Merge branch 'PHP-5.6' into PHP-7.0

* PHP-5.6:
  Fixed Bug #71038 session_start() returns TRUE on failure

diff --cc ext/session/session.c
index 52ba7e300ab41e14f87672261ae46689ea2975f1,dae1d8ae533c176281ec7a4896e2dc1efa923c2b..f5a399b75f55277cf4555e7f2857b9ab251c462f
--- 1/ext/session/session.c
--- 2/ext/session/session.c
+++ b/ext/session/session.c
@@@ -94,14 -86,12 +94,15 @@@ zend_class_entry *php_session_update_ti
                return FAILURE; \
        }
  
 -static void php_session_send_cookie(TSRMLS_D);
 -static void php_session_abort(TSRMLS_D);
 +#define APPLY_TRANS_SID (PS(use_trans_sid) && !PS(use_only_cookies))
 +
 +static void php_session_send_cookie(void);
++static void php_session_abort(void);
  
  /* Dispatched by RINIT and by php_session_destroy */
 -static inline void php_rinit_session_globals(TSRMLS_D) /* {{{ */
 +static inline void php_rinit_session_globals(void) /* {{{ */
  {
 +      /* Do NOT init PS(mod_user_names) here! */
        PS(id) = NULL;
        PS(session_status) = php_session_none;
        PS(mod_data) = NULL;
@@@ -499,72 -491,71 +500,76 @@@ static void php_session_gc(void) /* {{
  } /* }}} */
  
  
 -static void php_session_initialize(TSRMLS_D) /* {{{ */
 +static void php_session_initialize(void) /* {{{ */
  {
 -      char *val = NULL;
 -      int vallen;
 +      zend_string *val = NULL;
  
+       PS(session_status) = php_session_active;
+ 
        if (!PS(mod)) {
 -              php_error_docref(NULL TSRMLS_CC, E_ERROR, "No storage module chosen - failed to initialize session");
+               PS(session_status) = php_session_disabled;
 +              php_error_docref(NULL, E_ERROR, "No storage module chosen - failed to initialize session");
                return;
        }
  
        /* Open session handler first */
 -      if (PS(mod)->s_open(&PS(mod_data), PS(save_path), PS(session_name) TSRMLS_CC) == FAILURE) {
 -              php_session_abort(TSRMLS_C);
 -              php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path));
 +      if (PS(mod)->s_open(&PS(mod_data), PS(save_path), PS(session_name)) == FAILURE
 +              /* || PS(mod_data) == NULL */ /* FIXME: open must set valid PS(mod_data) with success */
 +      ) {
++              php_session_abort();
 +              php_error_docref(NULL, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path));
                return;
        }
  
        /* If there is no ID, use session module to create one */
        if (!PS(id)) {
 -              PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
 +              PS(id) = PS(mod)->s_create_sid(&PS(mod_data));
                if (!PS(id)) {
 -                      php_session_abort(TSRMLS_C);
 -                      php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path));
++                      php_session_abort();
 +                      php_error_docref(NULL, E_ERROR, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path));
                        return;
                }
                if (PS(use_cookies)) {
                        PS(send_cookie) = 1;
                }
 +      } else if (PS(use_strict_mode) && PS(mod)->s_validate_sid &&
 +              PS(mod)->s_validate_sid(&PS(mod_data), PS(id)) == FAILURE) {
 +              if (PS(id)) {
 +                      zend_string_release(PS(id));
 +              }
 +              PS(id) = PS(mod)->s_create_sid(&PS(mod_data));
 +              if (!PS(id)) {
 +                      PS(id) = php_session_create_id(NULL);
 +              }
 +              if (PS(use_cookies)) {
 +                      PS(send_cookie) = 1;
 +              }
        }
  
 -      /* Set session ID for compatibility for older/3rd party save handlers */
 -      if (!PS(use_strict_mode)) {
 -              php_session_reset_id(TSRMLS_C);
 -      }
 +      php_session_reset_id();
-       PS(session_status) = php_session_active;
  
        /* GC must be done before read */
 -      php_session_gc(TSRMLS_C);
 +      php_session_gc();
  
