From 1f2047f244aaa0ef35a2bf9fca5793b897f0b8f7 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 6 Apr 2017 08:54:21 +0200
Subject: refresh openssl 1.1 patch (for f26)

---
 php-7.0.17-openssl11.patch | 148 +++++++++++++++++++++++++++++----------------
 1 file changed, 97 insertions(+), 51 deletions(-)

diff --git a/php-7.0.17-openssl11.patch b/php-7.0.17-openssl11.patch
index bf5c6d0..0c0e691 100644
--- a/php-7.0.17-openssl11.patch
+++ b/php-7.0.17-openssl11.patch
@@ -1,3 +1,20 @@
+From d983347232dbf90cb6f5c187dc54686809fb04a0 Mon Sep 17 00:00:00 2001
+From: Remi Collet <fedora@famillecollet.com>
+Date: Mon, 20 Mar 2017 11:41:46 +0100
+Subject: [PATCH] backport needed change for OpenSSL 1.1
+
+---
+ acinclude.m4                                      |   4 +-
+ ext/openssl/openssl.c                             | 522 ++++++++++++++--------
+ ext/openssl/tests/001.phpt                        |   7 +-
+ ext/openssl/tests/bug41033.phpt                   |   4 +-
+ ext/openssl/tests/bug66501.phpt                   |   2 +-
+ ext/openssl/tests/openssl_error_string_basic.phpt |   6 +-
+ ext/openssl/tests/openssl_free_key.phpt           |   5 +-
+ ext/openssl/tests/sni_server.phpt                 |   2 +
+ ext/phar/util.c                                   |  13 +-
+ 9 files changed, 364 insertions(+), 201 deletions(-)
+
 diff --git a/acinclude.m4 b/acinclude.m4
 index 25c3c7d..ecbbe80 100644
 --- a/acinclude.m4
@@ -14,10 +31,18 @@ index 25c3c7d..ecbbe80 100644
        OPENSSL_LIBS=`$PKG_CONFIG --libs openssl`
        OPENSSL_INCS=`$PKG_CONFIG --cflags-only-I openssl`
 diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
-index da60bb9..2932e16 100644
+index da60bb9..4a26781 100644
 --- a/ext/openssl/openssl.c
 +++ b/ext/openssl/openssl.c
-@@ -1100,9 +1100,11 @@ static EVP_MD * php_openssl_get_evp_md_from_algo(zend_long algo) { /* {{{ */
+@@ -72,7 +72,6 @@
+ #ifdef HAVE_OPENSSL_MD2_H
+ #define OPENSSL_ALGO_MD2	4
+ #endif
+-#define OPENSSL_ALGO_DSS1	5
+ #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+ #define OPENSSL_ALGO_SHA224 6
+ #define OPENSSL_ALGO_SHA256 7
+@@ -1100,9 +1099,11 @@ static EVP_MD * php_openssl_get_evp_md_from_algo(zend_long algo) { /* {{{ */
  			mdtype = (EVP_MD *) EVP_md2();
  			break;
  #endif
@@ -29,7 +54,15 @@ index da60bb9..2932e16 100644
  #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
  		case OPENSSL_ALGO_SHA224:
  			mdtype = (EVP_MD *) EVP_sha224();
-@@ -1938,6 +1940,7 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
+@@ -1220,7 +1221,6 @@ PHP_MINIT_FUNCTION(openssl)
+ #ifdef HAVE_OPENSSL_MD2_H
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT);
+ #endif
+-	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT);
+ #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT);
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT);
+@@ -1938,6 +1938,7 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
  {
  	GENERAL_NAMES *names;
  	const X509V3_EXT_METHOD *method = NULL;
@@ -37,7 +70,7 @@ index da60bb9..2932e16 100644
  	long i, length, num;
  	const unsigned char *p;
  
-@@ -1946,8 +1949,9 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
+@@ -1946,8 +1947,9 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
  		return -1;
  	}
  
