Compare commits

...

No commits in common. "c8-stream-7.2" and "c9-beta" have entirely different histories.

32 changed files with 7277 additions and 1070 deletions

3
.gitignore vendored
View File

@ -1 +1,2 @@
SOURCES/php-7.2.24.tar.xz SOURCES/php-8.0.27.tar.xz
SOURCES/php-keyring.gpg

View File

@ -1 +1,2 @@
d31628bdc89a724a2a0950c2ed7d79b40cf489a7 SOURCES/php-7.2.24.tar.xz ac46d5e81f142f65130407d073997f549f316b4f SOURCES/php-8.0.27.tar.xz
84a18625778745667413034f693446ea76846714 SOURCES/php-keyring.gpg

View File

@ -5,17 +5,17 @@ zend_extension=opcache
opcache.enable=1 opcache.enable=1
; Determines if Zend OPCache is enabled for the CLI version of PHP ; Determines if Zend OPCache is enabled for the CLI version of PHP
;opcache.enable_cli=0 opcache.enable_cli=1
; The OPcache shared memory storage size. ; The OPcache shared memory storage size.
opcache.memory_consumption=128 ;opcache.memory_consumption=128
; The amount of memory for interned strings in Mbytes. ; The amount of memory for interned strings in Mbytes.
opcache.interned_strings_buffer=8 ;opcache.interned_strings_buffer=8
; The maximum number of keys (scripts) in the OPcache hash table. ; The maximum number of keys (scripts) in the OPcache hash table.
; Only numbers between 200 and 1000000 are allowed. ; Only numbers between 200 and 1000000 are allowed.
opcache.max_accelerated_files=4000 ;opcache.max_accelerated_files=10000
; The maximum percentage of "wasted" memory until a restart is scheduled. ; The maximum percentage of "wasted" memory until a restart is scheduled.
;opcache.max_wasted_percentage=5 ;opcache.max_wasted_percentage=5
@ -42,18 +42,20 @@ opcache.max_accelerated_files=4000
; size of the optimized code. ; size of the optimized code.
;opcache.save_comments=1 ;opcache.save_comments=1
; If enabled, a fast shutdown sequence is used for the accelerated code ; If enabled, compilation warnings (including notices and deprecations) will
; Depending on the used Memory Manager this may cause some incompatibilities. ; be recorded and replayed each time a file is included. Otherwise, compilation
;opcache.fast_shutdown=0 ; warnings will only be emitted when the file is first cached.
;opcache.record_warnings=0
; Allow file existence override (file_exists, etc.) performance feature. ; Allow file existence override (file_exists, etc.) performance feature.
;opcache.enable_file_override=0 ;opcache.enable_file_override=0
; A bitmask, where each bit enables or disables the appropriate OPcache ; A bitmask, where each bit enables or disables the appropriate OPcache
; passes ; passes
;opcache.optimization_level=0xffffffff ;opcache.optimization_level=0x7FFFBFFF
;opcache.inherited_hack=1 ; This hack should only be enabled to work around "Cannot redeclare class"
; errors.
;opcache.dups_fix=0 ;opcache.dups_fix=0
; The location of the OPcache blacklist file (wildcards allowed). ; The location of the OPcache blacklist file (wildcards allowed).
@ -112,6 +114,10 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
; cache is required. ; cache is required.
;opcache.file_cache_fallback=1 ;opcache.file_cache_fallback=1
; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
; This should improve performance, but requires appropriate OS configuration.
opcache.huge_code_pages=0
; Validate cached file permissions. ; Validate cached file permissions.
; Leads OPcache to check file readability on each access to cached file. ; Leads OPcache to check file readability on each access to cached file.
; This directive should be enabled in shared hosting environment, when few ; This directive should be enabled in shared hosting environment, when few
@ -124,7 +130,24 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
; different "chroot" environments. ; different "chroot" environments.
;opcache.validate_root=0 ;opcache.validate_root=0
; Enables or disables copying of PHP code (text segment) into HUGE PAGES. ; If specified, it produces opcode dumps for debugging different stages of
; This should improve performance, but requires appropriate OS configuration. ; optimizations.
opcache.huge_code_pages=0 ;opcache.opt_debug_level=0
; Specifies a PHP script that is going to be compiled and executed at server
; start-up.
; http://php.net/opcache.preload
;opcache.preload=
; Preloading code as root is not allowed for security reasons. This directive
; facilitates to let the preloading to be run as another user.
; http://php.net/opcache.preload_user
;opcache.preload_user=
; Prevents caching files that are less than this number of seconds old. It
; protects from caching of incompletely updated files. In case all file updates
; on your site are atomic, you may increase performance by setting it to "0".
;opcache.file_update_protection=2
; Absolute path used to store shared lockfiles (for *nix only).
;opcache.lockfile_path=/tmp

13
SOURCES/20-ffi.ini Normal file
View File

@ -0,0 +1,13 @@
; Enable ffi extension module
extension=ffi
; FFI API restriction. Possibe values:
; "preload" - enabled in CLI scripts and preloaded files (default)
; "false" - always disabled
; "true" - always enabled
;ffi.enable=preload
; List of headers files to preload, wildcard patterns allowed.
; /usr/share/php/preload used by for RPM packages
; /usr/local/share/php/preload may be used for local files
ffi.preload=/usr/share/php/preload/*.h:/usr/local/share/php/preload/*.h

View File

@ -1,17 +0,0 @@
diff -up php-5.3.0beta1/ext/recode/config9.m4.recode php-5.3.0beta1/ext/recode/config9.m4
--- php-5.3.0beta1/ext/recode/config9.m4.recode 2008-12-02 00:30:21.000000000 +0100
+++ php-5.3.0beta1/ext/recode/config9.m4 2009-02-28 09:46:50.000000000 +0100
@@ -4,13 +4,6 @@ dnl
dnl Check for extensions with which Recode can not work
if test "$PHP_RECODE" != "no"; then
- test "$PHP_IMAP" != "no" && recode_conflict="$recode_conflict imap"
-
- if test -n "$MYSQL_LIBNAME"; then
- PHP_CHECK_LIBRARY($MYSQL_LIBNAME, hash_insert, [
- recode_conflict="$recode_conflict mysql"
- ])
- fi
if test -n "$recode_conflict"; then
AC_MSG_ERROR([recode extension can not be configured together with:$recode_conflict])

View File

@ -1,23 +0,0 @@
--- a/ext/date/tests/bug66985.phpt 2014-10-30 07:32:03.297693403 +0100
+++ b/ext/date/tests/bug66985.phpt 2014-10-30 07:32:45.138877977 +0100
@@ -3,7 +3,7 @@
--FILE--
<?php
$zones = array(
- "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "Factory", "GB-Eire",
+ "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "GB-Eire",
"GMT0", "Greenwich", "Hongkong", "Iceland", "Iran", "Israel", "Jamaica",
"Japan", "Kwajalein", "Libya", "MST7MDT", "Navajo", "NZ-CHAT", "Poland",
"Portugal", "PST8PDT", "Singapore", "Turkey", "Universal", "W-SU",
@@ -45,11 +45,6 @@
)
DateTimeZone Object
(
- [timezone_type] => 3
- [timezone] => Factory
-)
-DateTimeZone Object
-(
[timezone_type] => 3
[timezone] => GB-Eire
)

View File

@ -1,27 +0,0 @@
Drop "Configure Command" from phpinfo as it doesn't
provide any useful information.
The available extensions are not related to this command.
--- php-5.4.9/ext/standard/info.c.orig 2012-12-11 10:43:02.450578276 +0100
+++ php-5.4.9/ext/standard/info.c 2012-12-11 10:44:12.530820821 +0100
@@ -743,9 +743,6 @@
#ifdef ARCHITECTURE
php_info_print_table_row(2, "Architecture", ARCHITECTURE);
#endif
-#ifdef CONFIGURE_COMMAND
- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
-#endif
if (sapi_module.pretty_name) {
php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
--- php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt.orig 2012-12-11 11:07:26.959156091 +0100
+++ php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt 2012-12-11 11:07:30.899170970 +0100
@@ -20,7 +20,6 @@
System => %s
Build Date => %s%a
-Configure Command => %s
Server API => Command Line Interface
Virtual Directory Support => %s
Configuration File (php.ini) Path => %s

View File

@ -1,30 +0,0 @@
diff -up php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen php-7.2.4RC1/sapi/litespeed/lsapilib.c
--- php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen 2018-03-13 12:40:25.330885880 +0100
+++ php-7.2.4RC1/sapi/litespeed/lsapilib.c 2018-03-13 12:41:35.797251042 +0100
@@ -755,7 +755,7 @@ static int (*fp_lve_leave)(struct liblve
static int (*fp_lve_jail)( struct passwd *, char *) = NULL;
static int lsapi_load_lve_lib(void)
{
- s_liblve = dlopen("liblve.so.0", RTLD_LAZY);
+ s_liblve = dlopen("liblve.so.0", RTLD_NOW);
if (s_liblve)
{
fp_lve_is_available = dlsym(s_liblve, "lve_is_available");
diff -up php-7.2.4RC1/Zend/zend_portability.h.dlopen php-7.2.4RC1/Zend/zend_portability.h
--- php-7.2.4RC1/Zend/zend_portability.h.dlopen 2018-03-13 12:33:38.000000000 +0100
+++ php-7.2.4RC1/Zend/zend_portability.h 2018-03-13 12:40:25.330885880 +0100
@@ -144,11 +144,11 @@
# endif
# if defined(RTLD_GROUP) && defined(RTLD_WORLD) && defined(RTLD_PARENT)
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT)
# elif defined(RTLD_DEEPBIND) && !defined(__SANITIZE_ADDRESS__)
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_DEEPBIND)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_DEEPBIND)
# else
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL)
# endif
# define DL_UNLOAD dlclose
# if defined(DLSYM_NEEDS_UNDERSCORE)

View File

@ -1,12 +0,0 @@
diff -up php-7.2.4RC1/configure.ac.fixheader php-7.2.4RC1/configure.ac
--- php-7.2.4RC1/configure.ac.fixheader 2018-03-13 12:42:47.594623100 +0100
+++ php-7.2.4RC1/configure.ac 2018-03-13 12:43:35.591871825 +0100
@@ -1275,7 +1275,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d`
fi
AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date])
-PHP_UNAME=`uname -a | xargs`
+PHP_UNAME=`uname | xargs`
AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output])
PHP_OS=`uname | xargs`
AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output])

View File

@ -1,280 +0,0 @@
Adapted for 7.2.7 from 7.3 by remi
From 0ea4013f101d64fbeb9221260b36e98f10ed1ddd Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 4 Jul 2018 08:48:38 +0200
Subject: [PATCH] Fixed bug #62596 add getallheaders (apache_request_headers)
missing function in FPM add sapi_add_request_header in public API (was
add_request_header) fix arginfo for fastcgi_finish_request fucntion
---
main/SAPI.c | 50 +++++++++++++++++++++++++++++
main/SAPI.h | 1 +
sapi/cgi/cgi_main.c | 51 +----------------------------
sapi/fpm/fpm/fpm_main.c | 25 ++++++++++++++-
sapi/fpm/tests/getallheaders.phpt | 67 +++++++++++++++++++++++++++++++++++++++
5 files changed, 143 insertions(+), 51 deletions(-)
create mode 100644 sapi/fpm/tests/getallheaders.phpt
diff --git a/main/SAPI.c b/main/SAPI.c
index b6c3329..7e0c7c8 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -1104,6 +1104,56 @@ SAPI_API void sapi_terminate_process(void) {
}
}
+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */
+{
+ zval *return_value = (zval*)arg;
+ char *str = NULL;
+
+ ALLOCA_FLAG(use_heap)
+
+ if (var_len > 5 &&
+ var[0] == 'H' &&
+ var[1] == 'T' &&
+ var[2] == 'T' &&
+ var[3] == 'P' &&
+ var[4] == '_') {
+
+ char *p;
+
+ var_len -= 5;
+ p = var + 5;
+ var = str = do_alloca(var_len + 1, use_heap);
+ *str++ = *p++;
+ while (*p) {
+ if (*p == '_') {
+ *str++ = '-';
+ p++;
+ if (*p) {
+ *str++ = *p++;
+ }
+ } else if (*p >= 'A' && *p <= 'Z') {
+ *str++ = (*p++ - 'A' + 'a');
+ } else {
+ *str++ = *p++;
+ }
+ }
+ *str = 0;
+ } else if (var_len == sizeof("CONTENT_TYPE")-1 &&
+ memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) {
+ var = "Content-Type";
+ } else if (var_len == sizeof("CONTENT_LENGTH")-1 &&
+ memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) {
+ var = "Content-Length";
+ } else {
+ return;
+ }
+ add_assoc_stringl_ex(return_value, var, var_len, val, val_len);
+ if (str) {
+ free_alloca(var, use_heap);
+ }
+}
+/* }}} */
+
/*
* Local variables:
* tab-width: 4
diff --git a/main/SAPI.h b/main/SAPI.h
index f829fd7..4b8e223 100644
--- a/main/SAPI.h
+++ b/main/SAPI.h
@@ -151,6 +151,7 @@ SAPI_API void sapi_shutdown(void);
SAPI_API void sapi_activate(void);
SAPI_API void sapi_deactivate(void);
SAPI_API void sapi_initialize_empty_request(void);
+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg);
END_EXTERN_C()
/*
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 2e9cefe..350846d 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1591,54 +1591,6 @@ PHP_FUNCTION(apache_child_terminate) /*
}
/* }}} */
-static void add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */
-{
- zval *return_value = (zval*)arg;
- char *str = NULL;
- char *p;
- ALLOCA_FLAG(use_heap)
-
- if (var_len > 5 &&
- var[0] == 'H' &&
- var[1] == 'T' &&
- var[2] == 'T' &&
- var[3] == 'P' &&
- var[4] == '_') {
-
- var_len -= 5;
- p = var + 5;
- var = str = do_alloca(var_len + 1, use_heap);
- *str++ = *p++;
- while (*p) {
- if (*p == '_') {
- *str++ = '-';
- p++;
- if (*p) {
- *str++ = *p++;
- }
- } else if (*p >= 'A' && *p <= 'Z') {
- *str++ = (*p++ - 'A' + 'a');
- } else {
- *str++ = *p++;
- }
- }
- *str = 0;
- } else if (var_len == sizeof("CONTENT_TYPE")-1 &&
- memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) {
- var = "Content-Type";
- } else if (var_len == sizeof("CONTENT_LENGTH")-1 &&
- memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) {
- var = "Content-Length";
- } else {
- return;
- }
- add_assoc_stringl_ex(return_value, var, var_len, val, val_len);
- if (str) {
- free_alloca(var, use_heap);
- }
-}
-/* }}} */
-
PHP_FUNCTION(apache_request_headers) /* {{{ */
{
if (zend_parse_parameters_none()) {
@@ -1648,7 +1600,7 @@ PHP_FUNCTION(apache_request_headers) /*
if (fcgi_is_fastcgi()) {
fcgi_request *request = (fcgi_request*) SG(server_context);
- fcgi_loadenv(request, add_request_header, return_value);
+ fcgi_loadenv(request, sapi_add_request_header, return_value);
} else {
char buf[128];
char **env, *p, *q, *var, *val, *t = buf;
diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index 3256660..e815be4 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1533,6 +1533,10 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */
{
fcgi_request *request = (fcgi_request*) SG(server_context);
+ if (zend_parse_parameters_none() == FAILURE) {
+ return;
+ }
+
if (!fcgi_is_closed(request)) {
php_output_end_all();
php_header();
@@ -1547,8 +1551,27 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */
}
/* }}} */
+ZEND_BEGIN_ARG_INFO(cgi_fcgi_sapi_no_arginfo, 0)
+ZEND_END_ARG_INFO()
+
+PHP_FUNCTION(apache_request_headers) /* {{{ */
+{
+ fcgi_request *request;
+
+ if (zend_parse_parameters_none() == FAILURE) {
+ return;
+ }
+
+ array_init(return_value);
+ if ((request = (fcgi_request*) SG(server_context))) {
+ fcgi_loadenv(request, sapi_add_request_header, return_value);
+ }
+} /* }}} */
+
static const zend_function_entry cgi_fcgi_sapi_functions[] = {
- PHP_FE(fastcgi_finish_request, NULL)
+ PHP_FE(fastcgi_finish_request, cgi_fcgi_sapi_no_arginfo)
+ PHP_FE(apache_request_headers, cgi_fcgi_sapi_no_arginfo)
+ PHP_FALIAS(getallheaders, apache_request_headers, cgi_fcgi_sapi_no_arginfo)
PHP_FE_END
};
diff --git a/sapi/fpm/tests/getallheaders.phpt b/sapi/fpm/tests/getallheaders.phpt
new file mode 100644
index 0000000..b41f1c6
--- /dev/null
+++ b/sapi/fpm/tests/getallheaders.phpt
@@ -0,0 +1,67 @@
+--TEST--
+FPM: Function getallheaders basic test
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+require_once "tester.inc";
+
+$cfg = <<<EOT
+[global]
+error_log = {{FILE:LOG}}
+[unconfined]
+listen = {{ADDR}}
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 1
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+EOT;
+
+$code = <<<EOT
+<?php
+echo "Test Start\n";
+var_dump(getallheaders());
+echo "Test End\n";
+EOT;
+
+$headers = [];
+$tester = new FPM\Tester($cfg, $code);
+$tester->start();
+$tester->expectLogStartNotices();
+$tester->request(
+ '',
+ [
+ 'HTTP_X_FOO' => 'BAR',
+ 'HTTP_FOO' => 'foo'
+ ]
+ )->expectBody(
+ [
+ 'Test Start',
+ 'array(4) {',
+ ' ["Foo"]=>',
+ ' string(3) "foo"',
+ ' ["X-Foo"]=>',
+ ' string(3) "BAR"',
+ ' ["Content-Length"]=>',
+ ' string(1) "0"',
+ ' ["Content-Type"]=>',
+ ' string(0) ""',
+ '}',
+ 'Test End',
+ ]
+ );
+$tester->terminate();
+$tester->expectLogTerminatingNotices();
+$tester->close();
+
+?>
+Done
+--EXPECT--
+Done
+--CLEAN--
+<?php
+require_once "tester.inc";
+FPM\Tester::clean();
+?>
--
2.1.4

