php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #22809 OpenSSL fails to compute internal private key from string but works on file
Submitted: 2003-03-20 17:52 UTC Modified: 2003-03-22 20:03 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: php-bugs at liwing dot de Assigned:
Status: Closed Package: OpenSSL related
PHP Version: 4.3.1 OS: FreeBSD (4.8RC and 5.0)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php-bugs at liwing dot de
New email:
PHP Version: OS:

 

 [2003-03-20 17:52 UTC] php-bugs at liwing dot de 
In PHP 4.3.1 the use of OpenSSL fails when the private key comes from a string instead of a file. The test case for openssl fails, too.

To reproduce the bug, simply run the "make test" on a current build FreeBSD system. I don't know about others, but I assume either an incompatibility with OpenSSL 0.9.7a (because the d2i_PrivateKey method used by the php wrapper seems to have a problem).

Using the OpenSSL commandline tools I can use my private/public keys to sign and verify files. Because I don't know much about OpenSSL I cannot verify the reason of the failure. The occurance seems somewhere around line 1747 in file ext/openssl/openssl.c

If the script in the test case isn't enough (what it should), I can attach an own one.

Kind Regards,
Jens

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-03-20 17:53 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2003-03-20 18:04 UTC] php-bugs at liwing dot de 
The patch looks good. I'll try to build in in next few days and reply whether it works as expected or not. Did the tests run fine?
 [2003-03-20 18:09 UTC] sniper@php.net 
The openssl tests do not fail for me at least, but I tested 
this on Linux. (using openSSL 0.9.7a) 

So please give it a go on FreeBSD, it should work now.
 [2003-03-21 10:36 UTC] php-bugs at liwing dot de 
What I have forgotten. I have replaced the source of PHP-4.3.2RC1 with the stable sources you've recommented. So this is not the error in RC1 (where is it, too) but in yesterdays(?) stable.
 [2003-03-21 17:01 UTC] sniper@php.net 
DO NOT ADD SUCH LONG PARTS OF TEXT IN HERE!!!!!!

I deleted that comment. Please attach MAXIMUM of 15-20 lines. And preferrably text that actually includes the ERROR
you get.
 [2003-03-22 07:01 UTC] php-bugs at liwing dot de 
/bin/sh /usr/ports/www/mod_php4/work/php-4.3.2RC1/libtool --silent --preserve-dup-deps --mode=compile cc  -Iext/openssl/ -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/ -DPHP_ATOM_INC -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/include -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/main -I/usr/ports/www/mod_php4/work/php-4.3.2RC1 -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/Zend -I/usr/local/include/libxml2 -I/usr/local/include -I/usr/local/include/freetype2 -I/usr/local/include/mysql  -I/usr/ports/www/mod_php4/work/php-4.3.2RC1/TSRM  -O -pipe -DNO_WERROR -march=pentium2 -I/usr/local/include  -prefer-pic -c /usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c -o ext/openssl/openssl.lo
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkey_export_to_file':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:1911: warning: assignment discards qualifiers from pointer target type
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkey_export':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:1962: warning: assignment discards qualifiers from pointer target type
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c: In function `zif_openssl_pkcs7_encrypt':
/usr/ports/www/mod_php4/work/php-4.3.2RC1/ext/openssl/openssl.c:2222: warning: assignment discards qualifiers from pointer target type


Except those warnings openssl works fine
 [2003-03-22 18:35 UTC] sniper@php.net 
Just ignore those warnings.
 [2003-03-22 20:03 UTC] php-bugs at liwing dot de 
You should never ignore such warnings. They can became critical one fine day. If you want, I send you a patch, but I don't think 'ignore' is a good way :-(
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 16 07:01:29 2024 UTC