@@ -49,7 +82,7 @@ index da60bb9..2932e16 100644
  	if (method->it) {
  		names = (GENERAL_NAMES*) (ASN1_item_d2i(NULL, &p, length,
  			ASN1_ITEM_ptr(method->it)));
-@@ -2010,6 +2014,8 @@ PHP_FUNCTION(openssl_x509_parse)
+@@ -2010,6 +2012,8 @@ PHP_FUNCTION(openssl_x509_parse)
  	char * tmpstr;
  	zval subitem;
  	X509_EXTENSION *extension;
@@ -58,7 +91,7 @@ index da60bb9..2932e16 100644
  	char *extname;
  	BIO *bio_out;
  	BUF_MEM *bio_buf;
-@@ -2028,9 +2034,11 @@ PHP_FUNCTION(openssl_x509_parse)
+@@ -2028,12 +2032,14 @@ PHP_FUNCTION(openssl_x509_parse)
  	}
  	array_init(return_value);
  
@@ -72,8 +105,12 @@ index da60bb9..2932e16 100644
 +
  /*	add_assoc_bool(return_value, "valid", cert->valid); */
  
- 	add_assoc_name_entry(return_value, "subject", 		X509_get_subject_name(cert), useshortnames);
-@@ -2078,7 +2086,7 @@ PHP_FUNCTION(openssl_x509_parse)
+-	add_assoc_name_entry(return_value, "subject", 		X509_get_subject_name(cert), useshortnames);
++	add_assoc_name_entry(return_value, "subject", 		subject_name, useshortnames);
+ 	/* hash as used in CA directories to lookup cert by subject name */
+ 	{
+ 		char buf[32];
+@@ -2078,7 +2084,7 @@ PHP_FUNCTION(openssl_x509_parse)
  		add_assoc_string(return_value, "alias", tmpstr);
  	}
  
@@ -82,7 +119,7 @@ index da60bb9..2932e16 100644
  	add_assoc_string(return_value, "signatureTypeSN", (char*)OBJ_nid2sn(sig_nid));
  	add_assoc_string(return_value, "signatureTypeLN", (char*)OBJ_nid2ln(sig_nid));
  	add_assoc_long(return_value, "signatureTypeNID", sig_nid);
-@@ -3560,44 +3568,68 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
+@@ -3560,44 +3566,68 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
  {
  	assert(pkey != NULL);
  
@@ -171,7 +208,7 @@ index da60bb9..2932e16 100644
  			}
  			break;
  #endif
-@@ -3609,42 +3641,91 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
+@@ -3609,42 +3639,91 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
  }
  /* }}} */
  
@@ -286,7 +323,7 @@ index da60bb9..2932e16 100644
  		return 0;
  	}
  	/* all good */
-@@ -3652,15 +3733,69 @@ zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
+@@ -3652,15 +3731,69 @@ zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
  }
  /* }}} */
  
@@ -360,7 +397,7 @@ index da60bb9..2932e16 100644
  	PHP_OPENSSL_RAND_ADD_TIME();
  	if (!DH_generate_key(dh)) {
  		return 0;
-@@ -3692,18 +3827,8 @@ PHP_FUNCTION(openssl_pkey_new)
+@@ -3692,18 +3825,8 @@ PHP_FUNCTION(openssl_pkey_new)
  			if (pkey) {
  				RSA *rsa = RSA_new();
  				if (rsa) {
@@ -381,7 +418,7 @@ index da60bb9..2932e16 100644
  					}
  					RSA_free(rsa);
  				}
-@@ -3716,12 +3841,7 @@ PHP_FUNCTION(openssl_pkey_new)
+@@ -3716,12 +3839,7 @@ PHP_FUNCTION(openssl_pkey_new)
  			if (pkey) {
  				DSA *dsa = DSA_new();
  				if (dsa) {
@@ -395,7 +432,7 @@ index da60bb9..2932e16 100644
  						if (EVP_PKEY_assign_DSA(pkey, dsa)) {
  							RETURN_RES(zend_register_resource(pkey, le_key));
  						}
-@@ -3737,11 +3857,7 @@ PHP_FUNCTION(openssl_pkey_new)
+@@ -3737,11 +3855,7 @@ PHP_FUNCTION(openssl_pkey_new)
  			if (pkey) {
  				DH *dh = DH_new();
  				if (dh) {
@@ -408,7 +445,7 @@ index da60bb9..2932e16 100644
  						if (EVP_PKEY_assign_DH(pkey, dh)) {
  							ZVAL_COPY_VALUE(return_value, zend_list_insert(pkey, le_key));
  							return;
-@@ -3819,7 +3935,7 @@ PHP_FUNCTION(openssl_pkey_export_to_file)
+@@ -3819,7 +3933,7 @@ PHP_FUNCTION(openssl_pkey_export_to_file)
  			cipher = NULL;
  		}
  