View File

@ -0,0 +1,98 @@
diff -up ./ext/date/tests/bug33414-2.phpt.datetests ./ext/date/tests/bug33414-2.phpt
--- ./ext/date/tests/bug33414-2.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/bug33414-2.phpt 2020-04-09 14:40:00.809433489 +0200
@@ -74,10 +74,10 @@ $strtotime_tstamp = strtotime("next Frid
print "result=".date("l Y-m-d H:i:s T I", $strtotime_tstamp)."\n";
print "wanted=Friday 00:00:00\n\n";
?>
---EXPECT--
+--EXPECTF--
TZ=Pacific/Rarotonga - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -1030 0
-result=Tuesday 1970-01-06 00:00:00 -1030 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Tuesday 1970-01-06 00:00:00 %s
wanted=Tuesday 00:00:00
TZ=Atlantic/South_Georgia - wrong day.
@@ -91,13 +91,13 @@ result=Monday 2005-04-04 00:00:00 EDT 1
wanted=Monday 00:00:00
TZ=Pacific/Enderbury - wrong day, off by 2 days.
-tStamp=Thursday 1970-01-01 17:17:17 -12 0
-result=Monday 1970-01-05 00:00:00 -12 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Monday 1970-01-05 00:00:00 %s
wanted=Monday 00:00:00
TZ=Pacific/Kiritimati - wrong day, off by 2 days.
-tStamp=Thursday 1970-01-01 17:17:17 -1040 0
-result=Monday 1970-01-05 00:00:00 -1040 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Monday 1970-01-05 00:00:00 %s
wanted=Monday 00:00:00
TZ=America/Managua - wrong day.
@@ -106,13 +106,13 @@ result=Tuesday 2005-04-12 00:00:00 CDT 1
wanted=Tuesday 00:00:00
TZ=Pacific/Pitcairn - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -0830 0
-result=Wednesday 1970-01-07 00:00:00 -0830 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Wednesday 1970-01-07 00:00:00 %s
wanted=Wednesday 00:00:00
TZ=Pacific/Fakaofo - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -11 0
-result=Saturday 1970-01-03 00:00:00 -11 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Saturday 1970-01-03 00:00:00 %s
wanted=Saturday 00:00:00
TZ=Pacific/Johnston - wrong day.
diff -up ./ext/date/tests/bug66985.phpt.datetests ./ext/date/tests/bug66985.phpt
--- ./ext/date/tests/bug66985.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/bug66985.phpt 2020-04-09 14:40:37.099288185 +0200
@@ -3,7 +3,7 @@ Bug #66985 (Some timezones are no longer
--FILE--
<?php
$zones = array(
- "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "Factory", "GB-Eire",
+ "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "GB-Eire",
"GMT0", "Greenwich", "Hongkong", "Iceland", "Iran", "Israel", "Jamaica",
"Japan", "Kwajalein", "Libya", "MST7MDT", "Navajo", "NZ-CHAT", "Poland",
"Portugal", "PST8PDT", "Singapore", "Turkey", "Universal", "W-SU",
@@ -45,11 +45,6 @@ DateTimeZone Object
)
DateTimeZone Object
(
- [timezone_type] => 3
- [timezone] => Factory
-)
-DateTimeZone Object
-(
[timezone_type] => 3
[timezone] => GB-Eire
)
diff -up ./ext/date/tests/strtotime3-64bit.phpt.datetests ./ext/date/tests/strtotime3-64bit.phpt
--- ./ext/date/tests/strtotime3-64bit.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/strtotime3-64bit.phpt 2020-04-09 14:40:00.809433489 +0200
@@ -44,7 +44,7 @@ foreach ($strs as $str) {
}
?>
---EXPECT--
+--EXPECTF--
bool(false)
bool(false)
string(31) "Thu, 15 Jun 2006 00:00:00 +0100"
@@ -53,7 +53,7 @@ bool(false)
string(31) "Fri, 16 Jun 2006 23:49:12 +0100"
bool(false)
string(31) "Fri, 16 Jun 2006 02:22:00 +0100"
-string(31) "Sun, 16 Jun 0222 02:22:00 -0036"
+string(31) "Sun, 16 Jun 0222 02:22:00 %s"
string(31) "Fri, 16 Jun 2006 02:22:33 +0100"
bool(false)
string(31) "Tue, 02 Mar 2004 00:00:00 +0000"

View File

@ -5,10 +5,9 @@ mod_php is build twice
- as ZTS using --enable-maintainer-zts - as ZTS using --enable-maintainer-zts
diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4 diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4
index 2e64b21..ec4799f 100644
--- a/sapi/apache2handler/config.m4 --- a/sapi/apache2handler/config.m4
+++ b/sapi/apache2handler/config.m4 +++ b/sapi/apache2handler/config.m4
@@ -116,17 +116,6 @@ if test "$PHP_APXS2" != "no"; then @@ -105,17 +105,6 @@ if test "$PHP_APXS2" != "no"; then
;; ;;
esac esac
@ -18,7 +17,7 @@ index 2e64b21..ec4799f 100644
- PHP_BUILD_THREAD_SAFE - PHP_BUILD_THREAD_SAFE
- fi - fi
- else - else
- APACHE_THREADED_MPM=`$APXS_HTTPD -V | grep 'threaded:.*yes'` - APACHE_THREADED_MPM=`$APXS_HTTPD -V 2>/dev/null | grep 'threaded:.*yes'`
- if test -n "$APACHE_THREADED_MPM"; then - if test -n "$APACHE_THREADED_MPM"; then
- PHP_BUILD_THREAD_SAFE - PHP_BUILD_THREAD_SAFE
- fi - fi

View File

@ -1,12 +1,12 @@
Use -lldap_r by default. Use -lldap_r by default.
diff -up php-7.2.3RC1/ext/ldap/config.m4.ldap_r php-7.2.3RC1/ext/ldap/config.m4 diff -up php-7.4.0RC2/ext/ldap/config.m4.ldap_r php-7.4.0RC2/ext/ldap/config.m4
--- php-7.2.3RC1/ext/ldap/config.m4.ldap_r 2018-02-14 06:05:11.553142812 +0100 --- php-7.4.0RC2/ext/ldap/config.m4.ldap_r 2019-09-17 10:21:24.769200812 +0200
+++ php-7.2.3RC1/ext/ldap/config.m4 2018-02-14 06:07:31.179816122 +0100 +++ php-7.4.0RC2/ext/ldap/config.m4 2019-09-17 10:21:30.658181771 +0200
@@ -119,7 +119,11 @@ if test "$PHP_LDAP" != "no"; then @@ -68,7 +68,11 @@ if test "$PHP_LDAP" != "no"; then
dnl -pc removal is a hack for clang
MACHINE_INCLUDES=$($CC -dumpmachine) MACHINE_INCLUDES=$($CC -dumpmachine | $SED 's/-pc//')
- if test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then - if test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then
+ if test -f $LDAP_LIBDIR/libldap_r.$SHLIB_SUFFIX_NAME; then + if test -f $LDAP_LIBDIR/libldap_r.$SHLIB_SUFFIX_NAME; then

View File

@ -1,7 +1,7 @@
diff -up php-7.2.0alpha0/ext/dba/config.m4.libdb php-7.2.0alpha0/ext/dba/config.m4 diff -up ./ext/dba/config.m4.libdb ./ext/dba/config.m4
--- php-7.2.0alpha0/ext/dba/config.m4.libdb 2017-05-29 08:56:06.000000000 +0200 --- ./ext/dba/config.m4.libdb 2020-04-09 14:06:11.000000000 +0200
+++ php-7.2.0alpha0/ext/dba/config.m4 2017-05-29 09:13:52.014823282 +0200 +++ ./ext/dba/config.m4 2020-04-09 14:35:08.208605065 +0200
@@ -346,61 +346,13 @@ if test "$PHP_DB4" != "no"; then @@ -375,61 +375,13 @@ if test "$PHP_DB4" != "no"; then
dbdp4="/usr/local/BerkeleyDB.4." dbdp4="/usr/local/BerkeleyDB.4."
dbdp5="/usr/local/BerkeleyDB.5." dbdp5="/usr/local/BerkeleyDB.5."
for i in $PHP_DB4 ${dbdp5}1 ${dbdp5}0 ${dbdp4}8 ${dbdp4}7 ${dbdp4}6 ${dbdp4}5 ${dbdp4}4 ${dbdp4}3 ${dbdp4}2 ${dbdp4}1 ${dbdp}0 /usr/local /usr; do for i in $PHP_DB4 ${dbdp5}1 ${dbdp5}0 ${dbdp4}8 ${dbdp4}7 ${dbdp4}6 ${dbdp4}5 ${dbdp4}4 ${dbdp4}3 ${dbdp4}2 ${dbdp4}1 ${dbdp}0 /usr/local /usr; do
@ -65,21 +65,21 @@ diff -up php-7.2.0alpha0/ext/dba/config.m4.libdb php-7.2.0alpha0/ext/dba/config.
fi fi
PHP_DBA_STD_RESULT(db4,Berkeley DB4) PHP_DBA_STD_RESULT(db4,Berkeley DB4)
diff -up php-7.2.0alpha0/ext/dba/dba.c.libdb php-7.2.0alpha0/ext/dba/dba.c diff -up ./ext/dba/dba.c.libdb ./ext/dba/dba.c
--- php-7.2.0alpha0/ext/dba/dba.c.libdb 2017-05-29 09:16:15.736628202 +0200 --- ./ext/dba/dba.c.libdb 2020-04-09 14:06:11.000000000 +0200
+++ php-7.2.0alpha0/ext/dba/dba.c 2017-05-29 09:16:20.494654746 +0200 +++ ./ext/dba/dba.c 2020-04-09 14:36:30.593275190 +0200
@@ -53,6 +53,10 @@ @@ -50,6 +50,10 @@
#include "php_tcadb.h"
#include "php_lmdb.h" #include "php_lmdb.h"
#include "dba_arginfo.h"
+#ifdef DB4_INCLUDE_FILE +#ifdef DB4_INCLUDE_FILE
+#include DB4_INCLUDE_FILE +#include DB4_INCLUDE_FILE
+#endif +#endif
+ +
/* {{{ arginfo */ PHP_MINIT_FUNCTION(dba);
ZEND_BEGIN_ARG_INFO_EX(arginfo_dba_popen, 0, 0, 2) PHP_MSHUTDOWN_FUNCTION(dba);
ZEND_ARG_INFO(0, path) PHP_MINFO_FUNCTION(dba);
@@ -558,6 +562,10 @@ PHP_MINFO_FUNCTION(dba) @@ -459,6 +463,10 @@ PHP_MINFO_FUNCTION(dba)
php_info_print_table_start(); php_info_print_table_start();
php_info_print_table_row(2, "DBA support", "enabled"); php_info_print_table_row(2, "DBA support", "enabled");

View File

@ -1,7 +1,7 @@
diff -up php-7.2.12RC1/scripts/phpize.in.headers php-7.2.12RC1/scripts/phpize.in diff -up ./scripts/phpize.in.headers ./scripts/phpize.in
--- php-7.2.12RC1/scripts/phpize.in.headers 2018-10-23 11:47:43.000000000 +0200 --- ./scripts/phpize.in.headers 2019-07-23 10:05:11.000000000 +0200
+++ php-7.2.12RC1/scripts/phpize.in 2018-10-23 11:49:51.651818777 +0200 +++ ./scripts/phpize.in 2019-07-23 10:18:13.648098089 +0200
@@ -162,6 +162,15 @@ phpize_autotools() @@ -165,6 +165,15 @@ phpize_autotools()
$PHP_AUTOHEADER || exit 1 $PHP_AUTOHEADER || exit 1
} }
@ -17,7 +17,7 @@ diff -up php-7.2.12RC1/scripts/phpize.in.headers php-7.2.12RC1/scripts/phpize.in
# Main script # Main script
case "$1" in case "$1" in
@@ -180,12 +189,15 @@ case "$1" in @@ -183,12 +192,15 @@ case "$1" in
# Version # Version
--version|-v) --version|-v)

View File

@ -1,24 +1,25 @@
--- php-5.6.3/sapi/embed/config.m4.embed diff -up ./sapi/embed/config.m4.embed ./sapi/embed/config.m4
+++ php-5.6.3/sapi/embed/config.m4 --- ./sapi/embed/config.m4.embed 2020-07-07 13:51:05.879764972 +0200
+++ ./sapi/embed/config.m4 2020-07-07 13:52:50.128412148 +0200
@@ -12,7 +12,8 @@ if test "$PHP_EMBED" != "no"; then @@ -12,7 +12,8 @@ if test "$PHP_EMBED" != "no"; then
case "$PHP_EMBED" in
yes|shared) yes|shared)
LIBPHP_CFLAGS="-shared"
PHP_EMBED_TYPE=shared PHP_EMBED_TYPE=shared
- INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib" - INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib"
+ EXTRA_LDFLAGS="$EXTRA_LDFLAGS -release \$(PHP_MAJOR_VERSION).\$(PHP_MINOR_VERSION)" + EXTRA_LDFLAGS="$EXTRA_LDFLAGS -release \$(PHP_MAJOR_VERSION).\$(PHP_MINOR_VERSION)"
+ INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)" + INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)"
;; ;;
static) static)
PHP_EMBED_TYPE=static LIBPHP_CFLAGS="-static"
diff -up php-5.5.30/scripts/php-config.in.old php-5.5.30/scripts/php-config.in diff -up ./scripts/php-config.in.embed ./scripts/php-config.in
--- php-5.5.30/scripts/php-config.in.old 2015-10-19 15:17:31.944747715 +0200 --- ./scripts/php-config.in.embed 2020-07-07 12:54:42.000000000 +0200
+++ php-5.5.30/scripts/php-config.in 2015-10-19 15:17:58.278858083 +0200 +++ ./scripts/php-config.in 2020-07-07 13:51:05.880764968 +0200
@@ -18,7 +18,7 @@ exe_extension="@EXEEXT@" @@ -18,7 +18,7 @@ exe_extension="@EXEEXT@"
php_cli_binary=NONE php_cli_binary=NONE
php_cgi_binary=NONE php_cgi_binary=NONE
configure_options="@CONFIGURE_OPTIONS@" configure_options="@CONFIGURE_OPTIONS@"
-php_sapis="@PHP_INSTALLED_SAPIS@" -php_sapis="@PHP_INSTALLED_SAPIS@"
+php_sapis="apache2handler embed fpm @PHP_INSTALLED_SAPIS@" +php_sapis="apache2handler litespeed fpm phpdbg @PHP_INSTALLED_SAPIS@"
ini_dir="@EXPANDED_PHP_CONFIG_FILE_SCAN_DIR@"
ini_path="@EXPANDED_PHP_CONFIG_FILE_PATH@"
# Set php_cli_binary and php_cgi_binary if available
for sapi in $php_sapis; do

