Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:52497
Return-Path: <rsmaia@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 45793 invoked from network); 22 May 2011 02:07:20 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 22 May 2011 02:07:20 -0000
Authentication-Results: pb1.pair.com header.from=rsmaia@gmail.com; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com smtp.mail=rsmaia@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.54 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: rsmaia@gmail.com
X-Host-Fingerprint: 74.125.82.54 mail-ww0-f54.google.com  
Received: from [74.125.82.54] ([74.125.82.54:61905] helo=mail-ww0-f54.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 62/01-30725-6DF68DD4 for <internals@lists.php.net>; Sat, 21 May 2011 22:07:19 -0400
Received: by wwd20 with SMTP id 20so4859558wwd.11
        for <internals@lists.php.net>; Sat, 21 May 2011 19:07:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:from:date:message-id:subject:to
         :content-type;
        bh=nkDKPinmr5EyCdQf5Rzv4Ax5P9qZguO9lKg5TIzCxHU=;
        b=nnwCPzMkQmE9XoV5shlbiXdhvrqB36C2rUxCEGjkTPBMe98QLdErDd3foY0hYL22qZ
         bhCiRG7PzYGR0unnEtxmMdgD4EMdLk8vhZw+IQOYgRPHtiQxyGq8TUhK32C0QcMEGOhD
         TiZGyJ5yn1NlVMXeOKQCIQBiYXFMZ1iM34NMY=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:from:date:message-id:subject:to:content-type;
        b=QMViJmxillkCmbctrYlyYUlyAH/NV4lGtnmEyQl7/8x8SQIn+StmMPHjKgOuL0RWxb
         eVZ/MrcJJQTeJemX8ws+S5WqOuAbIo4Xr/F+J8zpQcqYFWGFzNtCs93I3H2V7aGhj5ze
         c3sR5tsrj+h6fHWuXUZc38SzcjnVCsw1Zxnqw=
Received: by 10.216.197.168 with SMTP id t40mr957193wen.55.1306030035222; Sat,
 21 May 2011 19:07:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.36.1 with HTTP; Sat, 21 May 2011 19:06:55 -0700 (PDT)
Date: Sat, 21 May 2011 23:06:55 -0300
Message-ID: <BANLkTinbAwK9p1P+aC+nn4r7NC++PpAsHw@mail.gmail.com>
To: internals@lists.php.net
Content-Type: multipart/alternative; boundary=0016e6dbe59650c30204a3d3d010
Subject: CRL file parsing
From: rsmaia@gmail.com (Ricardo Maia)

--0016e6dbe59650c30204a3d3d010
Content-Type: text/plain; charset=ISO-8859-1

I need to parse a CRL (Certificate Revocation List) file and verify if a
client certificate has been revoked, but the PHP OpenSSL extension do not
support this feature.

I saw a patch for this issue dated from 2007
http://bugs.php.net/bug.php?id=40046
http://pecl.php.net/~pierre/ext-openssl-crl.patch
http://mbechler.eenterphace.org/blog/uploads/ext-openssl-crl.patch

Somebody have news about this issue?

Has a workaround, like a external program call with exec() or system() ?

I'm thinking about a command line program like this 'openssl crl -inform DER
-text -noout -in mycrl.crl'. So, parse the output and find the serial number
of client certificate.

Thanks,
Ricardo Maia (Brainfork)

--0016e6dbe59650c30204a3d3d010--