Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PHP 8.3.7 compiles dynamic extension openssl error #14201

Open
wheakerd opened this issue May 11, 2024 · 4 comments
Open

PHP 8.3.7 compiles dynamic extension openssl error #14201

wheakerd opened this issue May 11, 2024 · 4 comments
Labels
Bug Extension: openssl Status: Needs Triage

Comments

@wheakerd
Copy link

Description

There is no problem in configuring using ./configure --with-php-config=php-config

Openssl version
openssl -v
OpenSSL 3.2.1 30 Jan 2024 (Library: OpenSSL 3.2.1 30 Jan 2024)

The following is the error reported by make test:
FAIL Bug #65538: SSL context "cafile" disallows URL stream wrappers [tests/bug65538_002.phpt]
FAIL openssl_*() with OPENSSL_KEYTYPE_EC for ec custom params [tests/ecc_custom_params.phpt]
FAIL openssl_x509_verify() tests [tests/openssl_x509_verify.phpt]
FAIL Capture SSL session meta array in stream context [tests/session_meta_capture.phpt]
FAIL Basic bitwise stream crypto context flag assignment [tests/stream_crypto_flags_001.phpt]
FAIL TLSv1.1 and TLSv1.2 bitwise stream crypto flag assignment [tests/stream_crypto_flags_002.phpt]
FAIL Server bitwise stream crypto flag assignment [tests/stream_crypto_flags_003.phpt]
FAIL Specific protocol method specification [tests/stream_crypto_flags_004.phpt]
FAIL tls stream wrapper with min version 1.0 and max version 1.1 [tests/tls_min_v1.0_max_v1.1_wrapper.phpt]
FAIL tls stream wrapper [tests/tls_wrapper.phpt]
FAIL tls stream wrapper when TLS 1.3 available [tests/tls_wrapper_with_tls_v1.3.phpt]
FAIL tlsv1.0 stream wrapper [tests/tlsv1.0_wrapper.phpt]
FAIL tlsv1.1 stream wrapper [tests/tlsv1.1_wrapper.phpt]

This may be a problem with the openssl version, but the clear result I got when configuring is:
checking for openssl >= 1.0.2

When installing different extensions, you may encounter similar problems, but I have no way of knowing that the PHP version to be compiled requires the corresponding third-party library version range, which cannot be found even on the php.net official website.

PHP Version

PHP 8.3.7

Operating System

CentOs Stream 9 x86_64
@wheakerd
Copy link
Author

php_test_results_20240511_1039.txt
This is a test report file I saved

@wheakerd
Copy link
Author

The same problem also occurs in the 1.1.1u version of openssal.

The download address for this version is: https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1u/openssl-1.1.1u.tar.gz

@remicollet
Copy link
Contributor

On RHEL/CentOS you need to allow legacy crypto algo

Try using
update-crypto-policies --set LEGACY

@wheakerd
Copy link
Author

@remicollet

Thank you very much for providing the solution, but after using it, there are still two testing errors.

FAIL Bug # 65538: SSL context "cache" disallows URL stream wrappers [tests/bug65538:002. phpt]
FAIL openssl_ * with OPENSSL_KEYTYPE.EC for ec custom params [tests/ecc_custom_params. phpt]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Extension: openssl Status: Needs Triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@remicollet @devnexen @wheakerd