Re: php, openssl and GOST ciphers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi.

On 28.03.2013 11:43, czirzow@xxxxxxxxx wrote:
My suggestion is to ensure all the paths to what you use are valid

This should help:

var_dump('file://'.realpath('./p12.pem'));

Does that and the rest of the files
Exists?

I do hope these files are not in your document root

Thanks for your help, but the thing is, this is a serious bug in modules using openssl, for example in ext/openssl itselt and in ext/curl. They both don't honor the openssl config file, thus they only use some hardcoded defaults. This can be easily fixed by calling OPENSSL_config(NULL) in their code (and the default config will be parsed) or calling OPENSSL_config() with a getenv() subcall to invoke a config from the ENV, but the thing is that this isn't that simple - calling this function twice in a row (for example in curl and in openssl) breaks openssl autoconfiguration. Various bug reports exist, but still, this workaround didn't make it into the official code set.

Right now I'm using custom patch for curl, which initializes the config, and then openssl module can also use it. Those who don't use curl can use the trick I described above and patch ext/openssl.c.

Eugene.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux