Ensure binary mode for OpenSSL I/O

author Anatol Belski <ab@php.net>

Mon, 24 Jul 2017 13:43:48 +0000 (15:43 +0200)

committer Anatol Belski <ab@php.net>

Mon, 24 Jul 2017 14:31:09 +0000 (16:31 +0200)
author Anatol Belski <ab@php.net>
Mon, 24 Jul 2017 13:43:48 +0000 (15:43 +0200)
committer Anatol Belski <ab@php.net>
Mon, 24 Jul 2017 14:31:09 +0000 (16:31 +0200)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c

index 1ecf83dbf7ec184b22a51e06d37f14afbc52ea7e..f500fef6d7fc511906d670f7ddb0525c6c78075e 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1129,7 +1129,7 @@ static int php_openssl_parse_config(struct php_x509_request * req, zval * option
         if (str == NULL) {
                 php_openssl_store_errors();
         } else if (!php_openssl_open_base_dir_chk(str)) {
-               BIO *oid_bio = BIO_new_file(str, "r");
+               BIO *oid_bio = BIO_new_file(str, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY));
                 if (oid_bio) {
                         OBJ_create_objects(oid_bio);
                         BIO_free(oid_bio);
@@ -1690,7 +1690,7 @@ static X509 * php_openssl_x509_from_zval(zval * val, int makeresource, zend_reso
                         return NULL;
                 }
  
-               in = BIO_new_file(Z_STRVAL_P(val) + (sizeof("file://") - 1), "r");
+               in = BIO_new_file(Z_STRVAL_P(val) + (sizeof("file://") - 1), PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY));
                 if (in == NULL) {
                         php_openssl_store_errors();
                         return NULL;
@@ -1755,7 +1755,7 @@ PHP_FUNCTION(openssl_x509_export_to_file)
                 return;
         }
  
-       bio_out = BIO_new_file(filename, "w");
+       bio_out = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
         if (bio_out) {
                 if (!notext && !X509_print(bio_out, cert)) {
                         php_openssl_store_errors();
@@ -2466,7 +2466,7 @@ static STACK_OF(X509) * load_all_certs_from_file(char *certfile)
                 goto end;
         }
  
-       if(!(in=BIO_new_file(certfile, "r"))) {
+       if(!(in=BIO_new_file(certfile, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY)))) {
                 php_openssl_store_errors();
                 php_error_docref(NULL, E_WARNING, "error opening the file, %s", certfile);
                 sk_X509_free(stack);
@@ -2817,7 +2817,7 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file)
  
         p12 = PKCS12_create(pass, friendly_name, priv_key, cert, ca, 0, 0, 0, 0, 0);
         if (p12 != NULL) {
-               bio_out = BIO_new_file(filename, "w");
+               bio_out = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
                 if (bio_out != NULL) {
  
                         i2d_PKCS12_bio(bio_out, p12);
@@ -3230,7 +3230,7 @@ static X509_REQ * php_openssl_csr_from_zval(zval * val, int makeresource, zend_r
                 if (php_openssl_open_base_dir_chk(filename)) {
                         return NULL;
                 }
-               in = BIO_new_file(filename, "r");
+               in = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY));
         } else {
                 in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
         }
@@ -3278,7 +3278,7 @@ PHP_FUNCTION(openssl_csr_export_to_file)
                 return;
         }
  
-       bio_out = BIO_new_file(filename, "w");
+       bio_out = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
         if (bio_out != NULL) {
                 if (!notext && !X509_REQ_print(bio_out, csr)) {
                         php_openssl_store_errors();
@@ -3803,7 +3803,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(
                                 /* not a X509 certificate, try to retrieve public key */
                                 BIO* in;
                                 if (filename) {
-                                       in = BIO_new_file(filename, "r");
+                                       in = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY));
                                 } else {
                                         in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
                                 }
@@ -3822,7 +3822,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(
                                 if (php_openssl_open_base_dir_chk(filename)) {
                                         TMP_CLEAN;
                                 }
-                               in = BIO_new_file(filename, "r");
+                               in = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_R(PKCS7_BINARY));
                         } else {
                                 in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
                         }
@@ -4499,7 +4499,7 @@ PHP_FUNCTION(openssl_pkey_export_to_file)
         PHP_SSL_REQ_INIT(&req);
  
         if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {
-               bio_out = BIO_new_file(filename, "w");
+               bio_out = BIO_new_file(filename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
                 if (bio_out == NULL) {
                         php_openssl_store_errors();
                         goto clean_exit;
@@ -5035,7 +5035,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
                         goto clean_exit;
                 }
  
-               dataout = BIO_new_file(datafilename, "w");
+               dataout = BIO_new_file(datafilename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
                 if (dataout == NULL) {
                         php_openssl_store_errors();
                         goto clean_exit;
@@ -5056,7 +5056,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
                                 goto clean_exit;
                         }
  
-                       certout = BIO_new_file(signersfilename, "w");
+                       certout = BIO_new_file(signersfilename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
                         if (certout) {
                                 int i;
                                 signers = PKCS7_get0_signers(p7, NULL, (int)flags);
@@ -5133,7 +5133,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
                 goto clean_exit;
         }
  
-       outfile = BIO_new_file(outfilename, "w");
+       outfile = BIO_new_file(outfilename, PHP_OPENSSL_BIO_MODE_W(flags));
         if (outfile == NULL) {
                 php_openssl_store_errors();
                 goto clean_exit;
@@ -5292,7 +5292,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
                 goto clean_exit;
         }
  
-       outfile = BIO_new_file(outfilename, "w");
+       outfile = BIO_new_file(outfilename, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
         if (outfile == NULL) {
                 php_openssl_store_errors();
                 php_error_docref(NULL, E_WARNING, "error opening output file %s!", outfilename);
author	Anatol Belski <ab@php.net>
	Mon, 24 Jul 2017 13:43:48 +0000 (15:43 +0200)
committer	Anatol Belski <ab@php.net>
	Mon, 24 Jul 2017 14:31:09 +0000 (16:31 +0200)