@@ -417,7 +454,7 @@ index da60bb9..2932e16 100644
  #ifdef HAVE_EVP_PKEY_EC
  			case EVP_PKEY_EC:
  				pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
-@@ -3889,7 +4005,7 @@ PHP_FUNCTION(openssl_pkey_export)
+@@ -3889,7 +4003,7 @@ PHP_FUNCTION(openssl_pkey_export)
  			cipher = NULL;
  		}
  
@@ -426,7 +463,7 @@ index da60bb9..2932e16 100644
  #ifdef HAVE_EVP_PKEY_EC
  			case EVP_PKEY_EC:
  				pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
-@@ -4012,65 +4128,84 @@ PHP_FUNCTION(openssl_pkey_get_details)
+@@ -4012,65 +4126,84 @@ PHP_FUNCTION(openssl_pkey_get_details)
  	/*TODO: Use the real values once the openssl constants are used
  	 * See the enum at the top of this file
  	 */
@@ -554,7 +591,7 @@ index da60bb9..2932e16 100644
  				zval ec;
  				const EC_GROUP *ec_group;
  				int nid;
-@@ -4627,13 +4762,13 @@ PHP_FUNCTION(openssl_private_encrypt)
+@@ -4627,13 +4760,13 @@ PHP_FUNCTION(openssl_private_encrypt)
  	cryptedlen = EVP_PKEY_size(pkey);
  	cryptedbuf = zend_string_alloc(cryptedlen, 0);
  
@@ -570,7 +607,7 @@ index da60bb9..2932e16 100644
  						(int)padding) == cryptedlen);
  			break;
  		default:
-@@ -4687,13 +4822,13 @@ PHP_FUNCTION(openssl_private_decrypt)
+@@ -4687,13 +4820,13 @@ PHP_FUNCTION(openssl_private_decrypt)
  	cryptedlen = EVP_PKEY_size(pkey);
  	crypttemp = emalloc(cryptedlen + 1);
  
@@ -586,7 +623,7 @@ index da60bb9..2932e16 100644
  					(int)padding);
  			if (cryptedlen != -1) {
  				cryptedbuf = zend_string_alloc(cryptedlen, 0);
-@@ -4753,13 +4888,13 @@ PHP_FUNCTION(openssl_public_encrypt)
+@@ -4753,13 +4886,13 @@ PHP_FUNCTION(openssl_public_encrypt)
  	cryptedlen = EVP_PKEY_size(pkey);
  	cryptedbuf = zend_string_alloc(cryptedlen, 0);
  
@@ -602,7 +639,7 @@ index da60bb9..2932e16 100644
  						(int)padding) == cryptedlen);
  			break;
  		default:
-@@ -4814,13 +4949,13 @@ PHP_FUNCTION(openssl_public_decrypt)
+@@ -4814,13 +4947,13 @@ PHP_FUNCTION(openssl_public_decrypt)
  	cryptedlen = EVP_PKEY_size(pkey);
  	crypttemp = emalloc(cryptedlen + 1);
  
@@ -618,7 +655,7 @@ index da60bb9..2932e16 100644
  					(int)padding);
  			if (cryptedlen != -1) {
  				cryptedbuf = zend_string_alloc(cryptedlen, 0);
-@@ -4884,7 +5019,7 @@ PHP_FUNCTION(openssl_sign)
+@@ -4884,7 +5017,7 @@ PHP_FUNCTION(openssl_sign)
  	zend_resource *keyresource = NULL;
  	char * data;
  	size_t data_len;
@@ -627,7 +664,7 @@ index da60bb9..2932e16 100644
  	zval *method = NULL;
  	zend_long signature_algo = OPENSSL_ALGO_SHA1;
  	const EVP_MD *mdtype;
-@@ -4917,9 +5052,11 @@ PHP_FUNCTION(openssl_sign)
+@@ -4917,9 +5050,11 @@ PHP_FUNCTION(openssl_sign)
  	siglen = EVP_PKEY_size(pkey);
  	sigbuf = zend_string_alloc(siglen, 0);
  