View File

@ -0,0 +1,118 @@
Drop "Configure Command" from phpinfo as it doesn't
provide any useful information.
The available extensions are not related to this command.
Replace full GCC name by gcc in php -v output
Also apply
From 9bf43c45908433d382f0499d529849172d0d8206 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Mon, 28 Dec 2020 08:33:09 +0100
Subject: [PATCH] rename COMPILER and ARCHITECTURE macro (too generic)
---
configure.ac | 4 ++--
ext/standard/info.c | 8 ++++----
sapi/cli/php_cli.c | 8 ++++----
win32/build/confutils.js | 10 +++++-----
4 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9d9c8b155b07..143dc061346b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1289,10 +1289,10 @@ if test -n "${PHP_BUILD_PROVIDER}"; then
AC_DEFINE_UNQUOTED(PHP_BUILD_PROVIDER,"$PHP_BUILD_PROVIDER",[build provider])
fi
if test -n "${PHP_BUILD_COMPILER}"; then
- AC_DEFINE_UNQUOTED(COMPILER,"$PHP_BUILD_COMPILER",[used compiler for build])
+ AC_DEFINE_UNQUOTED(PHP_BUILD_COMPILER,"$PHP_BUILD_COMPILER",[used compiler for build])
fi
if test -n "${PHP_BUILD_ARCH}"; then
- AC_DEFINE_UNQUOTED(ARCHITECTURE,"$PHP_BUILD_ARCH",[build architecture])
+ AC_DEFINE_UNQUOTED(PHP_BUILD_ARCH,"$PHP_BUILD_ARCH",[build architecture])
fi
PHP_SUBST_OLD(PHP_INSTALLED_SAPIS)
diff --git a/ext/standard/info.c b/ext/standard/info.c
index 153cb6cde014..8ceef31d9fe4 100644
--- a/ext/standard/info.c
+++ b/ext/standard/info.c
@@ -798,11 +798,11 @@ PHPAPI ZEND_COLD void php_print_info(int flag)
#ifdef PHP_BUILD_PROVIDER
php_info_print_table_row(2, "Build Provider", PHP_BUILD_PROVIDER);
#endif
-#ifdef COMPILER
- php_info_print_table_row(2, "Compiler", COMPILER);
+#ifdef PHP_BUILD_COMPILER
+ php_info_print_table_row(2, "Compiler", PHP_BUILD_COMPILER);
#endif
-#ifdef ARCHITECTURE
- php_info_print_table_row(2, "Architecture", ARCHITECTURE);
+#ifdef PHP_BUILD_ARCH
+ php_info_print_table_row(2, "Architecture", PHP_BUILD_ARCH);
#endif
#ifdef CONFIGURE_COMMAND
php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
diff --git a/sapi/cli/php_cli.c b/sapi/cli/php_cli.c
index 5092fb0ffd68..9d296acec631 100644
--- a/sapi/cli/php_cli.c
+++ b/sapi/cli/php_cli.c
@@ -640,12 +640,12 @@ static int do_cli(int argc, char **argv) /* {{{ */
#else
"NTS "
#endif
-#ifdef COMPILER
- COMPILER
+#ifdef PHP_BUILD_COMPILER
+ PHP_BUILD_COMPILER
" "
#endif
-#ifdef ARCHITECTURE
- ARCHITECTURE
+#ifdef PHP_BUILD_ARCH
+ PHP_BUILD_ARCH
" "
#endif
#if ZEND_DEBUG
diff -up ./ext/standard/info.c.phpinfo ./ext/standard/info.c
--- ./ext/standard/info.c.phpinfo 2020-07-21 10:49:31.000000000 +0200
+++ ./ext/standard/info.c 2020-07-21 11:41:56.295633523 +0200
@@ -804,9 +804,6 @@ PHPAPI ZEND_COLD void php_print_info(int
#ifdef PHP_BUILD_ARCH
php_info_print_table_row(2, "Architecture", PHP_BUILD_ARCH);
#endif
-#ifdef CONFIGURE_COMMAND
- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
-#endif
if (sapi_module.pretty_name) {
php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
diff -up ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo ./ext/standard/tests/general_functions/phpinfo.phpt
--- ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo 2020-07-21 10:49:31.000000000 +0200
+++ ./ext/standard/tests/general_functions/phpinfo.phpt 2020-07-21 11:41:56.296633522 +0200
@@ -17,7 +17,6 @@ PHP Version => %s
System => %s
Build Date => %s%a
-Configure Command => %s
Server API => Command Line Interface
Virtual Directory Support => %s
Configuration File (php.ini) Path => %s
diff -up ./sapi/cli/php_cli.c.phpinfo ./sapi/cli/php_cli.c
--- ./sapi/cli/php_cli.c.phpinfo 2020-07-21 11:43:38.812475300 +0200
+++ ./sapi/cli/php_cli.c 2020-07-21 11:43:45.783464540 +0200
@@ -641,8 +641,7 @@ static int do_cli(int argc, char **argv)
"NTS "
#endif
#ifdef PHP_BUILD_COMPILER
- PHP_BUILD_COMPILER
- " "
+ "gcc "
#endif
#ifdef PHP_BUILD_ARCH
PHP_BUILD_ARCH

View File

@ -0,0 +1,515 @@
Backported for 8.0 from
From 8bb0c74e24359a11216824117ac3adf3d5ef7b71 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 5 Aug 2021 11:10:15 +0200
Subject: [PATCH] switch phar to use sha256 signature by default
---
ext/phar/phar/pharcommand.inc | 2 +-
ext/phar/tests/create_new_and_modify.phpt | 4 ++--
ext/phar/tests/create_new_phar_c.phpt | 4 ++--
ext/phar/tests/phar_setsignaturealgo2.phpt | 2 +-
ext/phar/tests/tar/phar_setsignaturealgo2.phpt | 2 +-
ext/phar/tests/zip/phar_setsignaturealgo2.phpt | 2 +-
ext/phar/util.c | 6 +++---
ext/phar/zip.c | 2 +-
8 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/ext/phar/phar/pharcommand.inc b/ext/phar/phar/pharcommand.inc
index a31290eee75fe..5f698b4bec26b 100644
--- a/ext/phar/phar/pharcommand.inc
+++ b/ext/phar/phar/pharcommand.inc
@@ -92,7 +92,7 @@ class PharCommand extends CLICommand
'typ' => 'select',
'val' => NULL,
'inf' => '<method> Selects the hash algorithm.',
- 'select' => array('md5' => 'MD5','sha1' => 'SHA1')
+ 'select' => array('md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL')
),
'i' => array(
'typ' => 'regex',
diff --git a/ext/phar/tests/create_new_and_modify.phpt b/ext/phar/tests/create_new_and_modify.phpt
index 02e36c6cea2fe..32defcae8a639 100644
--- a/ext/phar/tests/create_new_and_modify.phpt
+++ b/ext/phar/tests/create_new_and_modify.phpt
@@ -49,8 +49,8 @@ include $pname . '/b.php';
<?php unlink(__DIR__ . '/' . basename(__FILE__, '.clean.php') . '.phar.php'); ?>
--EXPECTF--
brand new!
-string(40) "%s"
-string(40) "%s"
+string(%d) "%s"
+string(%d) "%s"
bool(true)
modified!
another!
diff --git a/ext/phar/tests/create_new_phar_c.phpt b/ext/phar/tests/create_new_phar_c.phpt
index 566d3c4d5f8ad..bf6d740fd1d10 100644
--- a/ext/phar/tests/create_new_phar_c.phpt
+++ b/ext/phar/tests/create_new_phar_c.phpt
@@ -20,7 +20,7 @@ var_dump($phar->getSignature());
--EXPECTF--
array(2) {
["hash"]=>
- string(40) "%s"
+ string(64) "%s"
["hash_type"]=>
- string(5) "SHA-1"
+ string(7) "SHA-256"
}
diff --git a/ext/phar/tests/phar_setsignaturealgo2.phpt b/ext/phar/tests/phar_setsignaturealgo2.phpt
index 293d3196713d8..4f31836fbbbcc 100644
--- a/ext/phar/tests/phar_setsignaturealgo2.phpt
+++ b/ext/phar/tests/phar_setsignaturealgo2.phpt
@@ -52,7 +52,7 @@ array(2) {
["hash"]=>
string(%d) "%s"
["hash_type"]=>
- string(5) "SHA-1"
+ string(7) "SHA-256"
}
array(2) {
["hash"]=>
diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
index 9923ac5c88476..cc10a241d739b 100644
--- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
+++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
@@ -51,7 +51,7 @@ array(2) {
["hash"]=>
string(%d) "%s"
["hash_type"]=>
- string(5) "SHA-1"
+ string(7) "SHA-256"
}
array(2) {
["hash"]=>
diff --git a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
index 8de77479d7825..60fec578ee894 100644
--- a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
+++ b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
@@ -78,7 +78,7 @@ array(2) {
["hash"]=>
string(%d) "%s"
["hash_type"]=>
- string(5) "SHA-1"
+ string(7) "SHA-256"
}
array(2) {
["hash"]=>
diff --git a/ext/phar/util.c b/ext/phar/util.c
index 314acfe81a788..8d2db03b69601 100644
--- a/ext/phar/util.c
+++ b/ext/phar/util.c
@@ -1798,6 +1798,8 @@ int phar_create_signature(phar_archive_d
*signature_length = 64;
break;
}
+ default:
+ phar->sig_flags = PHAR_SIG_SHA256;
case PHAR_SIG_SHA256: {
unsigned char digest[32];
PHP_SHA256_CTX context;
@@ -1894,8 +1896,6 @@ int phar_create_signature(phar_archive_d
*signature_length = siglen;
}
break;
- default:
- phar->sig_flags = PHAR_SIG_SHA1;
case PHAR_SIG_SHA1: {
unsigned char digest[20];
PHP_SHA1_CTX context;
diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index 31d4bd2998215..c5e38cabf7b87 100644
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -1423,7 +1423,7 @@ int phar_zip_flush(phar_archive_data *phar, char *user_stub, zend_long len, int
memcpy(eocd.signature, "PK\5\6", 4);
if (!phar->is_data && !phar->sig_flags) {
- phar->sig_flags = PHAR_SIG_SHA1;
+ phar->sig_flags = PHAR_SIG_SHA256;
}
if (phar->sig_flags) {
PHAR_SET_16(eocd.counthere, zend_hash_num_elements(&phar->manifest) + 1);
From c51af22fef988c1b2f92b7b9e3a9d745f7084815 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 5 Aug 2021 16:49:48 +0200
Subject: [PATCH] implement openssl_256 and openssl_512 for phar singatures
---
ext/openssl/openssl.c | 1 +
ext/phar/phar.1.in | 10 +++-
ext/phar/phar.c | 8 +++-
ext/phar/phar/pharcommand.inc | 14 +++++-
ext/phar/phar_internal.h | 2 +
ext/phar/phar_object.c | 24 ++++++++--
ext/phar/tests/files/openssl256.phar | Bin 0 -> 7129 bytes
ext/phar/tests/files/openssl256.phar.pubkey | 6 +++
ext/phar/tests/files/openssl512.phar | Bin 0 -> 7129 bytes
ext/phar/tests/files/openssl512.phar.pubkey | 6 +++
.../phar_get_supported_signatures_002a.phpt | 6 ++-
.../tests/tar/phar_setsignaturealgo2.phpt | 16 +++++++
ext/phar/tests/test_signaturealgos.phpt | 8 ++++
ext/phar/util.c | 45 ++++++++++++++----
14 files changed, 128 insertions(+), 18 deletions(-)
create mode 100644 ext/phar/tests/files/openssl256.phar
create mode 100644 ext/phar/tests/files/openssl256.phar.pubkey
create mode 100644 ext/phar/tests/files/openssl512.phar
create mode 100644 ext/phar/tests/files/openssl512.phar.pubkey
diff --git a/ext/phar/phar.1.in b/ext/phar/phar.1.in
index 77912b241dfd5..323e77b0e2a3b 100644
--- a/ext/phar/phar.1.in
+++ b/ext/phar/phar.1.in
@@ -475,7 +475,15 @@ SHA512
.TP
.PD
.B openssl
-OpenSSL
+OpenSSL using SHA-1
+.TP
+.PD
+.B openssl_sha256
+OpenSSL using SHA-256
+.TP
+.PD
+.B openssl_sha512
+OpenSSL using SHA-512
.SH SEE ALSO
For a more or less complete description of PHAR look here:
diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index 77f21cef9da53..bc08e4edde05d 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -869,6 +869,8 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, size_t fname_len, ch
PHAR_GET_32(sig_ptr, sig_flags);
switch(sig_flags) {
+ case PHAR_SIG_OPENSSL_SHA512:
+ case PHAR_SIG_OPENSSL_SHA256:
case PHAR_SIG_OPENSSL: {
uint32_t signature_len;
char *sig;
@@ -903,7 +905,7 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, size_t fname_len, ch
return FAILURE;
}
- if (FAILURE == phar_verify_signature(fp, end_of_phar, PHAR_SIG_OPENSSL, sig, signature_len, fname, &signature, &sig_len, error)) {
+ if (FAILURE == phar_verify_signature(fp, end_of_phar, sig_flags, sig, signature_len, fname, &signature, &sig_len, error)) {
efree(savebuf);
efree(sig);
php_stream_close(fp);
@@ -3162,7 +3164,9 @@ int phar_flush(phar_archive_data *phar, char *user_stub, zend_long len, int conv
php_stream_write(newfile, digest, digest_len);
efree(digest);
- if (phar->sig_flags == PHAR_SIG_OPENSSL) {
+ if (phar->sig_flags == PHAR_SIG_OPENSSL ||
+ phar->sig_flags == PHAR_SIG_OPENSSL_SHA256 ||
+ phar->sig_flags == PHAR_SIG_OPENSSL_SHA512) {
phar_set_32(sig_buf, digest_len);
php_stream_write(newfile, sig_buf, 4);
}
diff --git a/ext/phar/phar/pharcommand.inc b/ext/phar/phar/pharcommand.inc
index 5f698b4bec26b..1b1eeca59c560 100644
--- a/ext/phar/phar/pharcommand.inc
+++ b/ext/phar/phar/pharcommand.inc
@@ -92,7 +92,7 @@ class PharCommand extends CLICommand
'typ' => 'select',
'val' => NULL,
'inf' => '<method> Selects the hash algorithm.',
- 'select' => array('md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL')
+ 'select' => ['md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL', 'openssl_sha256' => 'OPENSSL_SHA256', 'openssl_sha512' => 'OPENSSL_SHA512']
),
'i' => array(
'typ' => 'regex',
@@ -156,6 +156,8 @@ class PharCommand extends CLICommand
$hash_avail = Phar::getSupportedSignatures();
$hash_optional = array('SHA-256' => 'SHA256',
'SHA-512' => 'SHA512',
+ 'OpenSSL_sha256' => 'OpenSSL_SHA256',
+ 'OpenSSL_sha512' => 'OpenSSL_SHA512',
'OpenSSL' => 'OpenSSL');
if (!in_array('OpenSSL', $hash_avail)) {
unset($phar_args['y']);
@@ -429,6 +431,16 @@ class PharCommand extends CLICommand
self::error("Cannot use OpenSSL signing without key.\n");
}
return Phar::OPENSSL;
+ case 'openssl_sha256':
+ if (!$privkey) {
+ self::error("Cannot use OpenSSL signing without key.\n");
+ }
+ return Phar::OPENSSL_SHA256;
+ case 'openssl_sha512':
+ if (!$privkey) {
+ self::error("Cannot use OpenSSL signing without key.\n");
+ }
+ return Phar::OPENSSL_SHA512;
}
}
// }}}
diff --git a/ext/phar/phar_internal.h b/ext/phar/phar_internal.h
index a9f81e2ab994a..30b408a8c4462 100644
--- a/ext/phar/phar_internal.h
+++ b/ext/phar/phar_internal.h
@@ -88,6 +88,8 @@
#define PHAR_SIG_SHA256 0x0003
#define PHAR_SIG_SHA512 0x0004
#define PHAR_SIG_OPENSSL 0x0010
+#define PHAR_SIG_OPENSSL_SHA256 0x0011
+#define PHAR_SIG_OPENSSL_SHA512 0x0012
/* flags byte for each file adheres to these bitmasks.
All unused values are reserved */
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 9c1e5f2fa1eef..c05970e657f18 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -1246,9 +1246,13 @@ PHP_METHOD(Phar, getSupportedSignatures)
add_next_index_stringl(return_value, "SHA-512", 7);
#ifdef PHAR_HAVE_OPENSSL
add_next_index_stringl(return_value, "OpenSSL", 7);
+ add_next_index_stringl(return_value, "OpenSSL_SHA256", 14);
+ add_next_index_stringl(return_value, "OpenSSL_SHA512", 14);
#else
if (zend_hash_str_exists(&module_registry, "openssl", sizeof("openssl")-1)) {
add_next_index_stringl(return_value, "OpenSSL", 7);
+ add_next_index_stringl(return_value, "OpenSSL_SHA256", 14);
+ add_next_index_stringl(return_value, "OpenSSL_SHA512", 14);
}
#endif
}
@@ -3028,6 +3032,8 @@ PHP_METHOD(Phar, setSignatureAlgorithm)
case PHAR_SIG_MD5:
case PHAR_SIG_SHA1:
case PHAR_SIG_OPENSSL:
+ case PHAR_SIG_OPENSSL_SHA256:
+ case PHAR_SIG_OPENSSL_SHA512:
if (phar_obj->archive->is_persistent && FAILURE == phar_copy_on_write(&(phar_obj->archive))) {
zend_throw_exception_ex(phar_ce_PharException, 0, "phar \"%s\" is persistent, unable to copy on write", phar_obj->archive->fname);
RETURN_THROWS();
@@ -3066,19 +3072,25 @@ PHP_METHOD(Phar, getSignature)
add_assoc_stringl(return_value, "hash", phar_obj->archive->signature, phar_obj->archive->sig_len);
switch(phar_obj->archive->sig_flags) {
case PHAR_SIG_MD5:
- add_assoc_stringl(return_value, "hash_type", "MD5", 3);
+ add_assoc_string(return_value, "hash_type", "MD5");
break;
case PHAR_SIG_SHA1:
- add_assoc_stringl(return_value, "hash_type", "SHA-1", 5);
+ add_assoc_string(return_value, "hash_type", "SHA-1");
break;
case PHAR_SIG_SHA256:
- add_assoc_stringl(return_value, "hash_type", "SHA-256", 7);
+ add_assoc_string(return_value, "hash_type", "SHA-256");
break;
case PHAR_SIG_SHA512:
- add_assoc_stringl(return_value, "hash_type", "SHA-512", 7);
+ add_assoc_string(return_value, "hash_type", "SHA-512");
break;
case PHAR_SIG_OPENSSL:
- add_assoc_stringl(return_value, "hash_type", "OpenSSL", 7);
+ add_assoc_string(return_value, "hash_type", "OpenSSL");
+ break;
+ case PHAR_SIG_OPENSSL_SHA256:
+ add_assoc_string(return_value, "hash_type", "OpenSSL_SHA256");
+ break;
+ case PHAR_SIG_OPENSSL_SHA512:
+ add_assoc_string(return_value, "hash_type", "OpenSSL_SHA512");
break;
default:
unknown = strpprintf(0, "Unknown (%u)", phar_obj->archive->sig_flags);
@@ -5103,6 +5115,8 @@ void phar_object_init(void) /* {{{ */
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHPS", PHAR_MIME_PHPS)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "MD5", PHAR_SIG_MD5)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL", PHAR_SIG_OPENSSL)
+ REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL_SHA256", PHAR_SIG_OPENSSL_SHA256)
+ REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL_SHA512", PHAR_SIG_OPENSSL_SHA512)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA1", PHAR_SIG_SHA1)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA256", PHAR_SIG_SHA256)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA512", PHAR_SIG_SHA512)
diff --git a/ext/phar/tests/phar_get_supported_signatures_002a.phpt b/ext/phar/tests/phar_get_supported_signatures_002a.phpt
index 06d811f2c35c2..639143b3d2c90 100644
--- a/ext/phar/tests/phar_get_supported_signatures_002a.phpt
+++ b/ext/phar/tests/phar_get_supported_signatures_002a.phpt
@@ -14,7 +14,7 @@ phar.readonly=0
var_dump(Phar::getSupportedSignatures());
?>
--EXPECT--
-array(5) {
+array(7) {
[0]=>
string(3) "MD5"
[1]=>
@@ -25,4 +25,8 @@ array(5) {
string(7) "SHA-512"
[4]=>
string(7) "OpenSSL"
+ [5]=>
+ string(14) "OpenSSL_SHA256"
+ [6]=>
+ string(14) "OpenSSL_SHA512"
}
diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
index cc10a241d739b..c2eb5d77a5bf0 100644
--- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
+++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
@@ -38,6 +38,10 @@ $pkey = '';
openssl_pkey_export($private, $pkey, NULL, $config_arg);
$p->setSignatureAlgorithm(Phar::OPENSSL, $pkey);
var_dump($p->getSignature());
+$p->setSignatureAlgorithm(Phar::OPENSSL_SHA512, $pkey);
+var_dump($p->getSignature());
+$p->setSignatureAlgorithm(Phar::OPENSSL_SHA256, $pkey);
+var_dump($p->getSignature());
} catch (Exception $e) {
echo $e->getMessage();
}
@@ -83,3 +87,15 @@ array(2) {
["hash_type"]=>
string(7) "OpenSSL"
}
+array(2) {
+ ["hash"]=>
+ string(%d) "%s"
+ ["hash_type"]=>
+ string(14) "OpenSSL_SHA512"
+}
+array(2) {
+ ["hash"]=>
+ string(%d) "%s"
+ ["hash_type"]=>
+ string(14) "OpenSSL_SHA256"
+}
diff --git a/ext/phar/util.c b/ext/phar/util.c
index 8d2db03b69601..515830bf2c70a 100644
--- a/ext/phar/util.c
+++ b/ext/phar/util.c
@@ -34,7 +34,7 @@
#include <openssl/ssl.h>
#include <openssl/pkcs12.h>
#else
-static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len);
+static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, php_uint32 sig_type);
#endif
/* for links to relative location, prepend cwd of the entry */
@@ -1381,11 +1381,11 @@ static int phar_hex_str(const char *digest, size_t digest_len, char **signature)
/* }}} */
#ifndef PHAR_HAVE_OPENSSL
-static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len) /* {{{ */
+static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, php_uint32 sig_type) /* {{{ */
{
zend_fcall_info fci;
zend_fcall_info_cache fcc;
- zval retval, zp[3], openssl;
+ zval retval, zp[4], openssl;
zend_string *str;
ZVAL_STRINGL(&openssl, is_sign ? "openssl_sign" : "openssl_verify", is_sign ? sizeof("openssl_sign")-1 : sizeof("openssl_verify")-1);
@@ -1402,6 +1402,14 @@ static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t
} else {
ZVAL_EMPTY_STRING(&zp[0]);
}
+ if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
+ ZVAL_LONG(&zp[3], 9); /* value from openssl.c #define OPENSSL_ALGO_SHA512 9 */
+ } else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
+ ZVAL_LONG(&zp[3], 7); /* value from openssl.c #define OPENSSL_ALGO_SHA256 7 */
+ } else {
+ /* don't rely on default value which may change in the future */
+ ZVAL_LONG(&zp[3], 1); /* value from openssl.c #define OPENSSL_ALGO_SHA1 1 */
+ }
if ((size_t)end != Z_STRLEN(zp[0])) {
zval_ptr_dtor_str(&zp[0]);
@@ -1419,7 +1427,7 @@ static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t
return FAILURE;
}
- fci.param_count = 3;
+ fci.param_count = 4;
fci.params = zp;
Z_ADDREF(zp[0]);
if (is_sign) {
@@ -1482,12 +1490,22 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
php_stream_rewind(fp);
switch (sig_type) {
+ case PHAR_SIG_OPENSSL_SHA512:
+ case PHAR_SIG_OPENSSL_SHA256:
case PHAR_SIG_OPENSSL: {
#ifdef PHAR_HAVE_OPENSSL
BIO *in;
EVP_PKEY *key;
- EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
+ const EVP_MD *mdtype;
EVP_MD_CTX *md_ctx;
+
+ if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
+ mdtype = EVP_sha512();
+ } else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
+ mdtype = EVP_sha256();
+ } else {
+ mdtype = EVP_sha1();
+ }
#else
size_t tempsig;
#endif
@@ -1521,7 +1539,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
#ifndef PHAR_HAVE_OPENSSL
tempsig = sig_len;
- if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, pubkey ? ZSTR_VAL(pubkey) : NULL, pubkey ? ZSTR_LEN(pubkey) : 0, &sig, &tempsig)) {
+ if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, pubkey ? ZSTR_VAL(pubkey) : NULL, pubkey ? ZSTR_LEN(pubkey) : 0, &sig, &tempsig, sig_type)) {
if (pubkey) {
zend_string_release_ex(pubkey, 0);
}
@@ -1815,6 +1833,8 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
*signature_length = 32;
break;
}
+ case PHAR_SIG_OPENSSL_SHA512:
+ case PHAR_SIG_OPENSSL_SHA256:
case PHAR_SIG_OPENSSL: {
unsigned char *sigbuf;
#ifdef PHAR_HAVE_OPENSSL
@@ -1822,6 +1842,15 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
BIO *in;
EVP_PKEY *key;
EVP_MD_CTX *md_ctx;
+ const EVP_MD *mdtype;
+
+ if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA512) {
+ mdtype = EVP_sha512();
+ } else if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA256) {
+ mdtype = EVP_sha256();
+ } else {
+ mdtype = EVP_sha1();
+ }
in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len));
@@ -1847,7 +1876,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
siglen = EVP_PKEY_size(key);
sigbuf = emalloc(siglen + 1);
- if (!EVP_SignInit(md_ctx, EVP_sha1())) {
+ if (!EVP_SignInit(md_ctx, mdtype)) {
EVP_PKEY_free(key);
efree(sigbuf);
if (error) {
@@ -1885,7 +1914,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
siglen = 0;
php_stream_seek(fp, 0, SEEK_END);
- if (FAILURE == phar_call_openssl_signverify(1, fp, php_stream_tell(fp), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen)) {
+ if (FAILURE == phar_call_openssl_signverify(1, fp, php_stream_tell(fp), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen, phar->sig_flags)) {
if (error) {
spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname);
}

