From: Jakub Zelenka <bukka@php.net>
Date: Sun, 6 Nov 2016 17:37:06 +0000 (+0000)
Subject: Never return private part of the key from openssl_csr_get_public_key
X-Git-Tag: php-7.1.0RC6~13
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e840071b7653a205d4d00c769cc48f180a5c16b0;p=php

Never return private part of the key from openssl_csr_get_public_key

This fixes ecc.phpt test when OpenSSL 1.1 linked.
---

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 4bfc03fa96..528d8235a5 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3564,7 +3564,22 @@ PHP_FUNCTION(openssl_csr_get_public_key)
 		RETURN_FALSE;
 	}
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+	/* Due to changes in OpenSSL 1.1 related to locking when decoding CSR,
+	 * the pub key is not changed after assigning. It means if we pass
+	 * a private key, it will be returned including the private part.
+	 * If we duplicate it, then we get just the public part which is
+	 * the same behavior as for OpenSSL 1.0 */
+	csr = X509_REQ_dup(csr);
+#endif
+	/* Retrieve the public key from the CSR */
 	tpubkey = X509_REQ_get_pubkey(csr);
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+	/* We need to free the CSR as it was duplicated */
+	X509_REQ_free(csr);
+#endif
+
 	if (tpubkey == NULL) {
 		php_openssl_store_errors();
 		RETURN_FALSE;