From 63839e810421496037fd117328e4a708bc454ce4 Mon Sep 17 00:00:00 2001 From: Jakub Zelenka Date: Wed, 12 Mar 2025 15:34:37 +0100 Subject: [PATCH] Remove OpenSSL 1.0.2 related code This also removes old LibreSSL checks as minimum that compiles is 3.5.0 --- ext/openssl/openssl_backend_v1.c | 145 +------------------------------ ext/openssl/php_openssl.h | 10 +-- 2 files changed, 2 insertions(+), 153 deletions(-) diff --git a/ext/openssl/openssl_backend_v1.c b/ext/openssl/openssl_backend_v1.c index e00b0962fd8d7..dfdb7b014060a 100644 --- a/ext/openssl/openssl_backend_v1.c +++ b/ext/openssl/openssl_backend_v1.c @@ -27,159 +27,16 @@ #include #endif -/* OpenSSL compatibility functions and macros */ -#if PHP_OPENSSL_API_VERSION < 0x10100 - -#define EVP_PKEY_get0_RSA(_pkey) _pkey->pkey.rsa -#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh -#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa -#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec - -static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -{ - r->n = n; - r->e = e; - r->d = d; - - return 1; -} - -static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -{ - r->p = p; - r->q = q; - - return 1; -} - -static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -{ - r->dmp1 = dmp1; - r->dmq1 = dmq1; - r->iqmp = iqmp; - - return 1; -} - -static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -{ - *n = r->n; - *e = r->e; - *d = r->d; -} - -static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -{ - *p = r->p; - *q = r->q; -} - -static void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) -{ - *dmp1 = r->dmp1; - *dmq1 = r->dmq1; - *iqmp = r->iqmp; -} - -static void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -{ - *p = dh->p; - *q = dh->q; - *g = dh->g; -} - -static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -{ - dh->p = p; - dh->q = q; - dh->g = g; - - return 1; -} - -static void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -{ - *pub_key = dh->pub_key; - *priv_key = dh->priv_key; -} - -static int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) -{ - dh->pub_key = pub_key; - dh->priv_key = priv_key; - - return 1; -} - -static void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -{ - *p = d->p; - *q = d->q; - *g = d->g; -} - -int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) -{ - d->p = p; - d->q = q; - d->g = g; - - return 1; -} - -static void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) -{ - *pub_key = d->pub_key; - *priv_key = d->priv_key; -} - -int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) -{ - d->pub_key = pub_key; - d->priv_key = priv_key; - - return 1; -} - -static const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *asn1) -{ - return M_ASN1_STRING_data(asn1); -} - -static int EVP_PKEY_up_ref(EVP_PKEY *pkey) -{ - return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); -} - -#if PHP_OPENSSL_API_VERSION < 0x10002 - -static int X509_get_signature_nid(const X509 *x) -{ - return OBJ_obj2nid(x->sig_alg->algorithm); -} - -#endif - -#define OpenSSL_version SSLeay_version -#define OPENSSL_VERSION SSLEAY_VERSION -#define X509_getm_notBefore X509_get_notBefore -#define X509_getm_notAfter X509_get_notAfter -#define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_cleanup - -#endif - void php_openssl_backend_shutdown(void) { - #ifdef LIBRESSL_VERSION_NUMBER +#ifdef LIBRESSL_VERSION_NUMBER EVP_cleanup(); /* prevent accessing locking callback from unloaded extension */ CRYPTO_set_locking_callback(NULL); -#ifndef OPENSSL_NO_ENGINE /* Free engine list initialized by OPENSSL_config */ ENGINE_cleanup(); -#endif /* free allocated error strings */ ERR_free_strings(); diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h index 3f408926bc493..bc101539d1b1e 100644 --- a/ext/openssl/php_openssl.h +++ b/ext/openssl/php_openssl.h @@ -26,23 +26,15 @@ extern zend_module_entry openssl_module_entry; #define PHP_OPENSSL_VERSION PHP_VERSION #include -#ifdef LIBRESSL_VERSION_NUMBER -/* LibreSSL version check */ -#if LIBRESSL_VERSION_NUMBER < 0x20700000L -#define PHP_OPENSSL_API_VERSION 0x10001 -#else -#define PHP_OPENSSL_API_VERSION 0x10100 -#endif -#else /* OpenSSL version check */ #if OPENSSL_VERSION_NUMBER < 0x30000000L +/* This includes LibreSSL that defines version 0x20000000L */ #define PHP_OPENSSL_API_VERSION 0x10100 #elif OPENSSL_VERSION_NUMBER < 0x30200000L #define PHP_OPENSSL_API_VERSION 0x30000 #else #define PHP_OPENSSL_API_VERSION 0x30200 #endif -#endif #define OPENSSL_RAW_DATA 1 #define OPENSSL_ZERO_PADDING 2