[php-maint] Bug#838710: php5: segfault when calling openssl_x509_parse on a valid certificate

Jean-Paul Deveaux jp at tenchek.com
Fri Sep 23 18:57:02 UTC 2016

Package: php5
Version: 5.6.24+dfsg-0+deb8u1
Severity: normal

Dear Maintainer,

Upgraded PHP5 using Debian stable repo today; code that parsed client certificate for user authentication stopped working.

$cert = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);

In previous versions of PHP5 (5.6.22-0+deb8u1), this call works without any problems (returning associative array of cert guts)
In current version, seg fault.

For the time being, my work around involves an 'exec' call to openssl to extract cert details for authentication. I could probably also do it at the apache level.

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'squeeze-lts'), (500, 'oldoldstable'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages php5 depends on:
ii  libapache2-mod-php5  5.6.24+dfsg-0+deb8u1
ii  php5-common          5.6.24+dfsg-0+deb8u1

php5 recommends no packages.

php5 suggests no packages.

-- no debconf information

More information about the pkg-php-maint mailing list