Merge branch 'pull-request/1755'

* pull-request/1755:
  Fix bug #71519 Add 'serialNumberHex' variable to openssl_x509_parse

diff --git a/NEWS b/NEWS
index d1442272ce933e4b100605ca8055fea2d0ace648..3d7a45f027f13014ea5e88aa07dcf2b061fcecf7 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,18 +2,21 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2017 PHP 7.0.16
 
+- OpenSSL:
+  . Fixed bug #71519 (add serial hex to return value array). (xrobau)
+
 - Phar:
   . Fixed bug #70417 (PharData::compress() doesn't close temp file). (cmb)
 
-- ZIP:
-  . Fixed bug #70103 (ZipArchive::addGlob ignores remove_all_path option). (cmb)
-
 - Session:
   . Fixed bug #69582 (session not readable by root in CLI). (EvgeniySpinov)
 
 - Standard:
   . Fixed bug #69442 (closing of fd incorrect when PTS enabled). (jaytaph)
 
+- ZIP:
+  . Fixed bug #70103 (ZipArchive::addGlob ignores remove_all_path option). (cmb)
+
 19 Jan 2017 PHP 7.0.15
 
 - Core:

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index be42f76de7aebc63837b2f8d03b802dcebfc052a..6d3f9ef4bbc713c9f5904d339d55d4512a73ce0e 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2004,6 +2004,7 @@ PHP_FUNCTION(openssl_x509_parse)
        char *extname;
        BIO *bio_out;
        BUF_MEM *bio_buf;
+       char * hexserial;
        char buf[256];
 
        if (zend_parse_parameters(ZEND_NUM_ARGS(), "z|b", &zcert, &useshortnames) == FAILURE) {
@@ -2033,6 +2034,18 @@ PHP_FUNCTION(openssl_x509_parse)
 
        add_assoc_string(return_value, "serialNumber", i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert)));
 
+       /* Return the hex representation of the serial number, as defined by OpenSSL */
+       hexserial = BN_bn2hex(ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), NULL));
+
+       /* If we received null back from BN_bn2hex, there was a critical error in openssl,
+        * and we should not continue.
+        */
+       if (!hexserial) {
+               RETURN_FALSE;
+       }
+       add_assoc_string(return_value, "serialNumberHex", hexserial); 
+       OPENSSL_free(hexserial);
+
        add_assoc_asn1_string(return_value, "validFrom",        X509_get_notBefore(cert));
        add_assoc_asn1_string(return_value, "validTo",          X509_get_notAfter(cert));
 

diff --git a/ext/openssl/tests/openssl_x509_parse_basic.phpt b/ext/openssl/tests/openssl_x509_parse_basic.phpt
index 9c2669e73b5104f8f2d905411222c0c7aa892b7c..f19e895a4a36632aca25f004c7cf71e5f2cfe183 100644 (file)
--- a/ext/openssl/tests/openssl_x509_parse_basic.phpt
+++ b/ext/openssl/tests/openssl_x509_parse_basic.phpt
@@ -20,7 +20,7 @@ var_dump(openssl_x509_parse($cert));
 var_dump(openssl_x509_parse($cert, false));
 ?>
 --EXPECTF--
-array(15) {
+array(16) {
   ["name"]=>
   string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
   ["subject"]=>
@@ -55,6 +55,8 @@ array(15) {
   int(2)
   ["serialNumber"]=>
   string(20) "12593567369101004962"
+  ["serialNumberHex"]=>
+  string(16) "AEC556CC723750A2"
   ["validFrom"]=>
   string(13) "080630102843Z"
   ["validTo"]=>
@@ -166,7 +168,7 @@ serial:AE:C5:56:CC:72:37:50:A2
     string(7) "CA:TRUE"
   }
 }
-array(15) {
+array(16) {
   ["name"]=>
   string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
   ["subject"]=>
@@ -201,6 +203,8 @@ array(15) {
   int(2)
   ["serialNumber"]=>
   string(20) "12593567369101004962"
+  ["serialNumberHex"]=>
+  string(16) "AEC556CC723750A2"
   ["validFrom"]=>
   string(13) "080630102843Z"
   ["validTo"]=>