Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenSSL legacy providers not available on Windows #9890

Closed
JanSlabon opened this issue Nov 4, 2022 · 5 comments
Closed

OpenSSL legacy providers not available on Windows #9890

JanSlabon opened this issue Nov 4, 2022 · 5 comments

Comments

@JanSlabon
Copy link

Description

As OpenSSL 3 has disabled legacy algorithms by default we need a way to reactivate them.

This seems not to be possible with the current RC of PHP 8.2 on Windows:

grafik
I took the configuration file from https://salsa.debian.org/php-team/pear/php-dapphp-radius/-/merge_requests/2/diffs

Maybee legacy.dll is simply missing?

PHP Version

PHP 8.2.0RC5

Operating System

Windows 10

@cmb69
Copy link
Member

cmb69 commented Nov 4, 2022

Thanks for reporting!

Indeed, we do not ship legacy.dll yet (but we should). It is contained in the openssl-3.0.7-vs16-x64.zip, though, and you can use that for now. Just put lib/openssl-modules/legacy.dll somewhere, and set the environment variable OPENSSL_MODULES to the folder where you've put legacy.dll. (It seems the current default doesn't make much sense since we switched the default config path; need to check that.)

@cmb69 cmb69 changed the title [8.2.0RC5] OpenSSL legacy providers on Windows OpenSSL legacy providers not available on Windows Nov 4, 2022
cmb69 added a commit to cmb69/php-src that referenced this issue Nov 4, 2022
We need to copy the provider DLLs from the dependency package to the
PHP distribution.
@cmb69 cmb69 linked a pull request Nov 4, 2022 that will close this issue
@JanSlabon
Copy link
Author

Thanks for checking this! Your workaround with the OPENSSL_MODULES environment variable works for us for now.

@bukka
Copy link
Member

bukka commented Nov 13, 2022

The question has been answered and workaround works. Don't think there's anything else to do.

@bukka bukka closed this as completed Nov 13, 2022
@bukka
Copy link
Member

bukka commented Nov 13, 2022

Ok I just see #9894 is still open so will re-open this.

@bukka bukka reopened this Nov 13, 2022
@cmb69 cmb69 closed this as completed in 9aa86e6 Nov 14, 2022
cmb69 added a commit that referenced this issue Nov 14, 2022
* PHP-8.2:
  Fix GH-9890: OpenSSL legacy providers not available on Windows
TimWolla added a commit to TimWolla/php-src that referenced this issue Nov 15, 2022
* master: (274 commits)
  Cache UTF-8-validity status of strings in GC flags
  Escape the role attribute of namespaced classes (php#9952)
  Fix phpGH-9932: Discards further characters for session name.
  Fix phpGH-9890: OpenSSL legacy providers not available on Windows
  Fix regression test for phpGH-9535 on PHP-8.2+
  Fix memory leak
  Introduce TEST_FPM_EXTENSION_DIR for FPM tests with shared extensions
  [ci skip] NEWS
  Fix phpGH-9535 (unintended behavior change for mb_strcut in PHP 8.1)
  [ci skip] NEWS
  [ci skip] NEWS
  Fix phpGH-9298: remove all registered signal handlers in pcntl RSHUTDOWN
  Fix phpGH-9923: Add the `SIGINFO` constant in pcntl for system supporting it.
  Skip tests if extension or SAPI is not included. (php#9939)
  Remove unused PHP 8.1 BC layer in JIT (php#9937)
  [skip ci] Skip function JIT in nightly for ASAN
  [skip ci] Backport XFAIL of failing test
  Disable opcache file_cache for observer preloading test
  No more need to cater to mime_magic extension
  [ci skip] Fix phpGH-9918: License information for xxHash is not included in README.REDIST.BINS file
  ...
@abhishek--ranjan
Copy link

abhishek--ranjan commented Dec 17, 2023

what is the alternate to read the cert without fallback on the legacy dll.
the issue is similar with most of the open ssl methods in php
$certData = openssl_x509_read($certInput); //does not work

[cert] => -----BEGIN CERTIFICATE-----
MIIHAjCCBeqgAwIBAgIFbg38IWEwDQYJKoZIhvcNAQELBQAwgZMxCzAJBgNVBAYT
AklOMS0wKwYDVQQKEyRDYXByaWNvcm4gSWRlbnRpdHkgU2VydmljZXMgUHZ0IEx0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants