PHP :: Bug #44900 :: OpenSSL extension fails to link with OpenSSL 0.9.6

Bug #44900

OpenSSL extension fails to link with OpenSSL 0.9.6

Submitted:

2008-05-02 23:55 UTC

Modified:

2008-11-30 21:42 UTC

Votes:	3
Avg. Score:	4.7 ± 0.5
Reproduced:	3 of 3 (100.0%)
Same Version:	3 (100.0%)
Same OS:	0 (0.0%)

From:

jd at cpanel dot net

Assigned:

pajoye (profile)

Status:

Closed

Package:

OpenSSL related

PHP Version:

5.2.6

OS:

RedHat Linux AS-2

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	jd at cpanel dot net
New email:
PHP Version:		OS:

New Comment:

[2008-05-02 23:55 UTC] jd at cpanel dot net

Description:
------------
PHP 5.2.6 introduces some memory cleanup code in the OpenSSL extension.  Unfortunately, EVP_MD_CTX_cleanup() is only available with OpenSSL 0.9.7 and higher.  openssl.c needs to verify EVP_MD_CTX_cleanup() is available...

diff -Nur php-5.2.6.orig/ext/openssl/openssl.c php-5.2.6/ext/openssl/openssl.c
--- php-5.2.6.orig/ext/openssl/openssl.c        2008-04-07 05:44:03.000000000 -0500
+++ php-5.2.6/ext/openssl/openssl.c     2008-05-02 17:11:10.000000000 -0500
@@ -3522,7 +3522,9 @@
                efree(sigbuf);
                RETVAL_FALSE;
        }
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);
        }
@@ -3562,7 +3564,9 @@
        EVP_VerifyInit   (&md_ctx, mdtype);
        EVP_VerifyUpdate (&md_ctx, data, data_len);
        err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        EVP_MD_CTX_cleanup(&md_ctx);
+#endif
 
        if (keyresource == -1) {
                EVP_PKEY_free(pkey);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-05-03 11:46 UTC] derick@php.net

The last 0.9.6 release was more than *four* years ago - you really should upgrade as *numerous* security fixes where made there.

[2008-05-03 11:48 UTC] pajoye@php.net

Unless we explicitly stop to support this version, it costs nothing to apply this patch for the person running Sarge and other conservative OSes.

[2008-05-03 11:50 UTC] pajoye@php.net

Side note: 5.3.0 will have 0.9.8g as requirement (or at the 0.9.7 if 0.9.8 is too "new").

[2008-05-05 11:09 UTC] Bjorn dot Wiberg at its dot uu dot se

Same problem on IBM AIX 5.3:

---8<---
/../
ld: 0711-317 ERROR: Undefined symbol: .EVP_MD_CTX_cleanup
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.
collect2: ld returned 8 exit status
make: *** [sapi/cli/php] Error 1
--->8---

Using OpenSSL 0.9.6m from (IBM) RPM.

Best regards,
Bj?rn

[2008-11-30 21:42 UTC] pajoye@php.net

Fixed in 5.2, 5.3+ requires a more decent version.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jan 30 17:01:31 2025 UTC