This commit is contained in:
Remi Collet 2018-09-11 11:52:43 +02:00
parent a7dda99884
commit af8e1ad606
6 changed files with 109 additions and 2 deletions

1
.gitignore vendored
View File

@ -26,3 +26,4 @@ php-7.1.*.xz
/php-7.2.8.tar.xz
/php-7.2.9.tar.xz
/php-7.2.10RC1.tar.xz
/php-7.2.10.tar.xz

View File

@ -0,0 +1,37 @@
From be50a72715c141befe6f34ece660745da894aaf3 Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Sun, 9 Sep 2018 18:53:37 +0100
Subject: [PATCH] Fix ssl stream reneg limit test to print only after first
renegotiation
It has been reported that in some setup the test does multiple
renegotiations which is allowed.
---
ext/openssl/tests/stream_server_reneg_limit.phpt | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ext/openssl/tests/stream_server_reneg_limit.phpt b/ext/openssl/tests/stream_server_reneg_limit.phpt
index f0353351a23a..f033cbabe343 100644
--- a/ext/openssl/tests/stream_server_reneg_limit.phpt
+++ b/ext/openssl/tests/stream_server_reneg_limit.phpt
@@ -22,14 +22,18 @@ if(substr(PHP_OS, 0, 3) == 'WIN') {
*/
$serverCode = <<<'CODE'
+ $printed = false;
$serverUri = "ssl://127.0.0.1:64321";
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => __DIR__ . '/bug54992.pem',
'reneg_limit' => 0,
'reneg_window' => 30,
- 'reneg_limit_callback' => function($stream) {
- var_dump($stream);
+ 'reneg_limit_callback' => function($stream) use (&$printed) {
+ if (!$printed) {
+ $printed = true;
+ var_dump($stream);
+ }
}
]]);

View File

@ -0,0 +1,22 @@
From c1729272b17a1fe893d1a54e423d3b71470f3ee8 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 29 Aug 2018 09:10:59 +0200
Subject: [PATCH] fix double cast to int on 32-bit
---
Zend/zend_operators.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c
index cafb14d4cc25..9a8a40142433 100644
--- a/Zend/zend_operators.c
+++ b/Zend/zend_operators.c
@@ -3101,7 +3101,7 @@ ZEND_API zend_long ZEND_FASTCALL zend_dval_to_lval_slow(double d)
if (dmod < 0) {
/* we're going to make this number positive; call ceil()
* to simulate rounding towards 0 of the negative number */
- dmod = ceil(dmod);// + two_pow_32;
+ dmod = ceil(dmod) + two_pow_32;
}
return (zend_long)(zend_ulong)dmod;
}

View File

@ -0,0 +1,38 @@
From cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Sun, 2 Sep 2018 20:00:08 +0100
Subject: [PATCH] Fix stream_security_level.phpt with OpenSSL 1.1.1
---
ext/openssl/tests/stream_security_level.phpt | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt
index fb1d36a58624..26fedcf670e9 100644
--- a/ext/openssl/tests/stream_security_level.phpt
+++ b/ext/openssl/tests/stream_security_level.phpt
@@ -5,6 +5,7 @@ security_level setting to prohibit cert
if (!extension_loaded("openssl")) die("skip openssl not loaded");
if (OPENSSL_VERSION_NUMBER < 0x10100000) die("skip OpenSSL >= v1.1.0 required");
if (!function_exists("proc_open")) die("skip no proc_open");
+?>
--FILE--
<?php
$serverCode = <<<'CODE'
@@ -24,7 +25,7 @@ $clientCode = <<<'CODE'
$serverUri = "ssl://127.0.0.1:64322";
$clientFlags = STREAM_CLIENT_CONNECT;
$clientCtx = stream_context_create(['ssl' => [
- 'security_level' => 3,
+ 'security_level' => 2,
'verify_peer' => true,
'cafile' => __DIR__ . '/bug54992-ca.pem',
'verify_peer_name' => false
@@ -38,6 +39,7 @@ CODE;
include 'ServerClientTestCase.inc';
ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
+?>
--EXPECTF--
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d

View File

@ -59,7 +59,7 @@
%endif
%global upver 7.2.10
%global rcver RC1
#global rcver RC1
Summary: PHP scripting language for creating dynamic web sites
Name: php
@ -113,6 +113,9 @@ Patch47: php-5.6.3-phpinfo.patch
Patch48: php-7.2.8-getallheaders.patch
# Upstream fixes (100+)
Patch100: https://github.com/php/php-src/commit/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch
Patch101: https://github.com/php/php-src/commit/be50a72715c141befe6f34ece660745da894aaf3.patch
Patch102: https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch
# Security fixes (200+)
@ -715,6 +718,9 @@ low-level PHP extension for the libsodium cryptographic library.
%patch48 -p1 -b .getallheaders
# upstream patches
%patch100 -p1 -b .up1
%patch101 -p1 -b .up2
%patch102 -p1 -b .up3
# security patches
@ -1556,6 +1562,9 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%changelog
* Tue Sep 11 2018 Remi Collet <remi@remirepo.net> - 7.2.10-1
- Update to 7.2.10 - http://www.php.net/releases/7_2_10.php
* Tue Aug 28 2018 Remi Collet <remi@remirepo.net> - 7.2.10~RC1-1
- update to 7.2.10RC1

View File

@ -1 +1 @@
SHA512 (php-7.2.10RC1.tar.xz) = 14c2a92a540389dd38f97f92723e1d3635528e264da504b4ff8bf0c3856f2600a2c3f2d1537868cc8e88e51e162008f4ee60d85b0502d56f3cc5e149de8a0250
SHA512 (php-7.2.10.tar.xz) = aa90fce17034b2649012d66461626ae74c21ea938b1c71c7eb12419e562c641b432df87a7e900c245ad28df39624cf64a1b2f8ffb123608d94cd35e41f09c0fe