@@ -638,11 +675,11 @@ index da60bb9..2932e16 100644
 +	if (md_ctx != NULL &&
 +			EVP_SignInit(md_ctx, mdtype) &&
 +			EVP_SignUpdate(md_ctx, data, data_len) &&
-+			EVP_SignFinal (md_ctx, (unsigned char*)ZSTR_VAL(sigbuf), &siglen, pkey)) {
++			EVP_SignFinal(md_ctx, (unsigned char*)ZSTR_VAL(sigbuf), &siglen, pkey)) {
  		zval_dtor(signature);
  		ZSTR_VAL(sigbuf)[siglen] = '\0';
  		ZSTR_LEN(sigbuf) = siglen;
-@@ -4929,7 +5066,7 @@ PHP_FUNCTION(openssl_sign)
+@@ -4929,7 +5064,7 @@ PHP_FUNCTION(openssl_sign)
  		efree(sigbuf);
  		RETVAL_FALSE;
  	}
@@ -651,7 +688,7 @@ index da60bb9..2932e16 100644
  	if (keyresource == NULL) {
  		EVP_PKEY_free(pkey);
  	}
-@@ -4942,8 +5079,8 @@ PHP_FUNCTION(openssl_verify)
+@@ -4942,8 +5077,8 @@ PHP_FUNCTION(openssl_verify)
  {
  	zval *key;
  	EVP_PKEY *pkey;
@@ -662,7 +699,7 @@ index da60bb9..2932e16 100644
  	const EVP_MD *mdtype;
  	zend_resource *keyresource = NULL;
  	char * data;
-@@ -4981,10 +5118,13 @@ PHP_FUNCTION(openssl_verify)
+@@ -4981,10 +5116,13 @@ PHP_FUNCTION(openssl_verify)
  		RETURN_FALSE;
  	}
  
@@ -672,15 +709,15 @@ index da60bb9..2932e16 100644
 -	EVP_MD_CTX_cleanup(&md_ctx);
 +	md_ctx = EVP_MD_CTX_create();
 +	if (md_ctx) {
-+		EVP_VerifyInit (md_ctx, mdtype);
-+		EVP_VerifyUpdate (md_ctx, data, data_len);
++		EVP_VerifyInit(md_ctx, mdtype);
++		EVP_VerifyUpdate(md_ctx, data, data_len);
 +		err = EVP_VerifyFinal(md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey);
 +	}
 +	EVP_MD_CTX_destroy(md_ctx);
  
  	if (keyresource == NULL) {
  		EVP_PKEY_free(pkey);
-@@ -5008,7 +5148,7 @@ PHP_FUNCTION(openssl_seal)
+@@ -5008,7 +5146,7 @@ PHP_FUNCTION(openssl_seal)
  	char *method =NULL;
  	size_t method_len = 0;
  	const EVP_CIPHER *cipher;
@@ -689,7 +726,7 @@ index da60bb9..2932e16 100644
  
  	if (zend_parse_parameters(ZEND_NUM_ARGS(), "sz/z/a/|sz/", &data, &data_len,
  				&sealdata, &ekeys, &pubkeys, &method, &method_len, &iv) == FAILURE) {
-@@ -5061,22 +5201,23 @@ PHP_FUNCTION(openssl_seal)
+@@ -5061,22 +5199,23 @@ PHP_FUNCTION(openssl_seal)
  		i++;
  	} ZEND_HASH_FOREACH_END();
  
@@ -721,7 +758,7 @@ index da60bb9..2932e16 100644
  		goto clean_exit;
  	}
  
-@@ -5104,7 +5245,7 @@ PHP_FUNCTION(openssl_seal)
+@@ -5104,7 +5243,7 @@ PHP_FUNCTION(openssl_seal)
  		efree(buf);
  	}
  	RETVAL_LONG(len1 + len2);
@@ -730,7 +767,7 @@ index da60bb9..2932e16 100644
  
  clean_exit:
  	for (i=0; i<nkeys; i++) {
-@@ -5131,7 +5272,7 @@ PHP_FUNCTION(openssl_open)
+@@ -5131,7 +5270,7 @@ PHP_FUNCTION(openssl_open)
  	int len1, len2, cipher_iv_len;
  	unsigned char *buf, *iv_buf;
  	zend_resource *keyresource = NULL;
@@ -739,7 +776,7 @@ index da60bb9..2932e16 100644
  	char * data;
  	size_t data_len;
  	char * ekey;
-@@ -5182,9 +5323,10 @@ PHP_FUNCTION(openssl_open)
+@@ -5182,9 +5321,10 @@ PHP_FUNCTION(openssl_open)
  
  	buf = emalloc(data_len + 1);
  