View File

@ -0,0 +1,143 @@
Backported for 8.0 from
From 718e91343fddb8817a004f96f111c424843bf746 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Wed, 11 Aug 2021 13:02:18 +0200
Subject: [PATCH] add SHA256 and SHA512 for security protocol
---
ext/snmp/config.m4 | 18 +++++++++-
ext/snmp/snmp.c | 33 ++++++++++++++++++-
.../tests/snmp-object-setSecurity_error.phpt | 2 +-
ext/snmp/tests/snmp3-error.phpt | 2 +-
4 files changed, 51 insertions(+), 4 deletions(-)
diff --git a/ext/snmp/config.m4 b/ext/snmp/config.m4
index 1475ddfe2b7f0..f285a572de9cb 100644
--- a/ext/snmp/config.m4
+++ b/ext/snmp/config.m4
@@ -30,7 +30,7 @@ if test "$PHP_SNMP" != "no"; then
AC_MSG_ERROR([Could not find the required paths. Please check your net-snmp installation.])
fi
else
- AC_MSG_ERROR([Net-SNMP version 5.3 or greater reqired (detected $snmp_full_version).])
+ AC_MSG_ERROR([Net-SNMP version 5.3 or greater required (detected $snmp_full_version).])
fi
else
AC_MSG_ERROR([Could not find net-snmp-config binary. Please check your net-snmp installation.])
@@ -54,6 +54,22 @@ if test "$PHP_SNMP" != "no"; then
$SNMP_SHARED_LIBADD
])
+ dnl Check whether usmHMAC192SHA256AuthProtocol exists.
+ PHP_CHECK_LIBRARY($SNMP_LIBNAME, usmHMAC192SHA256AuthProtocol,
+ [
+ AC_DEFINE(HAVE_SNMP_SHA256, 1, [ ])
+ ], [], [
+ $SNMP_SHARED_LIBADD
+ ])
+
+ dnl Check whether usmHMAC384SHA512AuthProtocol exists.
+ PHP_CHECK_LIBRARY($SNMP_LIBNAME, usmHMAC384SHA512AuthProtocol,
+ [
+ AC_DEFINE(HAVE_SNMP_SHA512, 1, [ ])
+ ], [], [
+ $SNMP_SHARED_LIBADD
+ ])
+
PHP_NEW_EXTENSION(snmp, snmp.c, $ext_shared)
PHP_SUBST(SNMP_SHARED_LIBADD)
fi
diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c
index 69d6549405b17..f0917501751f5 100644
--- a/ext/snmp/snmp.c
+++ b/ext/snmp/snmp.c
@@ -29,6 +29,7 @@
#include "php_snmp.h"
#include "zend_exceptions.h"
+#include "zend_smart_string.h"
#include "ext/spl/spl_exceptions.h"
#include "snmp_arginfo.h"
@@ -938,16 +939,48 @@ static int netsnmp_session_set_auth_protocol(struct snmp_session *s, char *prot)
if (!strcasecmp(prot, "MD5")) {
s->securityAuthProto = usmHMACMD5AuthProtocol;
s->securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN;
- } else
+ return 0;
+ }
#endif
+
if (!strcasecmp(prot, "SHA")) {
s->securityAuthProto = usmHMACSHA1AuthProtocol;
s->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
- } else {
- zend_value_error("Authentication protocol must be either \"MD5\" or \"SHA\"");
- return (-1);
+ return 0;
}
- return (0);
+
+#ifdef HAVE_SNMP_SHA256
+ if (!strcasecmp(prot, "SHA256")) {
+ s->securityAuthProto = usmHMAC192SHA256AuthProtocol;
+ s->securityAuthProtoLen = sizeof(usmHMAC192SHA256AuthProtocol) / sizeof(oid);
+ return 0;
+ }
+#endif
+
+#ifdef HAVE_SNMP_SHA512
+ if (!strcasecmp(prot, "SHA512")) {
+ s->securityAuthProto = usmHMAC384SHA512AuthProtocol;
+ s->securityAuthProtoLen = sizeof(usmHMAC384SHA512AuthProtocol) / sizeof(oid);
+ return 0;
+ }
+#endif
+
+ smart_string err = {0};
+
+ smart_string_appends(&err, "Authentication protocol must be \"SHA\"");
+#ifdef HAVE_SNMP_SHA256
+ smart_string_appends(&err, " or \"SHA256\"");
+#endif
+#ifdef HAVE_SNMP_SHA512
+ smart_string_appends(&err, " or \"SHA512\"");
+#endif
+#ifndef DISABLE_MD5
+ smart_string_appends(&err, " or \"MD5\"");
+#endif
+ smart_string_0(&err);
+ zend_value_error("%s", err.c);
+ smart_string_free(&err);
+ return -1;
}
/* }}} */
diff --git a/ext/snmp/tests/snmp-object-setSecurity_error.phpt b/ext/snmp/tests/snmp-object-setSecurity_error.phpt
index f8de846492a75..cf4f928837773 100644
--- a/ext/snmp/tests/snmp-object-setSecurity_error.phpt
+++ b/ext/snmp/tests/snmp-object-setSecurity_error.phpt
@@ -59,7 +59,7 @@ var_dump($session->close());
--EXPECTF--
Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
-Authentication protocol must be either "MD5" or "SHA"
+Authentication protocol must be %s
Warning: SNMP::setSecurity(): Error generating a key for authentication pass phrase '': Generic error (The supplied password length is too short.) in %s on line %d
bool(false)
diff --git a/ext/snmp/tests/snmp3-error.phpt b/ext/snmp/tests/snmp3-error.phpt
index 849e363b45058..389800dad6b28 100644
--- a/ext/snmp/tests/snmp3-error.phpt
+++ b/ext/snmp/tests/snmp3-error.phpt
@@ -58,7 +58,7 @@ try {
Checking error handling
Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
-Authentication protocol must be either "MD5" or "SHA"
+Authentication protocol must be %s
Warning: snmp3_get(): Error generating a key for authentication pass phrase '': Generic error (The supplied password length is too short.) in %s on line %d
bool(false)

