- OpenSSL:
. Added openssl_x509_verify function. (Ben Scholzen)
+ . openssl_random_pseudo_bytes() now throws in error conditions.
+ (Sammy Kaye Powers)
- PDO_OCI:
. Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
. The default parameter value of idn_to_ascii() and idn_to_utf8() is now
INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
+- Openssl:
+ . The openssl_random_pseudo_bytes() function will now throw an exception in
+ error situations, similar to random_bytes(). In particular, an Error is
+ thrown if the number of requested bytes is smaller *or equal* than zero,
+ and an Exception is thrown is sufficient randomness cannot be gathered.
+ The $crypto_strong output argument is guaranteed to always be true if the
+ function does not throw, so explicitly checking it is not necessary.
+ RFC: http://php.net/manual/de/function.openssl-random-pseudo-bytes.php
+
- PDO:
. Attempting to serialize a PDO or PDOStatement instance will now generate
an Exception rather than a PDOException, consistent with other internal
#include "php.h"
#include "php_ini.h"
#include "php_openssl.h"
+#include "zend_exceptions.h"
/* PHP Includes */
#include "ext/standard/file.h"
|| ZEND_LONG_INT_OVFL(buffer_length)
#endif
) {
- RETURN_FALSE;
+ zend_throw_exception(zend_ce_error, "Length must be greater than 0", 0);
+ return;
}
buffer = zend_string_alloc(buffer_length, 0);
if (zstrong_result_returned) {
ZVAL_FALSE(zstrong_result_returned);
}
- RETURN_FALSE;
+ zend_throw_exception(zend_ce_exception, "Error reading from source device", 0);
+ return;
}
#else
if (zstrong_result_returned) {
ZVAL_FALSE(zstrong_result_returned);
}
- RETURN_FALSE;
+ zend_throw_exception(zend_ce_exception, "Error reading from source device", 0);
+ return;
} else {
php_openssl_store_errors();
}
<?php if (!extension_loaded("openssl")) print "skip"; ?>
--FILE--
<?php
-for ($i = 0; $i < 10; $i++) {
- var_dump(bin2hex(openssl_random_pseudo_bytes($i, $strong)));
+for ($i = 1; $i < 10; $i++) {
+ var_dump(bin2hex(openssl_random_pseudo_bytes($i)));
}
-
?>
--EXPECTF--
-string(0) ""
string(2) "%s"
string(4) "%s"
string(6) "%s"
--- /dev/null
+--TEST--
+Test error operation of openssl_random_pseudo_bytes()
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+try {
+ openssl_random_pseudo_bytes(0);
+} catch (Error $e) {
+ echo $e->getMessage().PHP_EOL;
+}
+?>
+--EXPECTF--
+Length must be greater than 0
projects / php / commitdiff