@@ -753,7 +790,7 @@ index da60bb9..2932e16 100644
  			efree(buf);
  			RETVAL_FALSE;
  		} else {
-@@ -5201,7 +5343,7 @@ PHP_FUNCTION(openssl_open)
+@@ -5201,7 +5341,7 @@ PHP_FUNCTION(openssl_open)
  	if (keyresource == NULL) {
  		EVP_PKEY_free(pkey);
  	}
@@ -762,7 +799,7 @@ index da60bb9..2932e16 100644
  }
  /* }}} */
  
-@@ -5259,7 +5401,7 @@ PHP_FUNCTION(openssl_digest)
+@@ -5259,7 +5399,7 @@ PHP_FUNCTION(openssl_digest)
  	char *data, *method;
  	size_t data_len, method_len;
  	const EVP_MD *mdtype;
@@ -771,7 +808,7 @@ index da60bb9..2932e16 100644
  	unsigned int siglen;
  	zend_string *sigbuf;
  
-@@ -5275,9 +5417,10 @@ PHP_FUNCTION(openssl_digest)
+@@ -5275,9 +5415,10 @@ PHP_FUNCTION(openssl_digest)
  	siglen = EVP_MD_size(mdtype);
  	sigbuf = zend_string_alloc(siglen, 0);
  
@@ -781,11 +818,11 @@ index da60bb9..2932e16 100644
 +	md_ctx = EVP_MD_CTX_create();
 +	if (EVP_DigestInit(md_ctx, mdtype) &&
 +			EVP_DigestUpdate(md_ctx, (unsigned char *)data, data_len) &&
-+			EVP_DigestFinal (md_ctx, (unsigned char *)ZSTR_VAL(sigbuf), &siglen)) {
++			EVP_DigestFinal(md_ctx, (unsigned char *)ZSTR_VAL(sigbuf), &siglen)) {
  		if (raw_output) {
  			ZSTR_VAL(sigbuf)[siglen] = '\0';
  			ZSTR_LEN(sigbuf) = siglen;
-@@ -5295,6 +5438,8 @@ PHP_FUNCTION(openssl_digest)
+@@ -5295,6 +5436,8 @@ PHP_FUNCTION(openssl_digest)
  		zend_string_release(sigbuf);
  		RETVAL_FALSE;
  	}
@@ -794,7 +831,7 @@ index da60bb9..2932e16 100644
  }
  /* }}} */
  
-@@ -5340,7 +5485,7 @@ PHP_FUNCTION(openssl_encrypt)
+@@ -5340,7 +5483,7 @@ PHP_FUNCTION(openssl_encrypt)
  	char *data, *method, *password, *iv = "";
  	size_t data_len, method_len, password_len, iv_len = 0, max_iv_len;
  	const EVP_CIPHER *cipher_type;
@@ -803,7 +840,7 @@ index da60bb9..2932e16 100644
  	int i=0, keylen;
  	size_t outlen;
  	zend_string *outbuf;
-@@ -5356,6 +5501,12 @@ PHP_FUNCTION(openssl_encrypt)
+@@ -5356,6 +5499,12 @@ PHP_FUNCTION(openssl_encrypt)
  		RETURN_FALSE;
  	}
  
@@ -816,7 +853,7 @@ index da60bb9..2932e16 100644
  	PHP_OPENSSL_CHECK_SIZE_T_TO_INT(data_len, data);
  
  	keylen = EVP_CIPHER_key_length(cipher_type);
-@@ -5376,20 +5527,20 @@ PHP_FUNCTION(openssl_encrypt)
+@@ -5376,20 +5525,20 @@ PHP_FUNCTION(openssl_encrypt)
  	outlen = data_len + EVP_CIPHER_block_size(cipher_type);
  	outbuf = zend_string_alloc(outlen, 0);
  
