* [PR PATCH] php: patch for openssl3
@ 2023-02-13 2:11 dkwo
2023-02-15 19:21 ` TinfoilSubmarine
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: dkwo @ 2023-02-13 2:11 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 415 bytes --]
There is a new pull request by dkwo against master on the void-packages repository
https://github.com/dkwo/void-packages O3php
https://github.com/void-linux/void-packages/pull/42230
php: patch for openssl3
- I tested the changes in this PR: no
- I built this PR locally for my native architecture, (x86_64-musl)
#37681
A patch file from https://github.com/void-linux/void-packages/pull/42230.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-O3php-42230.patch --]
[-- Type: text/x-diff, Size: 9469 bytes --]
From bdd6f914d1cb5693b91d290d00eac1a1f9f93ad8 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 12 Feb 2023 21:06:37 -0500
Subject: [PATCH] php: patch for openssl3
---
srcpkgs/php/patches/openssl3.patch | 197 +++++++++++++++++++++++++++++
srcpkgs/php/template | 2 +-
2 files changed, 198 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/php/patches/openssl3.patch
diff --git a/srcpkgs/php/patches/openssl3.patch b/srcpkgs/php/patches/openssl3.patch
new file mode 100644
index 000000000000..47a8b7bb1145
--- /dev/null
+++ b/srcpkgs/php/patches/openssl3.patch
@@ -0,0 +1,197 @@
+From a7df3564004807b812f189048463d8ad89fb0f21 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@remirepo.net>
+Date: Tue, 18 May 2021 07:58:49 +0200
+Subject: [PATCH] minimal fix for openssl 3.0
+
+---
+ ext/openssl/openssl.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index 340e40a001bb..0ed4233b2125 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -1221,7 +1221,9 @@ PHP_MINIT_FUNCTION(openssl)
+ REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOSIGS", CMS_NOSIGS, CONST_CS|CONST_PERSISTENT);
+
+ REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT);
++#ifdef RSA_SSLV23_PADDING
+ REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT);
++#endif
+ REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
+
+From 1887f2274cf7b2e19daf911df76313286ded6381 Mon Sep 17 00:00:00 2001
+From: Nikita Popov <nikita.ppv@gmail.com>
+Date: Tue, 3 Aug 2021 17:19:24 +0200
+Subject: [PATCH] Use OpenSSL NCONF APIs
+
+---
+ ext/openssl/openssl.c | 66 +++++++++++++++++++++++--------------------
+ 1 file changed, 36 insertions(+), 30 deletions(-)
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index 9f5018d2fd75..8589fbaac164 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -487,8 +487,8 @@ int php_openssl_get_ssl_stream_data_index(void)
+ static char default_ssl_conf_filename[MAXPATHLEN];
+
+ struct php_x509_request { /* {{{ */
+- LHASH_OF(CONF_VALUE) * global_config; /* Global SSL config */
+- LHASH_OF(CONF_VALUE) * req_config; /* SSL config for this request */
++ CONF *global_config; /* Global SSL config */
++ CONF *req_config; /* SSL config for this request */
+ const EVP_MD * md_alg;
+ const EVP_MD * digest;
+ char * section_name,
+@@ -700,13 +700,13 @@ static time_t php_openssl_asn1_time_to_time_t(ASN1_UTCTIME * timestr) /* {{{ */
+ }
+ /* }}} */
+
+-static inline int php_openssl_config_check_syntax(const char * section_label, const char * config_filename, const char * section, LHASH_OF(CONF_VALUE) * config) /* {{{ */
++static inline int php_openssl_config_check_syntax(const char * section_label, const char * config_filename, const char * section, CONF *config) /* {{{ */
+ {
+ X509V3_CTX ctx;
+
+ X509V3_set_ctx_test(&ctx);
+- X509V3_set_conf_lhash(&ctx, config);
+- if (!X509V3_EXT_add_conf(config, &ctx, (char *)section, NULL)) {
++ X509V3_set_nconf(&ctx, config);
++ if (!X509V3_EXT_add_nconf(config, &ctx, (char *)section, NULL)) {
+ php_openssl_store_errors();
+ php_error_docref(NULL, E_WARNING, "Error loading %s section %s of %s",
+ section_label,
+@@ -718,17 +718,24 @@ static inline int php_openssl_config_check_syntax(const char * section_label, co
+ }
+ /* }}} */
+
+-static char *php_openssl_conf_get_string(
+- LHASH_OF(CONF_VALUE) *conf, const char *group, const char *name) {
+- char *str = CONF_get_string(conf, group, name);
+- if (str == NULL) {
+- /* OpenSSL reports an error if a configuration value is not found.
+- * However, we don't want to generate errors for optional configuration. */
+- ERR_clear_error();
+- }
++static char *php_openssl_conf_get_string(CONF *conf, const char *group, const char *name) {
++ /* OpenSSL reports an error if a configuration value is not found.
++ * However, we don't want to generate errors for optional configuration. */
++ ERR_set_mark();
++ char *str = NCONF_get_string(conf, group, name);
++ ERR_pop_to_mark();
+ return str;
+ }
+
++static long php_openssl_conf_get_number(CONF *conf, const char *group, const char *name) {
++ /* Same here, ignore errors. */
++ long res = 0;
++ ERR_set_mark();
++ NCONF_get_number(conf, group, name, &res);
++ ERR_pop_to_mark();
++ return res;
++}
++
+ static int php_openssl_add_oid_section(struct php_x509_request * req) /* {{{ */
+ {
+ char * str;
+@@ -740,7 +747,7 @@ static int php_openssl_add_oid_section(struct php_x509_request * req) /* {{{ */
+ if (str == NULL) {
+ return SUCCESS;
+ }
+- sktmp = CONF_get_section(req->req_config, str);
++ sktmp = NCONF_get_section(req->req_config, str);
+ if (sktmp == NULL) {
+ php_openssl_store_errors();
+ php_error_docref(NULL, E_WARNING, "Problem loading oid section %s", str);
+@@ -811,13 +818,13 @@ static int php_openssl_parse_config(struct php_x509_request * req, zval * option
+
+ SET_OPTIONAL_STRING_ARG("config", req->config_filename, default_ssl_conf_filename);
+ SET_OPTIONAL_STRING_ARG("config_section_name", req->section_name, "req");
+- req->global_config = CONF_load(NULL, default_ssl_conf_filename, NULL);
+- if (req->global_config == NULL) {
++ req->global_config = NCONF_new(NULL);
++ if (!NCONF_load(req->global_config, default_ssl_conf_filename, NULL)) {
+ php_openssl_store_errors();
+ }
+- req->req_config = CONF_load(NULL, req->config_filename, NULL);
+- if (req->req_config == NULL) {
+- php_openssl_store_errors();
++
++ req->req_config = NCONF_new(NULL);
++ if (!NCONF_load(req->req_config, req->config_filename, NULL)) {
+ return FAILURE;
+ }
+
+@@ -841,8 +848,7 @@ static int php_openssl_parse_config(struct php_x509_request * req, zval * option
+ SET_OPTIONAL_STRING_ARG("req_extensions", req->request_extensions_section,
+ php_openssl_conf_get_string(req->req_config, req->section_name, "req_extensions"));
+ SET_OPTIONAL_LONG_ARG("private_key_bits", req->priv_key_bits,
+- CONF_get_number(req->req_config, req->section_name, "default_bits"));
+-
++ php_openssl_conf_get_number(req->req_config, req->section_name, "default_bits"));
+ SET_OPTIONAL_LONG_ARG("private_key_type", req->priv_key_type, OPENSSL_KEYTYPE_DEFAULT);
+
+ if (optional_args && (item = zend_hash_str_find(Z_ARRVAL_P(optional_args), "encrypt_key", sizeof("encrypt_key")-1)) != NULL) {
+@@ -922,11 +928,11 @@ static void php_openssl_dispose_config(struct php_x509_request * req) /* {{{ */
+ req->priv_key = NULL;
+ }
+ if (req->global_config) {
+- CONF_free(req->global_config);
++ NCONF_free(req->global_config);
+ req->global_config = NULL;
+ }
+ if (req->req_config) {
+- CONF_free(req->req_config);
++ NCONF_free(req->req_config);
+ req->req_config = NULL;
+ }
+ }
+@@ -2808,12 +2814,12 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z
+ STACK_OF(CONF_VALUE) * dn_sk, *attr_sk = NULL;
+ char * str, *dn_sect, *attr_sect;
+
+- dn_sect = CONF_get_string(req->req_config, req->section_name, "distinguished_name");
++ dn_sect = NCONF_get_string(req->req_config, req->section_name, "distinguished_name");
+ if (dn_sect == NULL) {
+ php_openssl_store_errors();
+ return FAILURE;
+ }
+- dn_sk = CONF_get_section(req->req_config, dn_sect);
++ dn_sk = NCONF_get_section(req->req_config, dn_sect);
+ if (dn_sk == NULL) {
+ php_openssl_store_errors();
+ return FAILURE;
+@@ -2822,7 +2828,7 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z
+ if (attr_sect == NULL) {
+ attr_sk = NULL;
+ } else {
+- attr_sk = CONF_get_section(req->req_config, attr_sect);
