Merge branch 'PHP-8.5'

ndossche · ndossche · commit a0e679ede2bb · 2026-04-03T22:43:59.000+02:00
* PHP-8.5: openssl: Fix error propagation in csr exports (#21403) openssl: Fix missing error propagation in openssl_x509_export() (#21375) Fix SKIPIF of openssl_password.phpt (#20941)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -861,8 +861,7 @@ PHP_FUNCTION(openssl_x509_export)
 	}
 	if (!notext && !X509_print(bio_out, cert)) {
 		php_openssl_store_errors();
-	}
-	if (PEM_write_bio_X509(bio_out, cert)) {
+	} else if (PEM_write_bio_X509(bio_out, cert)) {
 		BUF_MEM *bio_buf;
 
 		BIO_get_mem_ptr(bio_out, &bio_buf);
@@ -1625,9 +1624,9 @@ PHP_FUNCTION(openssl_csr_export_to_file)
 	bio_out = BIO_new_file(file_path, PHP_OPENSSL_BIO_MODE_W(PKCS7_BINARY));
 	if (bio_out != NULL) {
 		if (!notext && !X509_REQ_print(bio_out, csr)) {
+			/* TODO: warn? */
 			php_openssl_store_errors();
-		}
-		if (!PEM_write_bio_X509_REQ(bio_out, csr)) {
+		} else if (!PEM_write_bio_X509_REQ(bio_out, csr)) {
 			php_error_docref(NULL, E_WARNING, "Error writing PEM to file %s", file_path);
 			php_openssl_store_errors();
 		} else {
@@ -1676,9 +1675,7 @@ PHP_FUNCTION(openssl_csr_export)
 	bio_out = BIO_new(BIO_s_mem());
 	if (!notext && !X509_REQ_print(bio_out, csr)) {
 		php_openssl_store_errors();
-	}
-
-	if (PEM_write_bio_X509_REQ(bio_out, csr)) {
+	} else if (PEM_write_bio_X509_REQ(bio_out, csr)) {
 		BUF_MEM *bio_buf;
 
 		BIO_get_mem_ptr(bio_out, &bio_buf);
diff --git a/ext/openssl/tests/openssl_password.phpt b/ext/openssl/tests/openssl_password.phpt
@@ -5,7 +5,10 @@ openssl
 --SKIPIF--
 <?php
 if (!function_exists('openssl_password_hash')) {
-    echo "skip - No openssl_password_hash";
+    die("skip No openssl_password_hash");
+}
+if (!defined('PASSWORD_ARGON2_PROVIDER')) {
+    die("skip No openssl argon2 support");
 }
 ?>
 --FILE--
