[php-maint] Bug#838710: php5: segfault when calling openssl_x509_parse on a valid certificate
Jean-Paul Deveaux
jp at tenchek.com
Fri Sep 23 18:57:02 UTC 2016
Package: php5
Version: 5.6.24+dfsg-0+deb8u1
Severity: normal
Dear Maintainer,
Upgraded PHP5 using Debian stable repo today; code that parsed client certificate for user authentication stopped working.
$cert = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
In previous versions of PHP5 (5.6.22-0+deb8u1), this call works without any problems (returning associative array of cert guts)
In current version, seg fault.
For the time being, my work around involves an 'exec' call to openssl to extract cert details for authentication. I could probably also do it at the apache level.
-- System Information:
Debian Release: 8.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'squeeze-lts'), (500, 'oldoldstable'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages php5 depends on:
ii libapache2-mod-php5 5.6.24+dfsg-0+deb8u1
ii php5-common 5.6.24+dfsg-0+deb8u1
php5 recommends no packages.
php5 suggests no packages.
-- no debconf information
More information about the pkg-php-maint
mailing list