Control: reassign -1 openssl 1.0.1t-1+deb8u4 Hi,
On Fri, Sep 23, 2016 at 03:57:02PM -0300, Jean-Paul Deveaux wrote: > Package: php5 > Version: 5.6.24+dfsg-0+deb8u1 > Severity: normal > > Dear Maintainer, > > Upgraded PHP5 using Debian stable repo today; code that parsed client > certificate for user authentication stopped working. > > $cert = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']); > > In previous versions of PHP5 (5.6.22-0+deb8u1), this call works without any > problems (returning associative array of cert guts) > In current version, seg fault. > > For the time being, my work around involves an 'exec' call to openssl to > extract cert details for authentication. I could probably also do it at the > apache level. I think this is the regression in the recent openssl DSA, and should be fixed soon with the followup update 1.0.1t-1+deb8u5. Regards, Salvatore
