Recently I needed to build an old PHP (php-5.6.34) from source.
Somehow I could
configure with openssl, and
Then I just typed
make test to check the result of the build, and I got the error below:
===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- Bug #48182: ssl handshake fails during asynchronous socket connection [ext/openssl/tests/bug48182.phpt] Bug #54992: Stream not closed and error not returned when SSL CN_match fails [ext/openssl/tests/bug54992.phpt] Bug #65538: SSL context "cafile" supports stream wrappers [ext/openssl/tests/bug65538_001.phpt] Bug #65538: SSL context "cafile" supports phar wrapper [ext/openssl/tests/bug65538_003.phpt] capture_peer_cert context captures on verify failure [ext/openssl/tests/capture_peer_cert_001.phpt] Testing peer fingerprint on connection [ext/openssl/tests/openssl_peer_fingerprint_basic.phpt] Peer verification enabled for client streams [ext/openssl/tests/peer_verification.phpt] Capture SSL session meta array in stream context [ext/openssl/tests/session_meta_capture.phpt] Basic bitwise stream crypto context flag assignment [ext/openssl/tests/stream_crypto_flags_001.phpt] TLSv1.1 and TLSv1.2 bitwise stream crypto flag assignment [ext/openssl/tests/stream_crypto_flags_002.phpt] Server bitwise stream crypto flag assignment [ext/openssl/tests/stream_crypto_flags_003.phpt] Specific protocol method specification [ext/openssl/tests/stream_crypto_flags_004.phpt] Allow host name mismatch when "verify_host" disabled [ext/openssl/tests/stream_verify_peer_name_002.phpt] Host name mismatch triggers error [ext/openssl/tests/stream_verify_peer_name_003.phpt] =====================================================================
Well, I just build the source, why am I getting so many errors?
Digging in the source code, then I noticed that all of the test code above use the
bug54992-ca.pem certificate. This is used to test the SSL/TLS connection.
bug54992-ca.pem is TOO OLD to be effective!
This is already fixed. I found the upstream patch of the PHP source; https://github.com/php/php-src/commit/687dad3674e9af12cec914bdc250a157680076ca
The test errors above disappeared after cherry-picking the patch manually.