Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:16733 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 12139 invoked by uid 1010); 16 Jun 2005 15:09:39 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 12119 invoked from network); 16 Jun 2005 15:09:39 -0000 Received: from unknown (HELO pb1.pair.com) (127.0.0.1) by localhost with SMTP; 16 Jun 2005 15:09:39 -0000 X-Host-Fingerprint: 64.233.184.206 wproxy.gmail.com Linux 2.4/2.6 Received: from ([64.233.184.206:37489] helo=wproxy.gmail.com) by pb1.pair.com (ecelerity 1.2 r(5656M)) with SMTP id 1D/CC-20931-23691B24 for ; Thu, 16 Jun 2005 11:09:38 -0400 Received: by wproxy.gmail.com with SMTP id 57so539937wri for ; Thu, 16 Jun 2005 08:09:34 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=cU//7wRA+K4jyM+qMCOuBpG1Ii6Zue//Nv3Bo93rVJiwbMbocqTi1ooIRnoLShI07h2sVpFR90yQwWRWe2DCR3gJs4kWH7rP9hJt0VHSPMPCWlVf3zwPVjpdwiI5y9rAzA19xKXvOCEYyeh3AurgB3GlMxv0VH/JHVjuXPEVDz0= Received: by 10.54.73.15 with SMTP id v15mr677924wra; Thu, 16 Jun 2005 08:08:58 -0700 (PDT) Received: by 10.54.153.5 with HTTP; Thu, 16 Jun 2005 08:08:58 -0700 (PDT) Message-ID: <4e89b426050616080825430b0b@mail.gmail.com> Date: Thu, 16 Jun 2005 11:08:58 -0400 Reply-To: Wez Furlong To: Marton Kenyeres Cc: internals@lists.php.net In-Reply-To: <42B16BB6.2010207@konvergencia.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42B16BB6.2010207@konvergencia.hu> Subject: Re: [PHP-DEV] openssl_pkcs7_verify - save verified data [PATCH] From: kingwez@gmail.com (Wez Furlong) What's the difference between the data you save and the data that's read in? In other words, how is this different from copying the file from one place to another; why would you use it? --Wez. On 6/16/05, Marton Kenyeres wrote: > Hi! >=20 > Dunno, if this is the right place to ask, but I give it a try anyway. If > I'm misguided, please feel free to point me in the right direction! >=20 > Attached is a patch which adds a 6th option to openssl_pkcs7_verify, > which should be a string and point to a file where the contents of the > signed message should be saved. >=20 > [I believe this patch also fixes a minor safe-mode related bug] >=20 > I've tried this on FreeBSD 4.11 / php-5.0.4 / OpenSSL 0.9.7d , so the > patch is against openssl.c,v 1.89.2.6 , but should apply against HEAD als= o. >=20 > This seems to work correctly with messages created with openssl and > CAPICOM (The M$ PKI library.) >=20 > Cheers, >=20 > m. >=20 >=20 >=20 > --- ext/openssl/openssl.c.orig Tue Mar 15 01:29:36 2005 > +++ ext/openssl/openssl.c Thu Jun 16 14:01:07 2005 > @@ -2152,7 +2152,7 @@ >=20 > /* {{{ PKCS7 S/MIME functions */ >=20 > -/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, st= ring signerscerts [, array cainfo [, string extracerts]]]) > +/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, st= ring signerscerts [, array cainfo [, string extracerts [, string content]]]= ]) > Verifys that the data block is intact, the signer is who they say the= y are, and returns the CERTs of the signers */ > PHP_FUNCTION(openssl_pkcs7_verify) > { > @@ -2161,17 +2161,18 @@ > STACK_OF(X509) *signers=3D NULL; > STACK_OF(X509) *others =3D NULL; > PKCS7 * p7 =3D NULL; > - BIO * in =3D NULL, * datain =3D NULL; > + BIO * in =3D NULL, * datain =3D NULL, * dataout =3D NULL; > long flags =3D 0; > char * filename; int filename_len; > char * extracerts =3D NULL; int extracerts_len; > char * signersfilename =3D NULL; int signersfilename_len; > + char * datafilename =3D NULL; int datafilename_len; >=20 > RETVAL_LONG(-1); >=20 > - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sas", &f= ilename, &filename_len, > + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sass", &= filename, &filename_len, > &flags, &signersfilename, &signersfilenam= e_len, &cainfo, > - &extracerts, &extracerts_len) =3D=3D FAIL= URE) { > + &extracerts, &extracerts_len, &datafilena= me, &datafilename_len) =3D=3D FAILURE) { > return; > } >=20 > @@ -2204,18 +2205,30 @@ > #endif > goto clean_exit; > } > + > + if (datafilename) { > + > + if (php_openssl_safe_mode_chk(datafilename TSRMLS_CC)) { > + goto clean_exit; > + } > + > + dataout =3D BIO_new_file(datafilename, "w"); > + if (dataout =3D=3D NULL) { > + goto clean_exit; > + } > + } > #if DEBUG_SMIME > zend_printf("Calling PKCS7 verify\n"); > #endif >=20 > - if (PKCS7_verify(p7, others, store, datain, NULL, flags)) { > + if (PKCS7_verify(p7, others, store, datain, dataout, flags)) { >=20 > RETVAL_TRUE; >=20 > if (signersfilename) { > BIO *certout; >=20 > - if (php_openssl_safe_mode_chk(filename TSRMLS_CC)= ) { > + if (php_openssl_safe_mode_chk(signersfilename TSR= MLS_CC)) { > goto clean_exit; > } >=20 > @@ -2242,6 +2255,7 @@ > X509_STORE_free(store); > BIO_free(datain); > BIO_free(in); > + BIO_free(dataout); > PKCS7_free(p7); > sk_X509_free(others); > } >=20 >=20 >=20 > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php >=20 >