php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #76705 unusable ssl => peer_fingerprint in stream_context_create()
Submitted: 2018-08-04 15:24 UTC Modified: 2018-08-19 19:23 UTC
From: test at strongsolutions dot lt Assigned: bukka (profile)
Status: Closed Package: OpenSSL related
PHP Version: master-Git-2018-08-04 (Git) OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: test at strongsolutions dot lt
New email:
PHP Version: OS:

 

 [2018-08-04 15:24 UTC] test at strongsolutions dot lt 
Description:
------------
See code.

It appears that this is caused by macromancy: value of `val` is inadvertently changed by another use of `GET_VER_OPT`.

https://github.com/php/php-src/blob/master/ext/openssl/xp_ssl.c#L504-L535


Test script:
---------------
file_get_contents('https://self-signed.badssl.com/', false, stream_context_create([
	'http' => [
		'method' => 'GET',
	],
	'ssl' => [
		'allow_self_signed' => true,
		'peer_fingerprint' => '641450D94A65FAEB3B631028D8E86C95431DB811',
	],
]));


Expected result:
----------------
Request should complete.


Actual result:
--------------
Error with message "Expected peer fingerprint must be a string or an array" is seen.

Patches

200perc-lazy-patch (last revision 2018-08-04 15:24 UTC by )

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-08-05 13:53 UTC] cmb@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: bukka
 [2018-08-05 13:53 UTC] cmb@php.net 
I can confirm this issue and also that the attached patch would
solve it. Thanks!

> […] caused by macromancy […]

Gee!  This[1] likely will bite us again.  Shouldn't that be
refactored, Jakub?

[1] <https://github.com/php/php-src/blob/php-7.3.0beta1/ext/openssl/xp_ssl.c#L90-L95>
 [2018-08-19 19:14 UTC] bukka@php.net 
Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c542e6c13ca0d1b3944efee715a4dadb4794c7c
Log: Fix bug #76705 (unusable ssl =&gt; peer_fingerprint in stream_context_create())
 [2018-08-19 19:14 UTC] bukka@php.net
-Status: Verified +Status: Closed
 [2018-08-19 19:19 UTC] bukka@php.net 
Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c542e6c13ca0d1b3944efee715a4dadb4794c7c
Log: Fix bug #76705 (unusable ssl =&gt; peer_fingerprint in stream_context_create())
 [2018-08-19 19:20 UTC] bukka@php.net 
Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c542e6c13ca0d1b3944efee715a4dadb4794c7c
Log: Fix bug #76705 (unusable ssl =&gt; peer_fingerprint in stream_context_create())
 [2018-08-19 19:20 UTC] bukka@php.net 
Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c542e6c13ca0d1b3944efee715a4dadb4794c7c
Log: Fix bug #76705 (unusable ssl =&gt; peer_fingerprint in stream_context_create())
 [2018-08-19 19:23 UTC] bukka@php.net 
Thanks for the report!

I ended up with a bit different fix and also added a test.

Yeah that "macromancy" needs some refactoring at some point as it's a bit mess.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 13:01:29 2024 UTC