@@ -843,17 +880,16 @@ index da60bb9..2932e16 100644
  		outlen += i;
  		if (options & OPENSSL_RAW_DATA) {
  			ZSTR_VAL(outbuf)[outlen] = '\0';
-@@ -5412,7 +5563,8 @@ PHP_FUNCTION(openssl_encrypt)
+@@ -5412,7 +5561,7 @@ PHP_FUNCTION(openssl_encrypt)
  	if (free_iv) {
  		efree(iv);
  	}
 -	EVP_CIPHER_CTX_cleanup(&cipher_ctx);
-+	EVP_CIPHER_CTX_cleanup(cipher_ctx);
 +	EVP_CIPHER_CTX_free(cipher_ctx);
  }
  /* }}} */
  
-@@ -5424,7 +5576,7 @@ PHP_FUNCTION(openssl_decrypt)
+@@ -5424,7 +5573,7 @@ PHP_FUNCTION(openssl_decrypt)
  	char *data, *method, *password, *iv = "";
  	size_t data_len, method_len, password_len, iv_len = 0;
  	const EVP_CIPHER *cipher_type;
@@ -862,7 +898,7 @@ index da60bb9..2932e16 100644
  	int i, keylen;
  	size_t outlen;
  	zend_string *outbuf;
-@@ -5440,6 +5592,11 @@ PHP_FUNCTION(openssl_decrypt)
+@@ -5440,6 +5589,11 @@ PHP_FUNCTION(openssl_decrypt)
  		php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm");
  		RETURN_FALSE;
  	}
@@ -874,7 +910,15 @@ index da60bb9..2932e16 100644
  
  	PHP_OPENSSL_CHECK_SIZE_T_TO_INT(data_len, data);
  
-@@ -5473,18 +5630,18 @@ PHP_FUNCTION(openssl_decrypt)
+@@ -5453,6 +5607,7 @@ PHP_FUNCTION(openssl_decrypt)
+ 		base64_str = php_base64_decode((unsigned char*)data, data_len);
+ 		if (!base64_str) {
+ 			php_error_docref(NULL, E_WARNING, "Failed to base64 decode the input");
++			EVP_CIPHER_CTX_free(cipher_ctx);
+ 			RETURN_FALSE;
+ 		}
+ 		data_len = ZSTR_LEN(base64_str);
+@@ -5473,18 +5628,18 @@ PHP_FUNCTION(openssl_decrypt)
  	outlen = data_len + EVP_CIPHER_block_size(cipher_type);
  	outbuf = zend_string_alloc(outlen, 0);
  
@@ -899,17 +943,16 @@ index da60bb9..2932e16 100644
  		outlen += i;
  		ZSTR_VAL(outbuf)[outlen] = '\0';
  		ZSTR_LEN(outbuf) = outlen;
-@@ -5502,7 +5659,8 @@ PHP_FUNCTION(openssl_decrypt)
+@@ -5502,7 +5657,7 @@ PHP_FUNCTION(openssl_decrypt)
  	if (base64_str) {
  		zend_string_release(base64_str);
  	}
 - 	EVP_CIPHER_CTX_cleanup(&cipher_ctx);
-+	EVP_CIPHER_CTX_reset(cipher_ctx);
 +	EVP_CIPHER_CTX_free(cipher_ctx);
  }
  /* }}} */
  
-@@ -5540,6 +5698,7 @@ PHP_FUNCTION(openssl_dh_compute_key)
+@@ -5540,6 +5695,7 @@ PHP_FUNCTION(openssl_dh_compute_key)
  	zval *key;
  	char *pub_str;
  	size_t pub_len;
@@ -917,7 +960,7 @@ index da60bb9..2932e16 100644
  	EVP_PKEY *pkey;
  	BIGNUM *pub;
  	zend_string *data;
-@@ -5551,15 +5710,19 @@ PHP_FUNCTION(openssl_dh_compute_key)
+@@ -5551,15 +5707,19 @@ PHP_FUNCTION(openssl_dh_compute_key)
  	if ((pkey = (EVP_PKEY *)zend_fetch_resource(Z_RES_P(key), "OpenSSL key", le_key)) == NULL) {
  		RETURN_FALSE;
  	}
@@ -1119,3 +1162,6 @@ index 9f7fcae..f571429 100644
  #endif
  
  			*signature_len = phar_hex_str((const char*)sig, sig_len, signature);
+-- 
+2.9.3
+
-- 
cgit