View File

@ -5,7 +5,11 @@ Add support for use of the system timezone database, rather
than embedding a copy. Discussed upstream but was not desired. than embedding a copy. Discussed upstream but was not desired.
History: History:
r17: adapt for autotool change in 7.2.16RC1 r21: retrieve tzdata version from /usr/share/zoneinfo/tzdata.zi
r20: adapt for timelib 2020.03 (in 8.0.10RC1)
r19: adapt for timelib 2020.02 (in 8.0.0beta2)
r18: adapt for autotool change in 7.3.3RC1
r17: adapt for timelib 2018.01 (in 7.3.2RC1)
r16: adapt for timelib 2017.06 (in 7.2.3RC1) r16: adapt for timelib 2017.06 (in 7.2.3RC1)
r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1) r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1)
r14: improve check for valid tz file r14: improve check for valid tz file
@ -28,10 +32,11 @@ r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
r2: add filesystem trawl to set up name alias index r2: add filesystem trawl to set up name alias index
r1: initial revision r1: initial revision
diff -up php-7.2.16RC1/ext/date/config0.m4.systzdata php-7.2.16RC1/ext/date/config0.m4 diff --git a/ext/date/config0.m4 b/ext/date/config0.m4
--- php-7.2.16RC1/ext/date/config0.m4.systzdata 2019-02-19 11:22:22.223741585 +0100 index 20e4164aaa..a61243646d 100644
+++ php-7.2.16RC1/ext/date/config0.m4 2019-02-19 11:23:05.089111556 +0100 --- a/ext/date/config0.m4
@@ -10,6 +10,19 @@ io.h +++ b/ext/date/config0.m4
@@ -4,6 +4,19 @@ AC_CHECK_HEADERS([io.h])
dnl Check for strtoll, atoll dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll) AC_CHECK_FUNCS(strtoll atoll)
@ -51,10 +56,11 @@ diff -up php-7.2.16RC1/ext/date/config0.m4.systzdata php-7.2.16RC1/ext/date/conf
PHP_DATE_CFLAGS="-I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1" PHP_DATE_CFLAGS="-I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1"
timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c
lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c" lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/lib/parse_tz.c diff --git a/ext/date/lib/parse_tz.c b/ext/date/lib/parse_tz.c
--- php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata 2019-02-19 11:13:22.000000000 +0100 index e9bd0f136d..c04ff01adc 100644
+++ php-7.2.16RC1/ext/date/lib/parse_tz.c 2019-02-19 11:19:40.245313535 +0100 --- a/ext/date/lib/parse_tz.c
@@ -25,8 +25,21 @@ +++ b/ext/date/lib/parse_tz.c
@@ -26,8 +26,21 @@
#include "timelib.h" #include "timelib.h"
#include "timelib_private.h" #include "timelib_private.h"
@ -76,7 +82,7 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
#if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__)) #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
# if defined(__LITTLE_ENDIAN__) # if defined(__LITTLE_ENDIAN__)
@@ -67,6 +80,11 @@ static int read_php_preamble(const unsig @@ -94,6 +107,11 @@ static int read_php_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
{ {
uint32_t version; uint32_t version;
@ -88,11 +94,11 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
/* read ID */ /* read ID */
version = (*tzf)[3] - '0'; version = (*tzf)[3] - '0';
*tzf += 4; *tzf += 4;
@@ -374,7 +392,429 @@ void timelib_dump_tzinfo(timelib_tzinfo @@ -435,7 +453,467 @@ void timelib_dump_tzinfo(timelib_tzinfo *tz)
} }
} }
-static int seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) -static int seek_to_tz_position(const unsigned char **tzf, const char *timezone, const timelib_tzdb *tzdb)
+#ifdef HAVE_SYSTEM_TZDATA +#ifdef HAVE_SYSTEM_TZDATA
+ +
+#ifdef HAVE_SYSTEM_TZDATA_PREFIX +#ifdef HAVE_SYSTEM_TZDATA_PREFIX
@ -319,6 +325,44 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
+} +}
+ +
+ +
+/* Retrieve tzdata version. */
+static void retrieve_zone_version(timelib_tzdb *db)
+{
+ static char buf[30];
+ char path[PATH_MAX];
+ FILE *fp;
+
+ strncpy(path, ZONEINFO_PREFIX "/tzdata.zi", sizeof(path));
+
+ fp = fopen(path, "r");
+ if (fp) {
+ if (fgets(buf, sizeof(buf), fp)) {
+ if (!memcmp(buf, "# version ", 10) &&
+ isdigit(buf[10]) &&
+ isdigit(buf[11]) &&
+ isdigit(buf[12]) &&
+ isdigit(buf[13]) &&
+ islower(buf[14])) {
+ if (buf[14] >= 't') { /* 2022t = 2022.20 */
+ buf[17] = 0;
+ buf[16] = buf[14] - 't' + '0';
+ buf[15] = '2';
+ } else if (buf[14] >= 'j') { /* 2022j = 2022.10 */
+ buf[17] = 0;
+ buf[16] = buf[14] - 'j' + '0';
+ buf[15] = '1';
+ } else { /* 2022a = 2022.1 */
+ buf[16] = 0;
+ buf[15] = buf[14] - 'a' + '1';
+ }
+ buf[14] = '.';
+ db->version = buf+10;
+ }
+ }
+ fclose(fp);
+ }
+}
+
+/* Create the zone identifier index by trawling the filesystem. */ +/* Create the zone identifier index by trawling the filesystem. */
+static void create_zone_index(timelib_tzdb *db) +static void create_zone_index(timelib_tzdb *db)
+{ +{
@ -515,15 +559,15 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
+ +
+#endif +#endif
+ +
+static int inmem_seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) +static int inmem_seek_to_tz_position(const unsigned char **tzf, const char *timezone, const timelib_tzdb *tzdb)
{ {
int left = 0, right = tzdb->index_size - 1; int left = 0, right = tzdb->index_size - 1;
@@ -400,9 +840,48 @@ static int seek_to_tz_position(const uns @@ -461,9 +939,49 @@ static int seek_to_tz_position(const unsigned char **tzf, const char *timezone,
return 0; return 0;
} }
+static int seek_to_tz_position(const unsigned char **tzf, char *timezone, +static int seek_to_tz_position(const unsigned char **tzf, const char *timezone,
+ char **map, size_t *maplen, + char **map, size_t *maplen,
+ const timelib_tzdb *tzdb) + const timelib_tzdb *tzdb)
+{ +{
@ -556,6 +600,7 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
+ tmp->version = "0.system"; + tmp->version = "0.system";
+ tmp->data = NULL; + tmp->data = NULL;
+ create_zone_index(tmp); + create_zone_index(tmp);
+ retrieve_zone_version(tmp);
+ system_location_table = create_location_table(); + system_location_table = create_location_table();
+ fake_data_segment(tmp, system_location_table); + fake_data_segment(tmp, system_location_table);
+ timezonedb_system = tmp; + timezonedb_system = tmp;
@ -568,8 +613,8 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
} }
const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count) const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count)
@@ -414,7 +893,30 @@ const timelib_tzdb_index_entry *timelib_ @@ -475,7 +993,30 @@ const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_
int timelib_timezone_id_is_valid(char *timezone, const timelib_tzdb *tzdb) int timelib_timezone_id_is_valid(const char *timezone, const timelib_tzdb *tzdb)
{ {
const unsigned char *tzf; const unsigned char *tzf;
- return (seek_to_tz_position(&tzf, timezone, tzdb)); - return (seek_to_tz_position(&tzf, timezone, tzdb));
@ -600,8 +645,8 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
} }
static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz) static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
@@ -456,12 +958,14 @@ static timelib_tzinfo* timelib_tzinfo_ct @@ -517,6 +1058,8 @@ static timelib_tzinfo* timelib_tzinfo_ctor(const char *name)
timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, int *error_code) timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *tzdb, int *error_code)
{ {
const unsigned char *tzf; const unsigned char *tzf;
+ char *memmap = NULL; + char *memmap = NULL;
@ -609,18 +654,19 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
timelib_tzinfo *tmp; timelib_tzinfo *tmp;
int version; int version;
int transitions_result, types_result; int transitions_result, types_result;
unsigned int type; /* TIMELIB_TZINFO_PHP or TIMELIB_TZINFO_ZONEINFO */ @@ -524,7 +1067,7 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
*error_code = TIMELIB_ERROR_NO_ERROR;
- if (seek_to_tz_position(&tzf, timezone, tzdb)) { - if (seek_to_tz_position(&tzf, timezone, tzdb)) {
+ if (seek_to_tz_position(&tzf, timezone, &memmap, &maplen, tzdb)) { + if (seek_to_tz_position(&tzf, timezone, &memmap, &maplen, tzdb)) {
tmp = timelib_tzinfo_ctor(timezone); tmp = timelib_tzinfo_ctor(timezone);
version = read_preamble(&tzf, tmp, &type); version = read_preamble(&tzf, tmp, &type);
@@ -484,6 +988,29 @@ timelib_tzinfo *timelib_parse_tzfile(cha @@ -563,11 +1106,36 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
timelib_tzinfo_dtor(tmp);
return NULL;
} }
+ skip_posix_string(&tzf, tmp);
+#ifdef HAVE_SYSTEM_TZDATA +#ifdef HAVE_SYSTEM_TZDATA
+ if (memmap) { + if (memmap) {
+ const struct location_info *li; + const struct location_info *li;
@ -643,10 +689,8 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
+ munmap(memmap, maplen); + munmap(memmap, maplen);
+ } else { + } else {
+#endif +#endif
if (version == 2 || version == 3) { if (type == TIMELIB_TZINFO_PHP) {
if (!skip_64bit_preamble(&tzf, tmp)) { read_location(&tzf, tmp);
/* 64 bit preamble is not in place */
@@ -501,6 +1028,9 @@ timelib_tzinfo *timelib_parse_tzfile(cha
} else { } else {
set_default_location_and_comments(&tzf, tmp); set_default_location_and_comments(&tzf, tmp);
} }
@ -656,3 +700,19 @@ diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/
} else { } else {
*error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE; *error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE;
tmp = NULL; tmp = NULL;
diff --git a/ext/date/php_date.c b/ext/date/php_date.c
index 2d5cffb963..389f09f313 100644
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
@@ -457,7 +457,11 @@ PHP_MINFO_FUNCTION(date)
php_info_print_table_row(2, "date/time support", "enabled");
php_info_print_table_row(2, "timelib version", TIMELIB_ASCII_VERSION);
php_info_print_table_row(2, "\"Olson\" Timezone Database Version", tzdb->version);
+#ifdef HAVE_SYSTEM_TZDATA
+ php_info_print_table_row(2, "Timezone Database", "system");
+#else
php_info_print_table_row(2, "Timezone Database", php_date_global_timezone_db_enabled ? "external" : "internal");
+#endif
php_info_print_table_row(2, "Default timezone", guess_timezone(tzdb));
php_info_print_table_end();

View File

@ -0,0 +1,45 @@
From fc4e31467c352032ee709ac55d3c67bc22abcd8d Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Fri, 15 Oct 2021 17:11:12 +0200
Subject: [PATCH] add --with-external-libcrypt build option display an error
message if some algo not available in external libcrypt
---
ext/standard/config.m4 | 21 ++++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/ext/standard/config.m4 b/ext/standard/config.m4
index 58b9c5e658a4..3ec18be4d7df 100644
--- a/ext/standard/config.m4
+++ b/ext/standard/config.m4
@@ -267,14 +267,25 @@ int main() {
])])
+PHP_ARG_WITH([external-libcrypt],
+ [for external libcrypt or libxcrypt],
+ [AS_HELP_STRING([--with-external-libcrypt],
+ [Use external libcrypt or libxcrypt])],
+ [no],
+ [no])
+
dnl
dnl If one of them is missing, use our own implementation, portable code is then possible
dnl
-dnl TODO This is currently always enabled
-if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "$ac_cv_func_crypt_r" != "yes" || true; then
- AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 1, [Whether PHP has to use its own crypt_r for blowfish, des, ext des and md5])
-
- PHP_ADD_SOURCES(PHP_EXT_DIR(standard), crypt_freesec.c crypt_blowfish.c crypt_sha512.c crypt_sha256.c php_crypt_r.c)
+dnl This is currently enabled by default
+if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "$ac_cv_func_crypt_r" != "yes" || test "$PHP_EXTERNAL_LIBCRYPT" = "no"; then
+ if test "$PHP_EXTERNAL_LIBCRYPT" = "no"; then
+ AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 1, [Whether PHP has to use its own crypt_r for blowfish, des, ext des and md5])
+
+ PHP_ADD_SOURCES(PHP_EXT_DIR(standard), crypt_freesec.c crypt_blowfish.c crypt_sha512.c crypt_sha256.c php_crypt_r.c)
+ else
+ AC_MSG_ERROR([Cannot use external libcrypt as some algo are missing])
+ fi
else
AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 0, [Whether PHP has to use its own crypt_r for blowfish, des and ext des])
fi

View File

@ -0,0 +1,16 @@
diff -up ./build/gen_stub.php.syslib ./build/gen_stub.php
--- ./build/gen_stub.php.syslib 2020-06-25 08:11:51.782046813 +0200
+++ ./build/gen_stub.php 2020-06-25 08:13:11.188860368 +0200
@@ -1075,6 +1075,12 @@ function initPhpParser() {
}
$isInitialized = true;
+
+ if (file_exists('/usr/share/php/PhpParser4/autoload.php')) {
+ require_once '/usr/share/php/PhpParser4/autoload.php';
+ return;
+ }
+
$version = "4.13.0";
$phpParserDir = __DIR__ . "/PHP-Parser-$version";
if (!is_dir($phpParserDir)) {

