From c7ea9f5ebb02cb0dec4bb6380e9f2075ffd8e7dc Mon Sep 17 00:00:00 2001 From: Christoph Date: Sun, 18 Jun 2023 10:14:45 +0200 Subject: [PATCH] Add Patch to compile PHP (7.4, 8.0?) againmst openssl 3.0. --- PHP-7.4-OpenSSL-3.0-compatibility.patch | 54 +++++++++++++++++++++++++ mod_php_install.sh | 18 +++++++++ 2 files changed, 72 insertions(+) create mode 100644 PHP-7.4-OpenSSL-3.0-compatibility.patch diff --git a/PHP-7.4-OpenSSL-3.0-compatibility.patch b/PHP-7.4-OpenSSL-3.0-compatibility.patch new file mode 100644 index 0000000..230d063 --- /dev/null +++ b/PHP-7.4-OpenSSL-3.0-compatibility.patch @@ -0,0 +1,54 @@ +diff -Naur openssl/openssl.c openssl-NEU/openssl.c +--- openssl/openssl.c 2022-10-31 11:36:06.000000000 +0100 ++++ openssl-NEU/openssl.c 2023-06-18 09:45:19.793215668 +0200 +@@ -1517,7 +1517,9 @@ + REGISTER_LONG_CONSTANT("PKCS7_NOSIGS", PKCS7_NOSIGS, CONST_CS|CONST_PERSISTENT); + + REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT); ++#ifdef RSA_SSLV23_PADDING + REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT); ++#endif + REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT); + +diff -Naur openssl/tests/bug28382.phpt openssl-NEU/tests/bug28382.phpt +--- openssl/tests/bug28382.phpt 2022-10-31 11:36:06.000000000 +0100 ++++ openssl-NEU/tests/bug28382.phpt 2023-06-18 09:48:26.813627405 +0200 +@@ -9,11 +9,10 @@ + $cert = file_get_contents(__DIR__ . "/bug28382cert.txt"); + $ext = openssl_x509_parse($cert); + var_dump($ext['extensions']); +-/* openssl 1.0 prepends the string "Full Name:" to the crlDistributionPoints array key. +- For now, as this is the one difference only between 0.9.x and 1.x, it's handled with +- placeholders to not to duplicate the test. When more diffs come, a duplication would +- be probably a better solution. +-*/ ++/* ++ * The reason for %A at the end of crlDistributionPoints and authorityKeyIdentifier is that ++ * OpenSSL 3.0 removes new lines which were present in previous versions. ++ */^ + ?> + --EXPECTF-- + array(11) { +@@ -24,8 +23,7 @@ + ["nsCertType"]=> + string(30) "SSL Client, SSL Server, S/MIME" + ["crlDistributionPoints"]=> +- string(%d) "%AURI:http://mobile.blue-software.ro:90/ca/crl.shtml +-" ++ string(%d) "Full Name:%AURI:http://mobile.blue-software.ro:90/ca/crl.shtml%A" + ["nsCaPolicyUrl"]=> + string(38) "http://mobile.blue-software.ro:90/pub/" + ["subjectAltName"]=> +@@ -33,9 +31,8 @@ + ["subjectKeyIdentifier"]=> + string(59) "B0:A7:FF:F9:41:15:DE:23:39:BD:DD:31:0F:97:A0:B2:A2:74:E0:FC" + ["authorityKeyIdentifier"]=> +- string(115) "DirName:/C=RO/ST=Romania/L=Craiova/O=Sergiu/OU=Sergiu SRL/CN=Sergiu CA/emailAddress=n_sergiu@hotmail.com +-serial:00 +-" ++ string(%d) "DirName:/C=RO/ST=Romania/L=Craiova/O=Sergiu/OU=Sergiu SRL/CN=Sergiu CA/emailAddress=n_sergiu@hotmail.com ++serial:00%A" + ["keyUsage"]=> + string(71) "Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment" + ["nsBaseUrl"]=> diff --git a/mod_php_install.sh b/mod_php_install.sh index b3cb821..85a2369 100755 --- a/mod_php_install.sh +++ b/mod_php_install.sh @@ -3223,6 +3223,24 @@ else echo_skipped fi +echononl "\tApply patch to compile against OpenSSL 3.0.." +if [[ "$os_dist" = "debian" ]] && [[ $os_version -gt 11 ]] && [[ $PHP_MAJOR_VERSION = 7 ]]; then + if [[ -f ${_srcdir}/PHP-7.4-OpenSSL-3.0-compatibility.patch ]] ; then + patch -d $_builddir/ext -p 0 < ${_srcdir}/PHP-7.4-OpenSSL-3.0-compatibility.patch > $tmp_err_msg 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat $tmp_err_msg)" + fi + else + echo_failed + fatal "Can't find patchfile '${_srcdir}/PHP-7.4-OpenSSL-3.0-compatibility.patch'" + fi +else + echo_skipped +fi + echononl "\tChange ownership of unpacked dirextory \"php-$VERSION\"" chown -R root.root php-$VERSION > $tmp_err_msg 2>&1 if [[ $? -eq 0 ]]; then