PHP :: Bug #44900 :: OpenSSL extension fails to link with OpenSSL 0.9.6

Bug #44900

OpenSSL extension fails to link with OpenSSL 0.9.6

Submitted:

2008-05-02 23:55 UTC

Modified:

2008-11-30 21:42 UTC

Votes:	3
Avg. Score:	4.7 ± 0.5
Reproduced:	3 of 3 (100.0%)
Same Version:	3 (100.0%)
Same OS:	0 (0.0%)

From:

jd at cpanel dot net

Assigned:

pajoye (profile)

Status:

Closed

Package:

OpenSSL related

PHP Version:

5.2.6

OS:

RedHat Linux AS-2

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	jd at cpanel dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2008-05-02 23:55 UTC] jd at cpanel dot net

Description:
------------
PHP 5.2.6 introduces some memory cleanup code in the OpenSSL extension.  Unfortunately, EVP_MD_CTX_cleanup() is only available with OpenSSL 0.9.7 and higher.  openssl.c needs to verify EVP_MD_CTX_cleanup() is available...

diff -Nur php-5.2.6.orig/ext/openssl/openssl.c php-5.2.6/ext/openssl/openssl.c
--- php-5.2.6.orig/ext/openssl/openssl.c        2008-04-07 05:44:03.000000000 -0500
+++ php-5.2.6/ext/openssl/openssl.c     2008-05-02 17:11:10.000000000 -0500
@@ -3522,7 +3522,9 @@
                efree(sigbuf);
                RETVAL_FALSE;
        }
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);
        }
@@ -3562,7 +3564,9 @@
        EVP_VerifyInit   (&md_ctx, mdtype);
        EVP_VerifyUpdate (&md_ctx, data, data_len);
        err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
 
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-05-03 11:46 UTC] derick@php.net

The last 0.9.6 release was more than *four* years ago - you really should upgrade as *numerous* security fixes where made there.

[2008-05-03 11:48 UTC] pajoye@php.net

Unless we explicitly stop to support this version, it costs nothing to apply this patch for the person running Sarge and other conservative OSes.

[2008-05-03 11:50 UTC] pajoye@php.net

Side note: 5.3.0 will have 0.9.8g as requirement (or at the 0.9.7 if 0.9.8 is too "new").

[2008-05-05 11:09 UTC] Bjorn dot Wiberg at its dot uu dot se

Same problem on IBM AIX 5.3:

---8<---
/../
ld: 0711-317 ERROR: Undefined symbol: .EVP_MD_CTX_cleanup
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.
collect2: ld returned 8 exit status
make: *** [sapi/cli/php] Error 1
--->8---

Using OpenSSL 0.9.6m from (IBM) RPM.

Best regards,
Bj?rn

[2008-11-30 21:42 UTC] pajoye@php.net

Fixed in 5.2, 5.3+ requires a more decent version.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Oct 26 10:00:01 2025 UTC