|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #44900 OpenSSL extension fails to link with OpenSSL 0.9.6
Submitted: 2008-05-02 23:55 UTC Modified: 2008-11-30 21:42 UTC
Avg. Score:4.7 ± 0.5
Reproduced:3 of 3 (100.0%)
Same Version:3 (100.0%)
Same OS:0 (0.0%)
From: jd at cpanel dot net Assigned: pajoye (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5.2.6 OS: RedHat Linux AS-2
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: jd at cpanel dot net
New email:
PHP Version: OS:


 [2008-05-02 23:55 UTC] jd at cpanel dot net
PHP 5.2.6 introduces some memory cleanup code in the OpenSSL extension.  Unfortunately, EVP_MD_CTX_cleanup() is only available with OpenSSL 0.9.7 and higher.  openssl.c needs to verify EVP_MD_CTX_cleanup() is available...

diff -Nur php-5.2.6.orig/ext/openssl/openssl.c php-5.2.6/ext/openssl/openssl.c
--- php-5.2.6.orig/ext/openssl/openssl.c        2008-04-07 05:44:03.000000000 -0500
+++ php-5.2.6/ext/openssl/openssl.c     2008-05-02 17:11:10.000000000 -0500
@@ -3522,7 +3522,9 @@
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        if (keyresource == -1) {
@@ -3562,7 +3564,9 @@
        EVP_VerifyInit   (&md_ctx, mdtype);
        EVP_VerifyUpdate (&md_ctx, data, data_len);
        err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
+#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
        if (keyresource == -1) {


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-05-03 11:46 UTC]
The last 0.9.6 release was more than *four* years ago - you really should upgrade as *numerous* security fixes where made there.
 [2008-05-03 11:48 UTC]
Unless we explicitly stop to support this version, it costs nothing to apply this patch for the person running Sarge and other conservative OSes.
 [2008-05-03 11:50 UTC]
Side note: 5.3.0 will have 0.9.8g as requirement (or at the 0.9.7 if 0.9.8 is too "new").
 [2008-05-05 11:09 UTC] Bjorn dot Wiberg at its dot uu dot se
Same problem on IBM AIX 5.3:

ld: 0711-317 ERROR: Undefined symbol: .EVP_MD_CTX_cleanup
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.
collect2: ld returned 8 exit status
make: *** [sapi/cli/php] Error 1

Using OpenSSL 0.9.6m from (IBM) RPM.

Best regards,
 [2008-11-30 21:42 UTC]
Fixed in 5.2, 5.3+ requires a more decent version.
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sun Jul 12 06:01:25 2020 UTC