Skip to content

Commit 8f345a7

Browse files
datibbawdatibbaw
committed
Moved streams related functions to xp_ssl.c
1 parent 4383ac0 commit 8f345a7

File tree

2 files changed

+57
-57
lines changed

2 files changed

+57
-57
lines changed

ext/openssl/openssl.c

Lines changed: 1 addition & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -1760,7 +1760,7 @@ PHP_FUNCTION(openssl_x509_export)
17601760
}
17611761
/* }}} */
17621762

1763-
static int php_openssl_x509_fingerprint(X509 *peer, const char *method, zend_bool raw, char **out, int *out_len TSRMLS_DC)
1763+
int php_openssl_x509_fingerprint(X509 *peer, const char *method, zend_bool raw, char **out, int *out_len TSRMLS_DC)
17641764
{
17651765
unsigned char md[EVP_MAX_MD_SIZE];
17661766
const EVP_MD *mdtype;
@@ -1787,61 +1787,6 @@ static int php_openssl_x509_fingerprint(X509 *peer, const char *method, zend_boo
17871787
return SUCCESS;
17881788
}
17891789

1790-
static int php_x509_fingerprint_cmp(X509 *peer, const char *method, const char *expected TSRMLS_DC)
1791-
{
1792-
char *fingerprint;
1793-
int fingerprint_len;
1794-
int result = -1;
1795-
1796-
if (php_openssl_x509_fingerprint(peer, method, 0, &fingerprint, &fingerprint_len TSRMLS_CC) == SUCCESS) {
1797-
result = strcmp(expected, fingerprint);
1798-
efree(fingerprint);
1799-
}
1800-
1801-
return result;
1802-
}
1803-
1804-
zend_bool php_x509_fingerprint_match(X509 *peer, zval *val TSRMLS_DC)
1805-
{
1806-
if (Z_TYPE_P(val) == IS_STRING) {
1807-
const char *method = NULL;
1808-
1809-
switch (Z_STRLEN_P(val)) {
1810-
case 32:
1811-
method = "md5";
1812-
break;
1813-
1814-
case 40:
1815-
method = "sha1";
1816-
break;
1817-
}
1818-
1819-
return method && php_x509_fingerprint_cmp(peer, method, Z_STRVAL_P(val) TSRMLS_CC) == 0;
1820-
} else if (Z_TYPE_P(val) == IS_ARRAY) {
1821-
HashPosition pos;
1822-
zval **current;
1823-
char *key;
1824-
uint key_len;
1825-
ulong key_index;
1826-
1827-
for (zend_hash_internal_pointer_reset_ex(Z_ARRVAL_P(val), &pos);
1828-
zend_hash_get_current_data_ex(Z_ARRVAL_P(val), (void **)&current, &pos) == SUCCESS;
1829-
zend_hash_move_forward_ex(Z_ARRVAL_P(val), &pos)
1830-
) {
1831-
int key_type = zend_hash_get_current_key_ex(Z_ARRVAL_P(val), &key, &key_len, &key_index, 0, &pos);
1832-
1833-
if (key_type == HASH_KEY_IS_STRING
1834-
&& Z_TYPE_PP(current) == IS_STRING
1835-
&& php_x509_fingerprint_cmp(peer, key, Z_STRVAL_PP(current) TSRMLS_CC) != 0
1836-
) {
1837-
return 0;
1838-
}
1839-
}
1840-
return 1;
1841-
}
1842-
return 0;
1843-
}
1844-
18451790
PHP_FUNCTION(openssl_x509_fingerprint)
18461791
{
18471792
X509 *cert;

ext/openssl/xp_ssl.c

Lines changed: 56 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@
7575
#define PHP_X509_NAME_ENTRY_TO_UTF8(ne, i, out) ASN1_STRING_to_UTF8(&out, X509_NAME_ENTRY_get_data(X509_NAME_get_entry(ne, i)))
7676

7777
extern php_stream* php_openssl_get_stream_from_ssl_handle(const SSL *ssl);
78-
extern zend_bool php_x509_fingerprint_match(X509 *peer, zval *val TSRMLS_DC);
78+
extern int php_openssl_x509_fingerprint(X509 *peer, const char *method, zend_bool raw, char **out, int *out_len TSRMLS_DC);
7979
extern int php_openssl_get_ssl_stream_data_index();
8080
extern int php_openssl_get_x509_list_id(void);
8181

@@ -265,6 +265,61 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) /* {{{ */
265265
}
266266
/* }}} */
267267

268+
static int php_x509_fingerprint_cmp(X509 *peer, const char *method, const char *expected TSRMLS_DC)
269+
{
270+
char *fingerprint;
271+
int fingerprint_len;
272+
int result = -1;
273+
274+
if (php_openssl_x509_fingerprint(peer, method, 0, &fingerprint, &fingerprint_len TSRMLS_CC) == SUCCESS) {
275+
result = strcmp(expected, fingerprint);
276+
efree(fingerprint);
277+
}
278+
279+
return result;
280+
}
281+
282+
static zend_bool php_x509_fingerprint_match(X509 *peer, zval *val TSRMLS_DC)
283+
{
284+
if (Z_TYPE_P(val) == IS_STRING) {
285+
const char *method = NULL;
286+
287+
switch (Z_STRLEN_P(val)) {
288+
case 32:
289+
method = "md5";
290+
break;
291+
292+
case 40:
293+
method = "sha1";
294+
break;
295+
}
296+
297+
return method && php_x509_fingerprint_cmp(peer, method, Z_STRVAL_P(val) TSRMLS_CC) == 0;
298+
} else if (Z_TYPE_P(val) == IS_ARRAY) {
299+
HashPosition pos;
300+
zval **current;
301+
char *key;
302+
uint key_len;
303+
ulong key_index;
304+
305+
for (zend_hash_internal_pointer_reset_ex(Z_ARRVAL_P(val), &pos);
306+
zend_hash_get_current_data_ex(Z_ARRVAL_P(val), (void **)&current, &pos) == SUCCESS;
307+
zend_hash_move_forward_ex(Z_ARRVAL_P(val), &pos)
308+
) {
309+
int key_type = zend_hash_get_current_key_ex(Z_ARRVAL_P(val), &key, &key_len, &key_index, 0, &pos);
310+
311+
if (key_type == HASH_KEY_IS_STRING
312+
&& Z_TYPE_PP(current) == IS_STRING
313+
&& php_x509_fingerprint_cmp(peer, key, Z_STRVAL_PP(current) TSRMLS_CC) != 0
314+
) {
315+
return 0;
316+
}
317+
}
318+
return 1;
319+
}
320+
return 0;
321+
}
322+
268323
static zend_bool matches_wildcard_name(const char *subjectname, const char *certname) /* {{{ */
269324
{
270325
char *wildcard = NULL;

0 commit comments

Comments
 (0)