|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2011-08-04 12:14 UTC] anders at ingemann dot de
Description: ------------ On http://www.php.net/manual/en/function.openssl-x509-checkpurpose.php the purpose check X509_PURPOSE_ANY is mentioned and the constant is defined as well. openssl_x509_checkpurpose() however reports "error:0B086079:x509 certificate routines:X509_STORE_CTX_purpose_inherit:unknown purpose id". Checking up in the documentation i can see that this purpose is not supported (http://www.openssl.org/docs/apps/verify.html#COMMAND_OPTIONS). This constant should be removed, and a note should be put in the documentation, specifying that this is not supported. Test script: --------------- openssl_x509_checkpurpose( mixed $x509cert , X509_PURPOSE_ANY ); while($error = openssl_error_string()) echo $error."\n"; Expected result: ---------------- With a valid certificate openssl_x509_checkpurpose($cert, X509_PURPOSE_ANY) returns true. Actual result: -------------- With a valid certificate openssl_x509_checkpurpose($cert, X509_PURPOSE_ANY) returns false. PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri May 09 05:01:27 2025 UTC |
c:\test\php536nts>php -n -d extension_dir=ext -d extension=php_openssl.dll -r "print_r(get_defined_constants());" | FIND "X509" [X509_PURPOSE_SSL_CLIENT] => 1 [X509_PURPOSE_SSL_SERVER] => 2 [X509_PURPOSE_NS_SSL_SERVER] => 3 [X509_PURPOSE_SMIME_SIGN] => 4 [X509_PURPOSE_SMIME_ENCRYPT] => 5 [X509_PURPOSE_CRL_SIGN] => 6 [X509_PURPOSE_ANY] => 7 and from the x509v3.h: #define X509_PURPOSE_ANY 7 What do you mean then?