diff options
| author | Jakub Zelenka <bukka@php.net> | 2017-04-23 20:30:14 +0100 |
|---|---|---|
| committer | Jakub Zelenka <bukka@php.net> | 2017-04-23 20:30:14 +0100 |
| commit | 366b1640d09b982ebc69001bcb476268ab668ab8 (patch) | |
| tree | 56ca076b2389994f57a69614a1fa3e8f3abaee90 | |
| parent | 5d1fd66faf58eda803a206679995ac93da537abd (diff) | |
| download | php-git-366b1640d09b982ebc69001bcb476268ab668ab8.tar.gz | |
Fix bug #73711 (Segfault in openssl_pkey_new when generating DSA or DH key)
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/openssl/openssl.c | 18 | ||||
| -rw-r--r-- | ext/openssl/tests/bug73711.cnf | 3 | ||||
| -rw-r--r-- | ext/openssl/tests/bug73711.phpt | 17 |
4 files changed, 26 insertions, 14 deletions
@@ -36,6 +36,8 @@ PHP NEWS loss). (Yussuf Khalil) - OpenSSL: + . Fixed bug #73711 (Segfault in openssl_pkey_new when generating DSA or DH + key). (Jakub Zelenka) . Fixed bug #74341 (openssl_x509_parse fails to parse ASN.1 UTCTime without seconds). (Moritz Fain) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 1ea4d07e09..31c60b7d90 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -3670,13 +3670,8 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req case OPENSSL_KEYTYPE_DSA: PHP_OPENSSL_RAND_ADD_TIME(); { - DSA *dsaparam = NULL; -#if OPENSSL_VERSION_NUMBER < 0x10002000L - dsaparam = DSA_generate_parameters(req->priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL); -#else - DSA_generate_parameters_ex(dsaparam, req->priv_key_bits, NULL, 0, NULL, NULL, NULL); -#endif - if (dsaparam) { + DSA *dsaparam = DSA_new(); + if (dsaparam && DSA_generate_parameters_ex(dsaparam, req->priv_key_bits, NULL, 0, NULL, NULL, NULL)) { DSA_set_method(dsaparam, DSA_get_default_method()); if (DSA_generate_key(dsaparam)) { if (EVP_PKEY_assign_DSA(req->priv_key, dsaparam)) { @@ -3694,13 +3689,8 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req PHP_OPENSSL_RAND_ADD_TIME(); { int codes = 0; - DH *dhparam = NULL; -#if OPENSSL_VERSION_NUMBER < 0x10002000L - dhparam = DH_generate_parameters(req->priv_key_bits, 2, NULL, NULL); -#else - DH_generate_parameters_ex(dhparam, req->priv_key_bits, 2, NULL); -#endif - if (dhparam) { + DH *dhparam = DH_new(); + if (dhparam && DH_generate_parameters_ex(dhparam, req->priv_key_bits, 2, NULL)) { DH_set_method(dhparam, DH_get_default_method()); if (DH_check(dhparam, &codes) && codes == 0 && DH_generate_key(dhparam)) { if (EVP_PKEY_assign_DH(req->priv_key, dhparam)) { diff --git a/ext/openssl/tests/bug73711.cnf b/ext/openssl/tests/bug73711.cnf new file mode 100644 index 0000000000..0d27d910d4 --- /dev/null +++ b/ext/openssl/tests/bug73711.cnf @@ -0,0 +1,3 @@ +[ req ] +default_bits = 384 + diff --git a/ext/openssl/tests/bug73711.phpt b/ext/openssl/tests/bug73711.phpt new file mode 100644 index 0000000000..791eec99c6 --- /dev/null +++ b/ext/openssl/tests/bug73711.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #73711: Segfault in openssl_pkey_new when generating DSA or DH key +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip openssl not loaded"); +?> +--FILE-- +<?php +$cnf = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'bug73711.cnf'; +var_dump(openssl_pkey_new(["private_key_type" => OPENSSL_KEYTYPE_DSA, 'config' => $cnf])); +var_dump(openssl_pkey_new(["private_key_type" => OPENSSL_KEYTYPE_DH, 'config' => $cnf])); +echo "DONE"; +?> +--EXPECTF-- +resource(%d) of type (OpenSSL key) +resource(%d) of type (OpenSSL key) +DONE |