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJKBAABCAA0FiEELBbHZdvlSgiBMPG8S5tfYAtV87QFAmO0V3EWHGNhcnVzb2dh
YnJpZWxAcGhwLm5ldAAKCRBLm19gC1XztIS+D/4oSpkmnwIJgZVkb3eGrwdOwTzu
dDg1cT/eO89AuKmEsVYCDxOGyWIUBunZkZ5sEWbvlNPM4xxxA1EN6DoNMgZal1UN
hSdx19IbmMBYAquINikasBQEvMhCJMUNqRvvLmGRndbDk8DusrIEyxv65clpt3xx
r7rzYs+06+i2MCUxI53nRX3Hl6MQ208Wx/SefKu2LrZ+5Sylz/fFpYP1kre21f+4
Zpig5wR8WS0KyzPO7rPdYq8+SQ88pYrlxSGIbgC1WLDSODWJ2aqSfshinVkOBlMh
XdbNv9hBidQT+B0YaTLCm0SrFCpTfBcW4+4WBucjQjhwYtfC+3ldMY/tdzPBIYWI
yLfTcpsRViv1Jn4liwFsGIlFPy9CaE3e/IOQaxgh/SAeGwMVQEAkysmTNWCS7/BW
uJ/+TeEGoYkLIwbP4AIOk2YXDlr9BwaUHLqITFVgqZLEhXC2elFsPd/9B1MgGwMO
1ZcjMoULgPnMkoGhKhuCUuxug4yjBxBVROreNhtXvfmTt24GUkR65Aqm6w8S4OPO
kG3aqhSxTAOHQCbMl4PyOkUBUbVIpByiJSMOz+PAAb7SHMc3suw3MEGZTMoLD1Gh
JgCjjh0KyMEJtN8nILI85xOQeuv6zG/szwNcZWXrC6+PTndMXOACLyS0dNCevFNz
DCp3Qv9kRIty3xvUKg==
=Rb0u
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,400 @@
From 4dc8b3c0efaae25b08c8f59b068f17c97c59d0ae Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 5 May 2021 15:41:00 +0200
Subject: [PATCH] get rid of inet_aton and inet_ntoa use inet_ntop iand
inet_pton where available standardize buffer size
---
ext/sockets/sockaddr_conv.c | 4 ++++
ext/sockets/sockets.c | 48 +++++++++++++++++++++++++------------
ext/standard/dns.c | 16 ++++++++++++-
main/network.c | 20 ++++++++++++++--
4 files changed, 70 insertions(+), 18 deletions(-)
diff --git a/ext/sockets/sockaddr_conv.c b/ext/sockets/sockaddr_conv.c
index 57996612d2d7e..65c8418fb3a6f 100644
--- a/ext/sockets/sockaddr_conv.c
+++ b/ext/sockets/sockaddr_conv.c
@@ -87,7 +87,11 @@ int php_set_inet_addr(struct sockaddr_in *sin, char *string, php_socket *php_soc
struct in_addr tmp;
struct hostent *host_entry;
+#ifdef HAVE_INET_PTON
+ if (inet_pton(AF_INET, string, &tmp)) {
+#else
if (inet_aton(string, &tmp)) {
+#endif
sin->sin_addr.s_addr = tmp.s_addr;
} else {
if (strlen(string) > MAXFQDNLEN || ! (host_entry = php_network_gethostbyname(string))) {
diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index 16ad3e8013a4c..85c938d1b97b1 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -220,8 +220,10 @@ zend_module_entry sockets_module_entry = {
ZEND_GET_MODULE(sockets)
#endif
+#ifndef HAVE_INET_NTOP
/* inet_ntop should be used instead of inet_ntoa */
int inet_ntoa_lock = 0;
+#endif
static int php_open_listen_sock(php_socket *sock, int port, int backlog) /* {{{ */
{
@@ -1082,10 +1084,12 @@ PHP_FUNCTION(socket_getsockname)
struct sockaddr_in *sin;
#if HAVE_IPV6
struct sockaddr_in6 *sin6;
- char addr6[INET6_ADDRSTRLEN+1];
+#endif
+#ifdef HAVE_INET_NTOP
+ char addrbuf[INET6_ADDRSTRLEN];
#endif
struct sockaddr_un *s_un;
- char *addr_string;
+ const char *addr_string;
socklen_t salen = sizeof(php_sockaddr_storage);
if (zend_parse_parameters(ZEND_NUM_ARGS(), "Oz|z", &arg1, socket_ce, &addr, &port) == FAILURE) {
@@ -1106,8 +1110,8 @@ PHP_FUNCTION(socket_getsockname)
#if HAVE_IPV6
case AF_INET6:
sin6 = (struct sockaddr_in6 *) sa;
- inet_ntop(AF_INET6, &sin6->sin6_addr, addr6, INET6_ADDRSTRLEN);
- ZEND_TRY_ASSIGN_REF_STRING(addr, addr6);
+ inet_ntop(AF_INET6, &sin6->sin6_addr, addrbuf, sizeof(addrbuf));
+ ZEND_TRY_ASSIGN_REF_STRING(addr, addrbuf);
if (port != NULL) {
ZEND_TRY_ASSIGN_REF_LONG(port, htons(sin6->sin6_port));
@@ -1117,11 +1121,14 @@ PHP_FUNCTION(socket_getsockname)
#endif
case AF_INET:
sin = (struct sockaddr_in *) sa;
+#ifdef HAVE_INET_NTOP
+ addr_string = inet_ntop(AF_INET, &sin->sin_addr, addrbuf, sizeof(addrbuf));
+#else
while (inet_ntoa_lock == 1);
inet_ntoa_lock = 1;
addr_string = inet_ntoa(sin->sin_addr);
inet_ntoa_lock = 0;
-
+#endif
ZEND_TRY_ASSIGN_REF_STRING(addr, addr_string);
if (port != NULL) {
@@ -1154,10 +1161,12 @@ PHP_FUNCTION(socket_getpeername)
struct sockaddr_in *sin;
#if HAVE_IPV6
struct sockaddr_in6 *sin6;
- char addr6[INET6_ADDRSTRLEN+1];
+#endif
+#ifdef HAVE_INET_NTOP
+ char addrbuf[INET6_ADDRSTRLEN];
#endif
struct sockaddr_un *s_un;
- char *addr_string;
+ const char *addr_string;
socklen_t salen = sizeof(php_sockaddr_storage);
if (zend_parse_parameters(ZEND_NUM_ARGS(), "Oz|z", &arg1, socket_ce, &arg2, &arg3) == FAILURE) {
@@ -1178,9 +1187,9 @@ PHP_FUNCTION(socket_getpeername)
#if HAVE_IPV6
case AF_INET6:
sin6 = (struct sockaddr_in6 *) sa;
- inet_ntop(AF_INET6, &sin6->sin6_addr, addr6, INET6_ADDRSTRLEN);
+ inet_ntop(AF_INET6, &sin6->sin6_addr, addrbuf, sizeof(addrbuf));
- ZEND_TRY_ASSIGN_REF_STRING(arg2, addr6);
+ ZEND_TRY_ASSIGN_REF_STRING(arg2, addrbuf);
if (arg3 != NULL) {
ZEND_TRY_ASSIGN_REF_LONG(arg3, htons(sin6->sin6_port));
@@ -1191,11 +1200,14 @@ PHP_FUNCTION(socket_getpeername)
#endif
case AF_INET:
sin = (struct sockaddr_in *) sa;
+#ifdef HAVE_INET_NTOP
+ addr_string = inet_ntop(AF_INET, &sin->sin_addr, addrbuf, sizeof(addrbuf));
+#else
while (inet_ntoa_lock == 1);
inet_ntoa_lock = 1;
addr_string = inet_ntoa(sin->sin_addr);
inet_ntoa_lock = 0;
-
+#endif
ZEND_TRY_ASSIGN_REF_STRING(arg2, addr_string);
if (arg3 != NULL) {
@@ -1527,12 +1539,14 @@ PHP_FUNCTION(socket_recvfrom)
struct sockaddr_in sin;
#if HAVE_IPV6
struct sockaddr_in6 sin6;
- char addr6[INET6_ADDRSTRLEN];
+#endif
+#ifdef HAVE_INET_NTOP
+ char addrbuf[INET6_ADDRSTRLEN];
#endif
socklen_t slen;
int retval;
zend_long arg3, arg4;
- char *address;
+ const char *address;
zend_string *recv_buf;
if (zend_parse_parameters(ZEND_NUM_ARGS(), "Ozllz|z", &arg1, socket_ce, &arg2, &arg3, &arg4, &arg5, &arg6) == FAILURE) {
@@ -1590,7 +1604,11 @@ PHP_FUNCTION(socket_recvfrom)
ZSTR_LEN(recv_buf) = retval;
ZSTR_VAL(recv_buf)[ZSTR_LEN(recv_buf)] = '\0';
+#ifdef HAVE_INET_NTOP
+ address = inet_ntop(AF_INET, &sin.sin_addr, addrbuf, sizeof(addrbuf));
+#else
address = inet_ntoa(sin.sin_addr);
+#endif
ZEND_TRY_ASSIGN_REF_NEW_STR(arg2, recv_buf);
ZEND_TRY_ASSIGN_REF_STRING(arg5, address ? address : "0.0.0.0");
@@ -1617,11 +1635,11 @@ PHP_FUNCTION(socket_recvfrom)
ZSTR_LEN(recv_buf) = retval;
ZSTR_VAL(recv_buf)[ZSTR_LEN(recv_buf)] = '\0';
- memset(addr6, 0, INET6_ADDRSTRLEN);
- inet_ntop(AF_INET6, &sin6.sin6_addr, addr6, INET6_ADDRSTRLEN);
+ memset(addrbuf, 0, INET6_ADDRSTRLEN);
+ inet_ntop(AF_INET6, &sin6.sin6_addr, addrbuf, sizeof(addrbuf));
ZEND_TRY_ASSIGN_REF_NEW_STR(arg2, recv_buf);
- ZEND_TRY_ASSIGN_REF_STRING(arg5, addr6[0] ? addr6 : "::");
+ ZEND_TRY_ASSIGN_REF_STRING(arg5, addrbuf[0] ? addrbuf : "::");
ZEND_TRY_ASSIGN_REF_LONG(arg6, ntohs(sin6.sin6_port));
break;
#endif
diff --git a/ext/standard/dns.c b/ext/standard/dns.c
index 41b98424edb60..6efdbbe894b46 100644
--- a/ext/standard/dns.c
+++ b/ext/standard/dns.c
@@ -228,6 +228,9 @@ PHP_FUNCTION(gethostbynamel)
struct hostent *hp;
struct in_addr in;
int i;
+#ifdef HAVE_INET_NTOP
+ char addr4[INET_ADDRSTRLEN];
+#endif
ZEND_PARSE_PARAMETERS_START(1, 1)
Z_PARAM_PATH(hostname, hostname_len)
@@ -255,7 +258,11 @@ PHP_FUNCTION(gethostbynamel)
}
in = *h_addr_entry;
+#ifdef HAVE_INET_NTOP
+ add_next_index_string(return_value, inet_ntop(AF_INET, &in, addr4, INET_ADDRSTRLEN));
+#else
add_next_index_string(return_value, inet_ntoa(in));
+#endif
}
}
/* }}} */
@@ -266,7 +273,10 @@ static zend_string *php_gethostbyname(char *name)
struct hostent *hp;
struct in_addr *h_addr_0; /* Don't call this h_addr, it's a macro! */
struct in_addr in;
- char *address;
+#ifdef HAVE_INET_NTOP
+ char addr4[INET_ADDRSTRLEN];
+#endif
+ const char *address;
hp = php_network_gethostbyname(name);
if (!hp) {
@@ -281,7 +291,11 @@ static zend_string *php_gethostbyname(char *name)
memcpy(&in.s_addr, h_addr_0, sizeof(in.s_addr));
+#ifdef HAVE_INET_NTOP
+ address = inet_ntop(AF_INET, &in, addr4, INET_ADDRSTRLEN);
+#else
address = inet_ntoa(in);
+#endif
return zend_string_init(address, strlen(address), 0);
}
/* }}} */
diff --git a/main/network.c b/main/network.c
index 2c504952b2dd1..7f2f714ec42df 100644
--- a/main/network.c
+++ b/main/network.c
@@ -236,8 +236,12 @@ PHPAPI int php_network_getaddresses(const char *host, int socktype, struct socka
} while ((sai = sai->ai_next) != NULL);
freeaddrinfo(res);
+#else
+#ifdef HAVE_INET_PTON
+ if (!inet_pton(AF_INET, host, &in)) {
#else
if (!inet_aton(host, &in)) {
+#endif
if(strlen(host) > MAXFQDNLEN) {
host_info = NULL;
errno = E2BIG;
@@ -555,7 +559,11 @@ PHPAPI int php_network_parse_network_address_with_port(const char *addr, zend_lo
goto out;
}
#endif
+#ifdef HAVE_INET_PTON
+ if (inet_pton(AF_INET, tmp, &in4->sin_addr) > 0) {
+#else
if (inet_aton(tmp, &in4->sin_addr) > 0) {
+#endif
in4->sin_port = htons(port);
in4->sin_family = AF_INET;
*sl = sizeof(struct sockaddr_in);
@@ -617,15 +625,19 @@ PHPAPI void php_network_populate_name_from_sockaddr(
}
if (textaddr) {
-#if HAVE_IPV6 && HAVE_INET_NTOP
+#ifdef HAVE_INET_NTOP
char abuf[256];
#endif
- char *buf = NULL;
+ const char *buf = NULL;
switch (sa->sa_family) {
case AF_INET:
/* generally not thread safe, but it *is* thread safe under win32 */
+#ifdef HAVE_INET_NTOP
+ buf = inet_ntop(AF_INET, &((struct sockaddr_in*)sa)->sin_addr, (char *)&abuf, sizeof(abuf));
+#else
buf = inet_ntoa(((struct sockaddr_in*)sa)->sin_addr);
+#endif
if (buf) {
*textaddr = strpprintf(0, "%s:%d",
buf, ntohs(((struct sockaddr_in*)sa)->sin_port));
@@ -862,7 +874,11 @@ php_socket_t php_network_connect_socket_to_host(const char *host, unsigned short
in4->sin_family = sa->sa_family;
in4->sin_port = htons(bindport);
+#ifdef HAVE_INET_PTON
+ if (!inet_pton(AF_INET, bindto, &in4->sin_addr)) {
+#else
if (!inet_aton(bindto, &in4->sin_addr)) {
+#endif
php_error_docref(NULL, E_WARNING, "Invalid IP Address: %s", bindto);
goto skip_bind;
}
From e5b6f43ec7813392d83ea586b7902e0396a1f792 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 6 May 2021 14:21:29 +0200
Subject: [PATCH] get rid of inet_addr usage
---
main/fastcgi.c | 4 ++++
sapi/litespeed/lsapilib.c | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/main/fastcgi.c b/main/fastcgi.c
index 071f69d3a7f0..c936d42405de 100644
--- a/main/fastcgi.c
+++ b/main/fastcgi.c
@@ -688,8 +688,12 @@ int fcgi_listen(const char *path, int backlog)
if (!*host || !strncmp(host, "*", sizeof("*")-1)) {
sa.sa_inet.sin_addr.s_addr = htonl(INADDR_ANY);
} else {
+#ifdef HAVE_INET_PTON
+ if (!inet_pton(AF_INET, host, &sa.sa_inet.sin_addr)) {
+#else
sa.sa_inet.sin_addr.s_addr = inet_addr(host);
if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) {
+#endif
struct hostent *hep;
if(strlen(host) > MAXFQDNLEN) {
diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
index a72b5dc1b988..305f3326a682 100644
--- a/sapi/litespeed/lsapilib.c
+++ b/sapi/litespeed/lsapilib.c
@@ -2672,8 +2672,12 @@ int LSAPI_ParseSockAddr( const char * pBind, struct sockaddr * pAddr )
((struct sockaddr_in *)pAddr)->sin_addr.s_addr = htonl( INADDR_LOOPBACK );
else
{
+#ifdef HAVE_INET_PTON
+ if (!inet_pton(AF_INET, p, &((struct sockaddr_in *)pAddr)->sin_addr))
+#else
((struct sockaddr_in *)pAddr)->sin_addr.s_addr = inet_addr( p );
if ( ((struct sockaddr_in *)pAddr)->sin_addr.s_addr == INADDR_BROADCAST)
+#endif
{
doAddrInfo = 1;
}
From 99d67d121acd4c324738509679d23acaf759d065 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 6 May 2021 16:35:48 +0200
Subject: [PATCH] use getnameinfo instead of gethostbyaddr
---
ext/standard/dns.c | 34 ++++++++++++++++++++++------------
1 file changed, 22 insertions(+), 12 deletions(-)
diff --git a/ext/standard/dns.c b/ext/standard/dns.c
index edd9a4549f5c..540c777faaba 100644
--- a/ext/standard/dns.c
+++ b/ext/standard/dns.c
@@ -169,20 +169,30 @@ PHP_FUNCTION(gethostbyaddr)
static zend_string *php_gethostbyaddr(char *ip)
{
#if HAVE_IPV6 && HAVE_INET_PTON
- struct in6_addr addr6;
-#endif
- struct in_addr addr;
- struct hostent *hp;
+ struct sockaddr_in sa4;
+ struct sockaddr_in6 sa6;
+ char out[NI_MAXHOST];
-#if HAVE_IPV6 && HAVE_INET_PTON
- if (inet_pton(AF_INET6, ip, &addr6)) {
- hp = gethostbyaddr((char *) &addr6, sizeof(addr6), AF_INET6);
- } else if (inet_pton(AF_INET, ip, &addr)) {
- hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
- } else {
- return NULL;
+ if (inet_pton(AF_INET6, ip, &sa6.sin6_addr)) {
+ sa6.sin6_family = AF_INET6;
+
+ if (getnameinfo((struct sockaddr *)&sa6, sizeof(sa6), out, sizeof(out), NULL, 0, NI_NAMEREQD) < 0) {
+ return zend_string_init(ip, strlen(ip), 0);
+ }
+ return zend_string_init(out, strlen(out), 0);
+ } else if (inet_pton(AF_INET, ip, &sa4.sin_addr)) {
+ sa4.sin_family = AF_INET;
+
+ if (getnameinfo((struct sockaddr *)&sa4, sizeof(sa4), out, sizeof(out), NULL, 0, NI_NAMEREQD) < 0) {
+ return zend_string_init(ip, strlen(ip), 0);
+ }
+ return zend_string_init(out, strlen(out), 0);
}
+ return NULL; /* not a valid IP */
#else
+ struct in_addr addr;
+ struct hostent *hp;
+
addr.s_addr = inet_addr(ip);
if (addr.s_addr == -1) {
@@ -190,13 +200,13 @@ static zend_string *php_gethostbyaddr(char *ip)
}
hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
-#endif
if (!hp || hp->h_name == NULL || hp->h_name[0] == '\0') {
return zend_string_init(ip, strlen(ip), 0);
}
return zend_string_init(hp->h_name, strlen(hp->h_name), 0);
+#endif
}
/* }}} */

View File

@ -1,5 +1,5 @@
; Start a new pool named 'www'. ; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the ; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here) ; pool name ('www' here)
[www] [www]
@ -330,6 +330,10 @@ slowlog = /var/log/php-fpm/www-slow.log
; Default Value: 0 ; Default Value: 0
;request_slowlog_timeout = 0 ;request_slowlog_timeout = 0
; Depth of slow log stack trace.
; Default Value: 20
;request_slowlog_trace_depth = 20
; The timeout for serving a single request after which the worker process will ; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option ; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'. ; does not stop script execution for some reason. A value of '0' means 'off'.
@ -381,7 +385,7 @@ slowlog = /var/log/php-fpm/www-slow.log
; Limits the extensions of the main script FPM will allow to parse. This can ; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit ; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to ; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code. ; execute php code.
; Note: set an empty value to allow all extensions. ; Note: set an empty value to allow all extensions.
; Default Value: .php ; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7 ;security.limit_extensions = .php .php3 .php4 .php5 .php7

View File

@ -43,6 +43,24 @@ error_log = /var/log/php-fpm/error.log
; Default Value: notice ; Default Value: notice
;log_level = notice ;log_level = notice
; Log limit on number of characters in the single line (log entry). If the
; line is over the limit, it is wrapped on multiple lines. The limit is for
; all logged characters including message prefix and suffix if present. However
; the new line character does not count into it as it is present only when
; logging to a file descriptor. It means the new line character is not present
; when logging to syslog.
; Default Value: 1024
;log_limit = 4096
; Log buffering specifies if the log line is buffered which means that the
; line is written in a single write operation. If the value is false, then the
; data is written directly into the file descriptor. It is an experimental
; option that can potentionaly improve logging performance and memory usage
; for some heavy logging scenarios. This option is ignored if logging to syslog
; as it has to be always buffered.
; Default value: yes
;log_buffering = no
; If this number of child processes exit with SIGSEGV or SIGBUS within the time ; If this number of child processes exit with SIGSEGV or SIGBUS within the time
; interval set by emergency_restart_interval then FPM will restart. A value ; interval set by emergency_restart_interval then FPM will restart. A value
; of '0' means 'Off'. ; of '0' means 'Off'.