++ attr_sk = NCONF_get_section(req->req_config, attr_sect);
+ if (attr_sk == NULL) {
+ php_openssl_store_errors();
+ return FAILURE;
+@@ -3239,8 +3245,8 @@ PHP_FUNCTION(openssl_csr_sign)
+ X509V3_CTX ctx;
+
+ X509V3_set_ctx(&ctx, cert, new_cert, csr, NULL, 0);
+- X509V3_set_conf_lhash(&ctx, req.req_config);
+- if (!X509V3_EXT_add_conf(req.req_config, &ctx, req.extensions_section, new_cert)) {
++ X509V3_set_nconf(&ctx, req.req_config);
++ if (!X509V3_EXT_add_nconf(req.req_config, &ctx, req.extensions_section, new_cert)) {
+ php_openssl_store_errors();
+ goto cleanup;
+ }
+@@ -3313,10 +3319,10 @@ PHP_FUNCTION(openssl_csr_new)
+ X509V3_CTX ext_ctx;
+
+ X509V3_set_ctx(&ext_ctx, NULL, NULL, csr, NULL, 0);
+- X509V3_set_conf_lhash(&ext_ctx, req.req_config);
++ X509V3_set_nconf(&ext_ctx, req.req_config);
+
+ /* Add extensions */
+- if (req.request_extensions_section && !X509V3_EXT_REQ_add_conf(req.req_config,
++ if (req.request_extensions_section && !X509V3_EXT_REQ_add_nconf(req.req_config,
+ &ext_ctx, req.request_extensions_section, csr))
+ {
+ php_openssl_store_errors();
\ No newline at end of file
diff --git a/srcpkgs/php/template b/srcpkgs/php/template
index 39e4d161b648..e9c6f6024631 100644
--- a/srcpkgs/php/template
+++ b/srcpkgs/php/template
@@ -1,7 +1,7 @@
# Template file for 'php'
pkgname=php
version=7.4.33
-revision=1
+revision=2
hostmakedepends="bison pkg-config apache-devel"
makedepends="apache-devel enchant2-devel freetds-devel freetype-devel gdbm-devel
gmp-devel libcurl-devel libjpeg-turbo-devel libmariadbclient-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: php: patch for openssl3
2023-02-13 2:11 [PR PATCH] php: patch for openssl3 dkwo
@ 2023-02-15 19:21 ` TinfoilSubmarine
2023-03-04 22:08 ` paper42
2023-03-04 22:08 ` [PR PATCH] [Closed]: " paper42
2 siblings, 0 replies; 4+ messages in thread
From: TinfoilSubmarine @ 2023-02-15 19:21 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 245 bytes --]
New comment by TinfoilSubmarine on void-packages repository
https://github.com/void-linux/void-packages/pull/42230#issuecomment-1431893006
Comment:
same comment as https://github.com/void-linux/void-packages/pull/42231#issuecomment-1431892399
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: php: patch for openssl3
2023-02-13 2:11 [PR PATCH] php: patch for openssl3 dkwo
2023-02-15 19:21 ` TinfoilSubmarine
@ 2023-03-04 22:08 ` paper42
2023-03-04 22:08 ` [PR PATCH] [Closed]: " paper42
2 siblings, 0 replies; 4+ messages in thread
From: paper42 @ 2023-03-04 22:08 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 259 bytes --]
New comment by paper42 on void-packages repository
https://github.com/void-linux/void-packages/pull/42230#issuecomment-1454902685
Comment:
php is now a meta-package pointing to the latest php version, so php 7 is now removed and this patch is not necessary
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PR PATCH] [Closed]: php: patch for openssl3
2023-02-13 2:11 [PR PATCH] php: patch for openssl3 dkwo
2023-02-15 19:21 ` TinfoilSubmarine
2023-03-04 22:08 ` paper42
@ 2023-03-04 22:08 ` paper42
2 siblings, 0 replies; 4+ messages in thread
From: paper42 @ 2023-03-04 22:08 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 272 bytes --]
There's a closed pull request on the void-packages repository
php: patch for openssl3
https://github.com/void-linux/void-packages/pull/42230
Description:
- I tested the changes in this PR: no
- I built this PR locally for my native architecture, (x86_64-musl)
#37681
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-03-04 22:08 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-02-13 2:11 [PR PATCH] php: patch for openssl3 dkwo
2023-02-15 19:21 ` TinfoilSubmarine
2023-03-04 22:08 ` paper42
2023-03-04 22:08 ` [PR PATCH] [Closed]: " paper42
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).