diff options
| author | Andrey Hristov <andrey@php.net> | 2014-01-28 15:57:48 +0200 |
|---|---|---|
| committer | Andrey Hristov <andrey@php.net> | 2014-01-28 15:57:48 +0200 |
| commit | 3834771b2ef7f6d03cd9b8da2a3da14501f58906 (patch) | |
| tree | b8296c9cf245745ad980f4ce8e7219319f6381ab | |
| parent | d9078c7c8d3e957696797539f6140e8680974124 (diff) | |
| parent | 79ab514f0c114d572b6afc1d5b2decd2d512f19e (diff) | |
| download | php-git-3834771b2ef7f6d03cd9b8da2a3da14501f58906.tar.gz | |
Merge branch 'PHP-5.6'
Conflicts:
NEWS
UPGRADING
| -rw-r--r-- | TSRM/TSRM.dsp | 4 | ||||
| -rw-r--r-- | Zend/Zend.dsp | 8 | ||||
| -rw-r--r-- | ext/openssl/openssl.c | 25 |
3 files changed, 22 insertions, 15 deletions
diff --git a/TSRM/TSRM.dsp b/TSRM/TSRM.dsp index 6c3e8bfb8b..8604bc0da8 100644 --- a/TSRM/TSRM.dsp +++ b/TSRM/TSRM.dsp @@ -171,10 +171,6 @@ SOURCE=.\tsrm_strtok_r.h # End Source File # Begin Source File -SOURCE=.\tsrm_virtual_cwd.h -# End Source File -# Begin Source File - SOURCE=.\tsrm_win32.h # End Source File # End Group diff --git a/Zend/Zend.dsp b/Zend/Zend.dsp index 348e1abaa5..98d368fb16 100644 --- a/Zend/Zend.dsp +++ b/Zend/Zend.dsp @@ -269,6 +269,10 @@ SOURCE=.\zend_variables.c SOURCE=.\zend_vm_opcodes.c
# End Source File
+# Begin Source File
+
+SOURCE=.\zend_virtual_cwd.c
+# End Source File
# End Group
# Begin Group "Header Files"
@@ -437,10 +441,6 @@ SOURCE=.\zend_ts_hash.h SOURCE=.\zend_variables.h
# End Source File
-# Begin Source File
-
-SOURCE=.\zend_virtual_cwd.c
-# End Source File
# End Group
# Begin Group "Parsers"
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index fd4b22076a..b38dd6d206 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -4999,9 +4999,9 @@ static zend_bool matches_wildcard_name(const char *subjectname, const char *cert return 0; } -static zend_bool matches_san_list(X509 *peer, const char *subject_name) +static zend_bool matches_san_list(X509 *peer, const char *subject_name TSRMLS_DC) { - int i; + int i, san_name_len; zend_bool is_match = 0; unsigned char *cert_name; @@ -5010,13 +5010,23 @@ static zend_bool matches_san_list(X509 *peer, const char *subject_name) for (i = 0; i < alt_name_count; i++) { GENERAL_NAME *san = sk_GENERAL_NAME_value(alt_names, i); + if (san->type != GEN_DNS) { + /* we only care about DNS names */ + continue; + } + + san_name_len = ASN1_STRING_length(san->d.dNSName); + ASN1_STRING_to_UTF8(&cert_name, san->d.dNSName); - if (GEN_DNS == san->type) { - ASN1_STRING_to_UTF8(&cert_name, san->d.dNSName); - is_match = matches_wildcard_name(subject_name, (char *) cert_name); - OPENSSL_free(cert_name); + /* prevent null byte poisoning */ + if (san_name_len != strlen(cert_name)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Peer SAN entry is malformed"); + } else { + is_match = strcasecmp(subject_name, cert_name) == 0; } + OPENSSL_free(cert_name); + if (is_match) { break; } @@ -5096,7 +5106,7 @@ int php_openssl_apply_verification_policy(SSL *ssl, X509 *peer, php_stream *stre GET_VER_OPT_STRING("CN_match", cnmatch); if (cnmatch) { - if (matches_san_list(peer, cnmatch)) { + if (matches_san_list(peer, cnmatch TSRMLS_CC)) { return SUCCESS; } else if (matches_common_name(peer, cnmatch TSRMLS_CC)) { return SUCCESS; @@ -5655,3 +5665,4 @@ PHP_FUNCTION(openssl_random_pseudo_bytes) * vim600: sw=4 ts=4 fdm=marker * vim<600: sw=4 ts=4 */ + |