View File

@ -19,15 +19,13 @@ DirectoryIndex index.php
# #
# Redirect to local php-fpm (no mod_php in default configuration) # Redirect to local php-fpm (no mod_php in default configuration)
# #
<IfModule !mod_php5.c> <IfModule !mod_php.c>
<IfModule !mod_php7.c>
# Enable http authorization headers # Enable http authorization headers
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
<FilesMatch \.(php|phar)$> <FilesMatch \.(php|phar)$>
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</IfModule>
</IfModule> </IfModule>
# #
@ -36,7 +34,7 @@ DirectoryIndex index.php
# #
# mod_php options # mod_php options
# #
<IfModule mod_php7.c> <IfModule mod_php.c>
# #
# Cause the PHP interpreter to handle files with a .php extension. # Cause the PHP interpreter to handle files with a .php extension.
# #

View File

@ -15,7 +15,7 @@
; 5. The web server's directory (for SAPI modules), or directory of PHP ; 5. The web server's directory (for SAPI modules), or directory of PHP
; (otherwise in Windows) ; (otherwise in Windows)
; 6. The directory from the --with-config-file-path compile time option, or the ; 6. The directory from the --with-config-file-path compile time option, or the
; Windows directory (C:\windows or C:\winnt) ; Windows directory (usually C:\windows)
; See the PHP docs for more specific information. ; See the PHP docs for more specific information.
; http://php.net/configuration.file ; http://php.net/configuration.file
@ -83,11 +83,12 @@
; development version only in development environments, as errors shown to ; development version only in development environments, as errors shown to
; application users can inadvertently leak otherwise secure information. ; application users can inadvertently leak otherwise secure information.
; This is php.ini-production INI file. ; This is the php.ini-production INI file.
;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;
; Quick Reference ; ; Quick Reference ;
;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;
; The following are all the settings which are different in either the production ; The following are all the settings which are different in either the production
; or development versions of the INIs with respect to PHP's default behavior. ; or development versions of the INIs with respect to PHP's default behavior.
; Please see the actual settings later in the document for more details as to why ; Please see the actual settings later in the document for more details as to why
@ -99,20 +100,15 @@
; Production Value: Off ; Production Value: Off
; display_startup_errors ; display_startup_errors
; Default Value: Off ; Default Value: On
; Development Value: On ; Development Value: On
; Production Value: Off ; Production Value: Off
; error_reporting ; error_reporting
; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED ; Default Value: E_ALL
; Development Value: E_ALL ; Development Value: E_ALL
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
; html_errors
; Default Value: On
; Development Value: On
; Production value: On
; log_errors ; log_errors
; Default Value: Off ; Default Value: Off
; Development Value: On ; Development Value: On
@ -153,23 +149,28 @@
; Development Value: Off ; Development Value: Off
; Production Value: Off ; Production Value: Off
; track_errors
; Default Value: Off
; Development Value: On
; Production Value: Off
; variables_order ; variables_order
; Default Value: "EGPCS" ; Default Value: "EGPCS"
; Development Value: "GPCS" ; Development Value: "GPCS"
; Production Value: "GPCS" ; Production Value: "GPCS"
; zend.exception_ignore_args
; Default Value: Off
; Development Value: Off
; Production Value: On
; zend.exception_string_param_max_len
; Default Value: 15
; Development Value: 15
; Production Value: 0
;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;
; php.ini Options ; ; php.ini Options ;
;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;
; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
;user_ini.filename = ".user.ini" ;user_ini.filename = ".user.ini"
; To disable this feature set this option to empty value ; To disable this feature set this option to an empty value
;user_ini.filename = ;user_ini.filename =
; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
@ -248,7 +249,7 @@ output_buffering = 4096
; Production Value: "form=" ; Production Value: "form="
;url_rewriter.tags ;url_rewriter.tags
; URL rewriter will not rewrites absolute URL nor form by default. To enable ; URL rewriter will not rewrite absolute URL nor form by default. To enable
; absolute URL rewrite, allowed hosts must be defined at RUNTIME. ; absolute URL rewrite, allowed hosts must be defined at RUNTIME.
; Refer to session.trans_sid_hosts for more details. ; Refer to session.trans_sid_hosts for more details.
; Default Value: "" ; Default Value: ""
@ -294,6 +295,13 @@ implicit_flush = Off
; callback-function. ; callback-function.
unserialize_callback_func = unserialize_callback_func =
; The unserialize_max_depth specifies the default depth limit for unserialized
; structures. Setting the depth limit too high may result in stack overflows
; during unserialization. The unserialize_max_depth ini setting can be
; overridden by the max_depth option on individual unserialize() calls.
; A value of 0 disables the depth limit.
;unserialize_max_depth = 4096
; When floats & doubles are serialized, store serialize_precision significant ; When floats & doubles are serialized, store serialize_precision significant
; digits after the floating point. The default value ensures that when floats ; digits after the floating point. The default value ensures that when floats
; are decoded with unserialize, the data will remain the same. ; are decoded with unserialize, the data will remain the same.
@ -305,15 +313,16 @@ serialize_precision = -1
; open_basedir, if set, limits all file operations to the defined directory ; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory ; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. ; or per-virtualhost web server configuration file.
; Note: disables the realpath cache
; http://php.net/open-basedir ; http://php.net/open-basedir
;open_basedir = ;open_basedir =
; This directive allows you to disable certain functions for security reasons. ; This directive allows you to disable certain functions.
; It receives a comma-delimited list of function names. ; It receives a comma-delimited list of function names.
; http://php.net/disable-functions ; http://php.net/disable-functions
disable_functions = disable_functions =
; This directive allows you to disable certain classes for security reasons. ; This directive allows you to disable certain classes.
; It receives a comma-delimited list of class names. ; It receives a comma-delimited list of class names.
; http://php.net/disable-classes ; http://php.net/disable-classes
disable_classes = disable_classes =
@ -337,6 +346,7 @@ disable_classes =
; Determines the size of the realpath cache to be used by PHP. This value should ; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of ; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed. ; the file operations performed.
; Note: if open_basedir is set, the cache is disabled
; http://php.net/realpath-cache-size ; http://php.net/realpath-cache-size
;realpath_cache_size = 4096k ;realpath_cache_size = 4096k
@ -353,15 +363,31 @@ zend.enable_gc = On
; If enabled, scripts may be written in encodings that are incompatible with ; If enabled, scripts may be written in encodings that are incompatible with
; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such ; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such
; encodings. To use this feature, mbstring extension must be enabled. ; encodings. To use this feature, mbstring extension must be enabled.
; Default: Off
;zend.multibyte = Off ;zend.multibyte = Off
; Allows to set the default encoding for the scripts. This value will be used ; Allows to set the default encoding for the scripts. This value will be used
; unless "declare(encoding=...)" directive appears at the top of the script. ; unless "declare(encoding=...)" directive appears at the top of the script.
; Only affects if zend.multibyte is set. ; Only affects if zend.multibyte is set.
; Default: ""
;zend.script_encoding = ;zend.script_encoding =
; Allows to include or exclude arguments from stack traces generated for exceptions.
; In production, it is recommended to turn this setting on to prohibit the output
; of sensitive information in stack traces
; Default Value: Off
; Development Value: Off
; Production Value: On
zend.exception_ignore_args = On
; Allows setting the maximum string length in an argument of a stringified stack trace
; to a value between 0 and 1000000.
; This has no effect when zend.exception_ignore_args is enabled.
; Default Value: 15
; Development Value: 15
; Production Value: 0
; In production, it is recommended to set this to 0 to reduce the output
; of sensitive information in stack traces.
zend.exception_string_param_max_len = 0
;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;
; Miscellaneous ; ; Miscellaneous ;
;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;
@ -397,9 +423,9 @@ max_input_time = 60
;max_input_nesting_level = 64 ;max_input_nesting_level = 64
; How many GET/POST/COOKIE input variables may be accepted ; How many GET/POST/COOKIE input variables may be accepted
; max_input_vars = 1000 ;max_input_vars = 1000
; Maximum amount of memory a script may consume (128MB) ; Maximum amount of memory a script may consume
; http://php.net/memory-limit ; http://php.net/memory-limit
memory_limit = 128M memory_limit = 128M
@ -453,7 +479,7 @@ memory_limit = 128M
; E_ALL & ~E_NOTICE (Show all errors, except for notices) ; E_ALL & ~E_NOTICE (Show all errors, except for notices)
; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) ; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED ; Default Value: E_ALL
; Development Value: E_ALL ; Development Value: E_ALL
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
; http://php.net/error-reporting ; http://php.net/error-reporting
@ -477,11 +503,9 @@ error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off display_errors = Off
; The display of errors which occur during PHP's startup sequence are handled ; The display of errors which occur during PHP's startup sequence are handled
; separately from display_errors. PHP's default behavior is to suppress those ; separately from display_errors. We strongly recommend you set this to 'off'
; errors from clients. Turning the display of startup errors on can be useful in ; for production servers to avoid leaking configuration details.
; debugging configuration problems. We strongly recommend you ; Default Value: On
; set this to 'off' for production servers.
; Default Value: Off
; Development Value: On ; Development Value: On
; Production Value: Off ; Production Value: Off
; http://php.net/display-startup-errors ; http://php.net/display-startup-errors
@ -514,24 +538,14 @@ ignore_repeated_errors = Off
ignore_repeated_source = Off ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on ; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if ; stdout or in the log). This is only effective in a debug compile, and if
; error reporting includes E_WARNING in the allowed list ; error reporting includes E_WARNING in the allowed list
; http://php.net/report-memleaks ; http://php.net/report-memleaks
report_memleaks = On report_memleaks = On
; This setting is on by default. ; This setting is off by default.
;report_zend_debug = 0 ;report_zend_debug = 0
; Store the last error/warning message in $php_errormsg (boolean). Setting this value
; to On can assist in debugging and is appropriate for development servers. It should
; however be disabled on production servers.
; This directive is DEPRECATED.
; Default Value: Off
; Development Value: Off
; Production Value: Off
; http://php.net/track-errors
;track_errors = Off
; Turn off normal error reporting and emit XML-RPC error XML ; Turn off normal error reporting and emit XML-RPC error XML
; http://php.net/xmlrpc-errors ; http://php.net/xmlrpc-errors
;xmlrpc_errors = 0 ;xmlrpc_errors = 0
@ -543,11 +557,8 @@ report_memleaks = On
; error message as HTML for easier reading. This directive controls whether ; error message as HTML for easier reading. This directive controls whether
; the error message is formatted as HTML or not. ; the error message is formatted as HTML or not.
; Note: This directive is hardcoded to Off for the CLI SAPI ; Note: This directive is hardcoded to Off for the CLI SAPI
; Default Value: On
; Development Value: On
; Production value: On
; http://php.net/html-errors ; http://php.net/html-errors
html_errors = On ;html_errors = On
; If html_errors is set to On *and* docref_root is not empty, then PHP ; If html_errors is set to On *and* docref_root is not empty, then PHP
; produces clickable error messages that direct to a page describing the error ; produces clickable error messages that direct to a page describing the error
@ -582,9 +593,29 @@ html_errors = On
; http://php.net/error-log ; http://php.net/error-log
; Example: ; Example:
;error_log = php_errors.log ;error_log = php_errors.log
; Log errors to syslog. ; Log errors to syslog (Event Log on Windows).
;error_log = syslog ;error_log = syslog
; The syslog ident is a string which is prepended to every message logged
; to syslog. Only used when error_log is set to syslog.
;syslog.ident = php
; The syslog facility is used to specify what type of program is logging
; the message. Only used when error_log is set to syslog.
;syslog.facility = user
; Set this to disable filtering control characters (the default).
; Some loggers only accept NVT-ASCII, others accept anything that's not
; control characters. If your logger accepts everything, then no filtering
; is needed at all.
; Allowed values are:
; ascii (all printable ASCII characters and NL)
; no-ctrl (all characters except control characters)
; all (all characters)
; raw (like "all", but messages are not split at newlines)
; http://php.net/syslog.filter
;syslog.filter = ascii
;windows.show_crt_warning ;windows.show_crt_warning
; Default value: 0 ; Default value: 0
; Development value: 0 ; Development value: 0
@ -652,7 +683,7 @@ register_argc_argv = Off
; first used (Just In Time) instead of when the script starts. If these ; first used (Just In Time) instead of when the script starts. If these
; variables are not used within a script, having this directive on will result ; variables are not used within a script, having this directive on will result
; in a performance gain. The PHP directive register_argc_argv must be disabled ; in a performance gain. The PHP directive register_argc_argv must be disabled
; for this directive to have any affect. ; for this directive to have any effect.
; http://php.net/auto-globals-jit ; http://php.net/auto-globals-jit
auto_globals_jit = On auto_globals_jit = On
@ -734,13 +765,13 @@ user_dir =
; Directory in which the loadable extensions (modules) reside. ; Directory in which the loadable extensions (modules) reside.
; http://php.net/extension-dir ; http://php.net/extension-dir
; extension_dir = "./" ;extension_dir = "./"
; On windows: ; On windows:
; extension_dir = "ext" ;extension_dir = "ext"
; Directory where the temporary files should be placed. ; Directory where the temporary files should be placed.
; Defaults to the system default (see sys_get_temp_dir) ; Defaults to the system default (see sys_get_temp_dir)
; sys_temp_dir = "/tmp" ;sys_temp_dir = "/tmp"
; Whether or not to enable the dl() function. The dl() function does NOT work ; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically ; properly in multithreaded servers, such as IIS or Zeus, and is automatically
@ -777,10 +808,9 @@ enable_dl = Off
; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside ; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside
; of the web tree and people will not be able to circumvent .htaccess security. ; of the web tree and people will not be able to circumvent .htaccess security.
; http://php.net/cgi.dicard-path
;cgi.discard_path=1 ;cgi.discard_path=1
; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; FastCGI under IIS supports the ability to impersonate
; security tokens of the calling client. This allows IIS to define the ; security tokens of the calling client. This allows IIS to define the
; security context that the request runs under. mod_fastcgi under Apache ; security context that the request runs under. mod_fastcgi under Apache
; does not currently support this feature (03/17/2002) ; does not currently support this feature (03/17/2002)
@ -908,10 +938,10 @@ cli_server.color = On
;date.default_longitude = 35.2333 ;date.default_longitude = 35.2333
; http://php.net/date.sunrise-zenith ; http://php.net/date.sunrise-zenith
;date.sunrise_zenith = 90.583333 ;date.sunrise_zenith = 90.833333
; http://php.net/date.sunset-zenith ; http://php.net/date.sunset-zenith
;date.sunset_zenith = 90.583333 ;date.sunset_zenith = 90.833333
[filter] [filter]
; http://php.net/filter.default ; http://php.net/filter.default
@ -923,7 +953,7 @@ cli_server.color = On
[iconv] [iconv]
; Use of this INI entry is deprecated, use global input_encoding instead. ; Use of this INI entry is deprecated, use global input_encoding instead.
; If empty, default_charset or input_encoding or iconv.input_encoding is used. ; If empty, default_charset or input_encoding or iconv.input_encoding is used.
; The precedence is: default_charset < intput_encoding < iconv.input_encoding ; The precedence is: default_charset < input_encoding < iconv.input_encoding
;iconv.input_encoding = ;iconv.input_encoding =
; Use of this INI entry is deprecated, use global internal_encoding instead. ; Use of this INI entry is deprecated, use global internal_encoding instead.
@ -938,6 +968,13 @@ cli_server.color = On
; otherwise output encoding conversion cannot be performed. ; otherwise output encoding conversion cannot be performed.
;iconv.output_encoding = ;iconv.output_encoding =
[imap]
; rsh/ssh logins are disabled by default. Use this INI entry if you want to
; enable them. Note that the IMAP library does not filter mailbox names before
; passing them to rsh/ssh command, thus passing untrusted data to this function
; with rsh/ssh enabled is insecure.
;imap.enable_insecure_rsh=0
[intl] [intl]
;intl.default_locale = ;intl.default_locale =
; This directive allows you to produce PHP errors when some error ; This directive allows you to produce PHP errors when some error
@ -947,22 +984,33 @@ cli_server.color = On
;intl.use_exceptions = 0 ;intl.use_exceptions = 0
