PHP :: Bug #50859 :: openssl-1.0.0_beta5 deprecates md2
| Bug #50859 | openssl-1.0.0_beta5 deprecates md2 | ||||
|---|---|---|---|---|---|
| Submitted: | 2010-01-27 11:57 UTC | Modified: | 2010-01-27 12:55 UTC | ||
| From: | hanno at hboeck dot de | Assigned: | |||
| Status: | Closed | Package: | Compile Failure | ||
| PHP Version: | 5.3.1 | OS: | Linux | ||
| Private report: | No | CVE-ID: | None | ||
[2010-01-27 11:57 UTC] hanno at hboeck dot de
Description: ------------ php build fails against openssl 1.0.0 beta5, because md2 is disabled by default (it's considered highly insecure). I'll attach a patch to fix it that applies on 5.2.12 and 5.3.1.
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2010-01-27 11:58 UTC] hanno at hboeck dot de
--- php-5.2.12/ext/openssl/openssl.c 2009-11-03 19:24:57.000000000 +0100 +++ php-5.2.12-1/ext/openssl/openssl.c 2010-01-27 10:06:37.000000000 +0100 @@ -59,7 +59,9 @@ #define OPENSSL_ALGO_SHA1 1 #define OPENSSL_ALGO_MD5 2 #define OPENSSL_ALGO_MD4 3 +#ifdef HAVE_OPENSSL_MD2_H #define OPENSSL_ALGO_MD2 4 +#endif #define OPENSSL_ALGO_DSS1 5 #define DEBUG_SMIME 0 @@ -649,9 +651,11 @@ case OPENSSL_ALGO_MD4: mdtype = (EVP_MD *) EVP_md4(); break; +#ifdef HAVE_OPENSSL_MD2_H case OPENSSL_ALGO_MD2: mdtype = (EVP_MD *) EVP_md2(); break; +#endif case OPENSSL_ALGO_DSS1: mdtype = (EVP_MD *) EVP_dss1(); break; @@ -705,7 +709,9 @@ REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA1", OPENSSL_ALGO_SHA1, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD5", OPENSSL_ALGO_MD5, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD4", OPENSSL_ALGO_MD4, CONST_CS|CONST_PERSISTENT); +#ifdef HAVE_OPENSSL_MD2_H REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT); +#endif REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT); /* flags for S/MIME */[2010-01-27 12:55 UTC] iliaa@php.net