php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #22809 OpenSSL fails to compute internal private key from string but works on file
Submitted: 2003-03-20 17:52 UTC Modified: 2003-03-22 20:03 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: php-bugs at liwing dot de Assigned:
Status: Closed Package: OpenSSL related
PHP Version: 4.3.1 OS: FreeBSD (4.8RC and 5.0)
Private report: No CVE-ID: None
 [2003-03-20 17:52 UTC] php-bugs at liwing dot de
In PHP 4.3.1 the use of OpenSSL fails when the private key comes from a string instead of a file. The test case for openssl fails, too.

To reproduce the bug, simply run the "make test" on a current build FreeBSD system. I don't know about others, but I assume either an incompatibility with OpenSSL 0.9.7a (because the d2i_PrivateKey method used by the php wrapper seems to have a problem).

Using the OpenSSL commandline tools I can use my private/public keys to sign and verify files. Because I don't know much about OpenSSL I cannot verify the reason of the failure. The occurance seems somewhere around line 1747 in file ext/openssl/openssl.c

If the script in the test case isn't enough (what it should), I can attach an own one.

Kind Regards,
Jens

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-03-20 18:04 UTC] php-bugs at liwing dot de
The patch looks good. I'll try to build in in next few days and reply whether it works as expected or not. Did the tests run fine?
 [2003-03-20 18:09 UTC] sniper@php.net
The openssl tests do not fail for me at least, but I tested 
this on Linux. (using openSSL 0.9.7a) 

So please give it a go on FreeBSD, it should work now.


 [2003-03-21 10:36 UTC] php-bugs at liwing dot de
What I have forgotten. I have replaced the source of PHP-4.3.2RC1 with the stable sources you've recommented. So this is not the error in RC1 (where is it, too) but in yesterdays(?) stable.
 [2003-03-21 17:01 UTC] sniper@php.net
DO NOT ADD SUCH LONG PARTS OF TEXT IN HERE!!!!!!

I deleted that comment. Please attach MAXIMUM of 15-20 lines. And preferrably text that actually includes the ERROR
you get.

 [2003-03-22 07:01 UTC] php-bugs at liwing dot de
/bin/sh /usr/ports/www/mod_php4/work/php-4.3.2RC1/libtool --silent --preserve-dup-deps --mode=compile cc  -Iext/openssl/ -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/ -DPHP_ATOM_INC -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/include -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/main -I/usr/ports/www/mod_php4/work/php-4.3.2RC1 -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/Zend -I/usr/local/include/libxml2 -I/usr/local/include -I/usr/local/include/freetype2 -I/usr/local/include/mysql  -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/TSRM  -O -pipe -DNO_WERROR -march=pentium2 -I/usr/local/include  -prefer-pic -c /usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c -o ext/openssl/openssl.lo
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkey_export_to_file':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:1911: warning: assignment discards qualifiers from pointer target type
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkey_export':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:1962: warning: assignment discards qualifiers from pointer target type
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkcs7_encrypt':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:2222: warning: assignment discards qualifiers from pointer target type


Except those warnings openssl works fine
 [2003-03-22 18:35 UTC] sniper@php.net
Just ignore those warnings.

 [2003-03-22 20:03 UTC] php-bugs at liwing dot de
You should never ignore such warnings. They can became critical one fine day. If you want, I send you a patch, but I don't think 'ignore' is a good way :-(
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Dec 04 19:01:32 2024 UTC