Use custom OpenSSL libctx in md and cipher handling code#18516
Conversation
|
This needs a bit more work to free stuff correctly so moving to draft. |
bukka
force-pushed
the
openssl_libctx_md_and_cipher
branch
from
e8e295b to
4b93dca
Compare
bukka
force-pushed
the
openssl_libctx_md_and_cipher
branch
from
4b93dca to
2655b22
Compare
|
Pipeline is green so this is ready for review! |
|
|
||
| const EVP_CIPHER *php_openssl_get_evp_cipher_from_algo(zend_long algo) | ||
| { | ||
| if (algo < 0 || algo >= (zend_long)(sizeof(php_openssl_cipher_names) / sizeof(*php_openssl_cipher_names))) { |
There was a problem hiding this comment.
One neat trick is to make the type of algo zend_ulong. Then you only need the >= check and don't need the zend_long cast. Same suggestion for php_openssl_get_evp_md_from_algo
There was a problem hiding this comment.
It makes sense but algo might come from PHP constant (for example argument in openssl_pkcs7_encrypt) so this check would just need to be done elsewhere. I think it's better to leave it for separate PR as it's a bit unrelated to this change.
|
Just a note that I need to look how to make the whole libctx configurable as it might be a regression for custom OPENSSL_CONF which I don't think is currently loaded in new libctx |
2 participants
The is another chunk of work to support custom libctx - this time in cipher and message digest code.