear.php
> PHP Warning: openssl_pkcs7_sign(): error getting private key in
> /root/tests/sign-clear.php on line 3
> error:0609E09C:digital envelope routines:PKEY_SET_TYPE:unsupported
> algorithm<br />
> error:0606F076:digital envelope routines:EVP_PKCS82PKEY:unsupported private
> key algorithm<br />
> error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib<br />
> Failed to sign.
>
> The 'error getting private key' is all the time here, except for when it
> really cannot be loaded I get the 'no start line error'. So this output
> really looks like PHP openssl module cannot find a proper cipher.
>
> How do I tell PHP that this is a GOST cipher ? I'm telling this to openssl
> either using a config file, or using a direct '-engine gost' option. Is there
> a way to tell PHP the same thing ?
>
> I have indeed a PHP compiled and linked to a GOST-enabled openss 1.0.1e
> (openssl module was built with PHP together):
>
> # /usr/local/openssl/bin/openssl ciphers | grep -i GOST
> ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:GOST2001-GOST89-GOST89:GOST94-GOST89-GOST89:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
>
> (notice it's the default config output)
>
> # ldd /usr/local/php/bin/php
> linux-vdso.so.1 => (0x00007fff42455000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0x00007f1077404000)
> libresolv.so.2 => /lib/libresolv.so.2 (0x00007f10771ee000)
> librt.so.1 => /lib/librt.so.1 (0x00007f1076fe5000)
> libmcrypt.so.4 => /usr/lib/libmcrypt.so.4 (0x00007f1076db3000)
> libltdl.so.7 => /usr/lib/libltdl.so.7 (0x00007f1076baa000)
> libdl.so.2 => /lib/libdl.so.2 (0x00007f10769a5000)
> libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00007f107671d000)
> libz.so.1 => /usr/lib/libz.so.1 (0x00007f1076506000)
> libpng12.so.0 => /lib/libpng12.so.0 (0x00007f10762df000)
> libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0x00007f10760bc000)
> libcrypto.so.1.0.0 => /usr/local/openssl/lib/libcrypto.so.1.0.0
> (0x00007f1075ce2000)
> libssl.so.1.0.0 => /usr/local/openssl/lib/libssl.so.1.0.0
> (0x00007f1075a78000)
> libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16
> (0x00007f107565b000)
> libpthread.so.0 => /lib/libpthread.so.0 (0x00007f107543f000)
> libnsl.so.1 => /lib/libnsl.so.1 (0x00007f1075226000)
> libm.so.6 => /lib/libm.so.6 (0x00007f1074fa4000)
> libxml2.so.2 => /usr/lib/libxml2.so.2 (0x00007f1074c53000)
> libc.so.6 => /lib/libc.so.6 (0x00007f10748f0000)
> /lib64/ld-linux-x86-64.so.2 (0x00007f1077646000)
>
> Thanks.
> Eugene.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
Hi.
On 28.03.2013 11:43, czir...@gmail.com wrote:
My suggestion is to ensure all the paths to what you use are valid
This should help:
var_dump('file://'.realpath('./p12.pem'));
Does that and the rest of the files
Exists?
I do hope these files are not in your document root
Thanks for your help, but the thing is, this is a serious bug in modules
using openssl, for example in ext/openssl itselt and in ext/curl. They
both don't honor the openssl config file, thus they only use some
hardcoded defaults. This can be easily fixed by calling
OPENSSL_config(NULL) in their code (and the default config will be
parsed) or calling OPENSSL_config() with a getenv() subcall to invoke a
config from the ENV, but the thing is that this isn't that simple -
calling this function twice in a row (for example in curl and in
openssl) breaks openssl autoconfiguration. Various bug reports exist,
but still, this workaround didn't make it into the official code set.
Right now I'm using custom patch for curl, which initializes the config,
and then openssl module can also use it. Those who don't use curl can
use the trick I described above and patch ext/openssl.c.
Eugene.
--- End Message ---
--- Begin Message ---
As suggested look at APC, although I expect the problem is not with php but how
you wrote things, it could be database related.
If you need to compile php to make things faster, you have a problem outside of
php
Curt.
On Mar 19, 2013, at 4:46 AM, Kevin Peterson <qh.res...@gmail.com> wrote:
> My webcode written in PHP and it is running in the interpreted way. My
> problem is it is not giving the desired performance so want to try the
> compiler if any.
> Please suggest if we have any compiler option available for the PHP code and
> more important is this new option.
>
--- End Message ---