[sqlite3] [sqlite3]
; Directory pointing to SQLite3 extensions
; http://php.net/sqlite3.extension-dir
;sqlite3.extension_dir = ;sqlite3.extension_dir =
; SQLite defensive mode flag (only available from SQLite 3.26+)
; When the defensive flag is enabled, language features that allow ordinary
; SQL to deliberately corrupt the database file are disabled. This forbids
; writing directly to the schema, shadow tables (eg. FTS data tables), or
; the sqlite_dbpage virtual table.
; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html
; (for older SQLite versions, this flag has no use)
;sqlite3.defensive = 1
[Pcre] [Pcre]
;PCRE library backtracking limit. ; PCRE library backtracking limit.
; http://php.net/pcre.backtrack-limit ; http://php.net/pcre.backtrack-limit
;pcre.backtrack_limit=100000 ;pcre.backtrack_limit=100000
;PCRE library recursion limit. ; PCRE library recursion limit.
;Please note that if you set this value to a high number you may consume all ; Please note that if you set this value to a high number you may consume all
;the available process stack and eventually crash PHP (due to reaching the ; the available process stack and eventually crash PHP (due to reaching the
;stack size limit imposed by the Operating System). ; stack size limit imposed by the Operating System).
; http://php.net/pcre.recursion-limit ; http://php.net/pcre.recursion-limit
;pcre.recursion_limit=100000 ;pcre.recursion_limit=100000
;Enables or disables JIT compilation of patterns. This requires the PCRE ; Enables or disables JIT compilation of patterns. This requires the PCRE
;library to be compiled with JIT support. ; library to be compiled with JIT support.
pcre.jit=0 pcre.jit=0
[Pdo] [Pdo]
@ -970,16 +1018,9 @@ pcre.jit=0
; http://php.net/pdo-odbc.connection-pooling ; http://php.net/pdo-odbc.connection-pooling
;pdo_odbc.connection_pooling=strict ;pdo_odbc.connection_pooling=strict
;pdo_odbc.db2_instance_name
[Pdo_mysql] [Pdo_mysql]
; If mysqlnd is used: Number of cache slots for the internal result set cache
; http://php.net/pdo_mysql.cache_size
pdo_mysql.cache_size = 2000
; Default socket name for local MySQL connects. If empty, uses the built-in ; Default socket name for local MySQL connects. If empty, uses the built-in
; MySQL defaults. ; MySQL defaults.
; http://php.net/pdo_mysql.default-socket
pdo_mysql.default_socket= pdo_mysql.default_socket=
[Phar] [Phar]
@ -1002,12 +1043,12 @@ sendmail_path = /usr/sbin/sendmail -t -i
;mail.force_extra_parameters = ;mail.force_extra_parameters =
; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
mail.add_x_header = On mail.add_x_header = Off
; The path to a log file that will log all mail() calls. Log entries include ; The path to a log file that will log all mail() calls. Log entries include
; the full path of the script, line number, To address and headers. ; the full path of the script, line number, To address and headers.
;mail.log = ;mail.log =
; Log mail to syslog; ; Log mail to syslog (Event Log on Windows).
;mail.log = syslog ;mail.log = syslog
[ODBC] [ODBC]
@ -1051,39 +1092,6 @@ odbc.defaultlrl = 4096
; http://php.net/odbc.defaultbinmode ; http://php.net/odbc.defaultbinmode
odbc.defaultbinmode = 1 odbc.defaultbinmode = 1
;birdstep.max_links = -1
[Interbase]
; Allow or prevent persistent links.
ibase.allow_persistent = 1
; Maximum number of persistent links. -1 means no limit.
ibase.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
ibase.max_links = -1
; Default database name for ibase_connect().
;ibase.default_db =
; Default username for ibase_connect().
;ibase.default_user =
; Default password for ibase_connect().
;ibase.default_password =
; Default charset for ibase_connect().
;ibase.default_charset =
; Default timestamp format.
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
; Default date format.
ibase.dateformat = "%Y-%m-%d"
; Default time format.
ibase.timeformat = "%H:%M:%S"
[MySQLi] [MySQLi]
; Maximum number of persistent links. -1 means no limit. ; Maximum number of persistent links. -1 means no limit.
@ -1102,10 +1110,6 @@ mysqli.allow_persistent = On
; http://php.net/mysqli.max-links ; http://php.net/mysqli.max-links
mysqli.max_links = -1 mysqli.max_links = -1
; If mysqlnd is used: Number of cache slots for the internal result set cache
; http://php.net/mysqli.cache_size
mysqli.cache_size = 2000
; Default port number for mysqli_connect(). If unset, mysqli_connect() will use ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order). Win32 will only look ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
@ -1118,11 +1122,11 @@ mysqli.default_port = 3306
; http://php.net/mysqli.default-socket ; http://php.net/mysqli.default-socket
mysqli.default_socket = mysqli.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode). ; Default host for mysqli_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-host ; http://php.net/mysqli.default-host
mysqli.default_host = mysqli.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode). ; Default user for mysqli_connect() (doesn't apply in safe mode).
; http://php.net/mysqli.default-user ; http://php.net/mysqli.default-user
mysqli.default_user = mysqli.default_user =
@ -1140,12 +1144,10 @@ mysqli.reconnect = Off
[mysqlnd] [mysqlnd]
; Enable / Disable collection of general statistics by mysqlnd which can be ; Enable / Disable collection of general statistics by mysqlnd which can be
; used to tune and monitor MySQL operations. ; used to tune and monitor MySQL operations.
; http://php.net/mysqlnd.collect_statistics
mysqlnd.collect_statistics = On mysqlnd.collect_statistics = On
; Enable / Disable collection of memory usage statistics by mysqlnd which can be ; Enable / Disable collection of memory usage statistics by mysqlnd which can be
; used to tune and monitor MySQL operations. ; used to tune and monitor MySQL operations.
; http://php.net/mysqlnd.collect_memory_statistics
mysqlnd.collect_memory_statistics = Off mysqlnd.collect_memory_statistics = Off
; Records communication from all extensions using mysqlnd to the specified log ; Records communication from all extensions using mysqlnd to the specified log
@ -1154,29 +1156,23 @@ mysqlnd.collect_memory_statistics = Off
;mysqlnd.debug = ;mysqlnd.debug =
; Defines which queries will be logged. ; Defines which queries will be logged.
; http://php.net/mysqlnd.log_mask
;mysqlnd.log_mask = 0 ;mysqlnd.log_mask = 0
; Default size of the mysqlnd memory pool, which is used by result sets. ; Default size of the mysqlnd memory pool, which is used by result sets.
; http://php.net/mysqlnd.mempool_default_size
;mysqlnd.mempool_default_size = 16000 ;mysqlnd.mempool_default_size = 16000
; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
; http://php.net/mysqlnd.net_cmd_buffer_size
;mysqlnd.net_cmd_buffer_size = 2048 ;mysqlnd.net_cmd_buffer_size = 2048
; Size of a pre-allocated buffer used for reading data sent by the server in ; Size of a pre-allocated buffer used for reading data sent by the server in
; bytes. ; bytes.
; http://php.net/mysqlnd.net_read_buffer_size
;mysqlnd.net_read_buffer_size = 32768 ;mysqlnd.net_read_buffer_size = 32768
; Timeout for network requests in seconds. ; Timeout for network requests in seconds.
; http://php.net/mysqlnd.net_read_timeout
;mysqlnd.net_read_timeout = 31536000 ;mysqlnd.net_read_timeout = 31536000
; SHA-256 Authentication Plugin related. File with the MySQL server public RSA ; SHA-256 Authentication Plugin related. File with the MySQL server public RSA
; key. ; key.
; http://php.net/mysqlnd.sha256_server_public_key
;mysqlnd.sha256_server_public_key = ;mysqlnd.sha256_server_public_key =
[PostgreSQL] [PostgreSQL]
@ -1255,10 +1251,11 @@ session.save_handler = files
;session.save_path = "/tmp" ;session.save_path = "/tmp"
; Whether to use strict session mode. ; Whether to use strict session mode.
; Strict session mode does not accept uninitialized session ID and regenerate ; Strict session mode does not accept an uninitialized session ID, and
; session ID if browser sends uninitialized session ID. Strict mode protects ; regenerates the session ID if the browser sends an uninitialized session ID.
; applications from session fixation via session adoption vulnerability. It is ; Strict mode protects applications from session fixation via a session adoption
; disabled by default for maximum compatibility, but enabling it is encouraged. ; vulnerability. It is disabled by default for maximum compatibility, but
; enabling it is encouraged.
; https://wiki.php.net/rfc/strict_sessions ; https://wiki.php.net/rfc/strict_sessions
session.use_strict_mode = 0 session.use_strict_mode = 0
@ -1296,20 +1293,24 @@ session.cookie_path = /
; http://php.net/session.cookie-domain ; http://php.net/session.cookie-domain
session.cookie_domain = session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. ; Whether or not to add the httpOnly flag to the cookie, which makes it
; inaccessible to browser scripting languages such as JavaScript.
; http://php.net/session.cookie-httponly ; http://php.net/session.cookie-httponly
session.cookie_httponly = session.cookie_httponly =
; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
; Current valid values are "Strict", "Lax" or "None". When using "None",
; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
; https://tools.ietf.org/html/draft-west-first-party-cookies-07
session.cookie_samesite =
; Handler used to serialize data. php is the standard serializer of PHP. ; Handler used to serialize data. php is the standard serializer of PHP.
; http://php.net/session.serialize-handler ; http://php.net/session.serialize-handler
session.serialize_handler = php session.serialize_handler = php
; Defines the probability that the 'garbage collection' process is started ; Defines the probability that the 'garbage collection' process is started on every
; on every session initialization. The probability is calculated by using ; session initialization. The probability is calculated by using gc_probability/gc_divisor,
; gc_probability/gc_divisor. Where session.gc_probability is the numerator ; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
; and gc_divisor is the denominator in the equation. Setting this value to 1
; when the session.gc_divisor value is 100 will give you approximately a 1% chance
; the gc will run on any give request.
; Default Value: 1 ; Default Value: 1
; Development Value: 1 ; Development Value: 1
; Production Value: 1 ; Production Value: 1
@ -1317,13 +1318,9 @@ session.serialize_handler = php
session.gc_probability = 1 session.gc_probability = 1
; Defines the probability that the 'garbage collection' process is started on every ; Defines the probability that the 'garbage collection' process is started on every
; session initialization. The probability is calculated by using the following equation: ; session initialization. The probability is calculated by using gc_probability/gc_divisor,
; gc_probability/gc_divisor. Where session.gc_probability is the numerator and ; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
; session.gc_divisor is the denominator in the equation. Setting this value to 1 ; For high volume production servers, using a value of 1000 is a more efficient approach.
; when the session.gc_divisor value is 100 will give you approximately a 1% chance
; the gc will run on any give request. Increasing this value to 1000 will give you
; a 0.1% chance the gc will run on any give request. For high volume production servers,
; this is a more efficient approach.
; Default Value: 100 ; Default Value: 100
; Development Value: 1000 ; Development Value: 1000
; Production Value: 1000 ; Production Value: 1000
@ -1339,8 +1336,8 @@ session.gc_maxlifetime = 1440
; (see session.save_path above), then garbage collection does *not* ; (see session.save_path above), then garbage collection does *not*
; happen automatically. You will need to do your own garbage ; happen automatically. You will need to do your own garbage
; collection through a shell script, cron entry, or some other method. ; collection through a shell script, cron entry, or some other method.
; For example, the following script would is the equivalent of ; For example, the following script is the equivalent of setting
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): ; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
; find /path/to/sessions -cmin +24 -type f | xargs rm ; find /path/to/sessions -cmin +24 -type f | xargs rm
; Check HTTP Referer to invalidate externally stored URLs containing ids. ; Check HTTP Referer to invalidate externally stored URLs containing ids.
@ -1373,7 +1370,7 @@ session.use_trans_sid = 0
; Set session ID character length. This value could be between 22 to 256. ; Set session ID character length. This value could be between 22 to 256.
; Shorter length than default is supported only for compatibility reason. ; Shorter length than default is supported only for compatibility reason.
; Users should use 32 or more chars. ; Users should use 32 or more chars.
; http://php.net/session.sid_length ; http://php.net/session.sid-length
; Default Value: 32 ; Default Value: 32
; Development Value: 26 ; Development Value: 26
; Production Value: 26 ; Production Value: 26
@ -1392,7 +1389,7 @@ session.sid_length = 26
session.trans_sid_tags = "a=href,area=href,frame=src,form=" session.trans_sid_tags = "a=href,area=href,frame=src,form="
; URL rewriter does not rewrite absolute URLs by default. ; URL rewriter does not rewrite absolute URLs by default.
; To enable rewrites for absolute pathes, target hosts must be specified ; To enable rewrites for absolute paths, target hosts must be specified
; at RUNTIME. i.e. use ini_set() ; at RUNTIME. i.e. use ini_set()
; <form> tags is special. PHP will check action attribute's URL regardless ; <form> tags is special. PHP will check action attribute's URL regardless
; of session.trans_sid_tags setting. ; of session.trans_sid_tags setting.
@ -1481,7 +1478,7 @@ zend.assertions = -1
; http://php.net/assert.active ; http://php.net/assert.active
;assert.active = On ;assert.active = On
; Throw an AssertationException on failed assertions ; Throw an AssertionError on failed assertions
; http://php.net/assert.exception ; http://php.net/assert.exception
;assert.exception = On ;assert.exception = On
@ -1497,11 +1494,6 @@ zend.assertions = -1
; http://php.net/assert.callback ; http://php.net/assert.callback
;assert.callback = 0 ;assert.callback = 0
; Eval the expression with current error_reporting(). Set to true if you want
; error_reporting(0) around the eval().
; http://php.net/assert.quiet-eval
;assert.quiet_eval = 0
[mbstring] [mbstring]
; language for internal character representation. ; language for internal character representation.
; This affects mb_send_mail() and mbstring.detect_order. ; This affects mb_send_mail() and mbstring.detect_order.
@ -1517,9 +1509,9 @@ zend.assertions = -1
; Use of this INI entry is deprecated, use global input_encoding instead. ; Use of this INI entry is deprecated, use global input_encoding instead.
; http input encoding. ; http input encoding.
; mbstring.encoding_traslation = On is needed to use this setting. ; mbstring.encoding_translation = On is needed to use this setting.
; If empty, default_charset or input_encoding or mbstring.input is used. ; If empty, default_charset or input_encoding or mbstring.input is used.
; The precedence is: default_charset < intput_encoding < mbsting.http_input ; The precedence is: default_charset < input_encoding < mbstring.http_input
; http://php.net/mbstring.http-input ; http://php.net/mbstring.http-input
;mbstring.http_input = ;mbstring.http_input =
@ -1551,26 +1543,22 @@ zend.assertions = -1
; http://php.net/mbstring.substitute-character ; http://php.net/mbstring.substitute-character
;mbstring.substitute_character = none ;mbstring.substitute_character = none
; overload(replace) single byte functions by mbstring functions. ; Enable strict encoding detection.
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), ;mbstring.strict_detection = Off
; etc. Possible values are 0,1,2,4 or combination of them.
; For example, 7 for overload everything.
; 0: No overload
; 1: Overload mail() function
; 2: Overload str*() functions
; 4: Overload ereg*() functions
; http://php.net/mbstring.func-overload
;mbstring.func_overload = 0
; enable strict encoding detection.
; Default: Off
;mbstring.strict_detection = On
; This directive specifies the regex pattern of content types for which mb_output_handler() ; This directive specifies the regex pattern of content types for which mb_output_handler()
; is activated. ; is activated.
; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) ; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
;mbstring.http_output_conv_mimetype= ;mbstring.http_output_conv_mimetype=
; This directive specifies maximum stack depth for mbstring regular expressions. It is similar
; to the pcre.recursion_limit for PCRE.
;mbstring.regex_stack_limit=100000
; This directive specifies maximum retry count for mbstring regular expressions. It is similar
; to the pcre.backtrack_limit for PCRE.
;mbstring.regex_retry_limit=1000000
[gd] [gd]
; Tell the jpeg decode to ignore warnings and try to create ; Tell the jpeg decode to ignore warnings and try to create
; a gd image. The warning will then be displayed as notices ; a gd image. The warning will then be displayed as notices
@ -1645,6 +1633,9 @@ ldap.max_links = -1
[dba] [dba]
;dba.default_handler= ;dba.default_handler=
[opcache]
; see /etc/php.d/10-opcache.ini
[curl] [curl]
; A default value for the CURLOPT_CAINFO option. This is required to be an ; A default value for the CURLOPT_CAINFO option. This is required to be an
; absolute path. ; absolute path.
@ -1668,6 +1659,5 @@ ldap.max_links = -1
; SSL stream context option. ; SSL stream context option.
;openssl.capath= ;openssl.capath=
; Local Variables: [ffi]
; tab-width: 4 ; see /etc/php.d/20-ffi.ini
; End:

View File

@ -3,10 +3,11 @@
# easy for developers to write dynamically generated webpages. # easy for developers to write dynamically generated webpages.
# #
# Cannot load both php5 and php7 modules # Cannot load both php5, php7 and php modules
<IfModule !mod_php5.c> <IfModule !mod_php5.c>
<IfModule !mod_php7.c>
<IfModule prefork.c> <IfModule prefork.c>
LoadModule php7_module modules/libphp7.so LoadModule php_module modules/libphp.so
</IfModule>
</IfModule> </IfModule>
</IfModule> </IfModule>

View File

@ -1,7 +0,0 @@
<IfModule !mod_php5.c>
<IfModule !prefork.c>
# ZTS module is not supported, so FPM is preferred
# LoadModule php7_module modules/libphp7-zts.so
</IfModule>
</IfModule>

File diff suppressed because it is too large Load Diff