From: Pierre Joye <pajoye@php.net>
Date: Sat, 19 May 2007 22:05:08 +0000 (+0000)
Subject: - #41423. PHP assumes wrongly that certain ciphers are enabled in OpenSSL
X-Git-Tag: php-5.2.3RC1~41
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=26e22f34fa92dec82efe43857a40369cabb8f0ad;p=php

- #41423. PHP assumes wrongly that certain ciphers are enabled in OpenSSL
---

diff --git a/NEWS b/NEWS
index 6a7d8d0a28..ef18608d47 100644
--- a/NEWS
+++ b/NEWS
@@ -21,6 +21,8 @@ PHP                                                                        NEWS
 - Fixed segfault in strripos(). (Tony, Joxean Koret)
 - Fixed bug #41430 (Fatal error with negative values of maxlen parameter of 
   file_get_contents()). (Tony)
+- fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in 
+  OpenSSL) (Pierre)
 - Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). 
   (Tony, Dmitry)
 - Fixed bug #41403 (json_decode cannot decode floats if localeconv 
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index f7a69eb3c0..10cf462917 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -707,11 +707,15 @@ PHP_MINIT_FUNCTION(openssl)
 	REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
 
 	/* Ciphers */
+#ifndef OPENSSL_NO_RC2
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_40", PHP_OPENSSL_CIPHER_RC2_40, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_128", PHP_OPENSSL_CIPHER_RC2_128, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_RC2_64", PHP_OPENSSL_CIPHER_RC2_64, CONST_CS|CONST_PERSISTENT);
+#endif
+#ifndef OPENSSL_NO_DES
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES", PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES", PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
+#endif
 
 	/* Values for key types */
 	REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA", OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
@@ -2928,6 +2932,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
 
 	/* sanity check the cipher */
 	switch (cipherid) {
+#ifndef OPENSSL_NO_RC2
 		case PHP_OPENSSL_CIPHER_RC2_40:
 			cipher = EVP_rc2_40_cbc();
 			break;
@@ -2937,12 +2942,17 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
 		case PHP_OPENSSL_CIPHER_RC2_128:
 			cipher = EVP_rc2_cbc();
 			break;
+#endif
+
+#ifndef OPENSSL_NO_DES
 		case PHP_OPENSSL_CIPHER_DES:
 			cipher = EVP_des_cbc();
 			break;
 		case PHP_OPENSSL_CIPHER_3DES:
 			cipher = EVP_des_ede3_cbc();
 			break;
+#endif
+
 		default:
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid cipher type `%ld'", cipherid);
 			goto clean_exit;