        /* Read data */
 -      php_session_track_init(TSRMLS_C);
 -      if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == FAILURE) {
 -              /* php_session_abort(TSRMLS_C); */
 +      php_session_track_init();
 +      if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) {
++              php_session_abort();
                /* Some broken save handler implementation returns FAILURE for non-existent session ID */
                /* It's better to raise error for this, but disabled error for better compatibility */
-               /*
-               php_error_docref(NULL, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
-               */
 -              /* php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); */
 -              /* return; */
++              php_error_docref(NULL, E_WARNING, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
++              return;
        }
 -      /* Set session ID if session read didn't activated session */
 -      if (PS(use_strict_mode) && PS(session_status) == php_session_none) {
 -              php_session_reset_id(TSRMLS_C);
 -              PS(session_status) = php_session_active;
 +      if (PS(session_vars)) {
 +              zend_string_release(PS(session_vars));
 +              PS(session_vars) = NULL;
        }
        if (val) {
 -              php_session_decode(val, vallen TSRMLS_CC);
 -              str_efree(val);
 -      }
 -
 -      if (!PS(use_cookies) && PS(send_cookie)) {
 -              if (PS(use_trans_sid) && !PS(use_only_cookies)) {
 -                      PS(apply_trans_sid) = 1;
 +              if (PS(lazy_write)) {
 +                      PS(session_vars) = zend_string_copy(val);
                }
 -              PS(send_cookie) = 0;
 +              php_session_decode(val);
 +              zend_string_release(val);
        }
  }
  /* }}} */
@@@ -1288,15 -1285,17 +1293,17 @@@ static int php_session_cache_limiter(vo
        php_session_cache_limiter_t *lim;
  
        if (PS(cache_limiter)[0] == '\0') return 0;
+       if (PS(session_status) != php_session_active) return -1;
  
        if (SG(headers_sent)) {
 -              const char *output_start_filename = php_output_get_start_filename(TSRMLS_C);
 -              int output_start_lineno = php_output_get_start_lineno(TSRMLS_C);
 +              const char *output_start_filename = php_output_get_start_filename();
 +              int output_start_lineno = php_output_get_start_lineno();
  
 -              PS(session_status) = php_session_none;
++              php_session_abort();
                if (output_start_filename) {
 -                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent (output started at %s:%d)", output_start_filename, output_start_lineno);
 +                      php_error_docref(NULL, E_WARNING, "Cannot send session cache limiter - headers already sent (output started at %s:%d)", output_start_filename, output_start_lineno);
                } else {
 -                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent");
 +                      php_error_docref(NULL, E_WARNING, "Cannot send session cache limiter - headers already sent");
                }
                return -2;
        }

diff --cc ext/session/tests/016.phpt
index 82a85d270548d89b4402a67b030a90a6997c64fb,82a85d270548d89b4402a67b030a90a6997c64fb..f23605eb4794142d2f02e4eec325a0f3d7890616
--- 1/ext/session/tests/016.phpt
--- 2/ext/session/tests/016.phpt
+++ b/ext/session/tests/016.phpt
@@@ -22,5 -22,5 +22,5 @@@ session_write_close()
  print "I live\n";
  ?>
  --EXPECTF--
--Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (123;:/really%scompletely:::/invalid;;,23123;213) in %s on line %d
++Warning: session_start(): Failed to read session data: files (path: 123;:/really%scompletely:::/invalid;;,23123;213) in %s on line %d
  I live

diff --cc ext/session/tests/bug71186.phpt
index 0000000000000000000000000000000000000000,0000000000000000000000000000000000000000..5eeba6035f43ee9f1bb3fc298268bd9faddc335d
new file mode 100644 (file)
--- /dev/null
--- /dev/null
+++ b/ext/session/tests/bug71186.phpt
@@@ -1,0 -1,0 +1,32 @@@
++--TEST--
++Bug #71186 session.hash_function - algorithm changes
++--SKIPIF--
++<?php include('skipif.inc'); ?>
++--INI--
++session.hash_function=sha512
++session.save_handler=files
++--FILE--
++<?php
++ob_start();
++ini_set('session.use_strict_mode', 1);
++
++session_start();
++$orig = session_id();
++session_regenerate_id();
++$new = session_id();
++var_dump(strlen($orig),strlen($new));
++session_commit();
++
++ini_set('session.hash_function','sha1');
++session_id('invalid');
++session_start();
++$orig = session_id();
++session_regenerate_id();
++$new = session_id();
++var_dump(strlen($orig),strlen($new));
++?>
++--EXPECT--
++int(128)
++int(128)
++int(40)
++int(40)

diff --cc ext/session/tests/rfc1867_sid_invalid.phpt
index 4dd8f1f9799236a7a9932e77f7f982fde2753a34,4dd8f1f9799236a7a9932e77f7f982fde2753a34..a9114e3e1d5bd46f7f0d7d16439e0b77980d13cb
--- 1/ext/session/tests/rfc1867_sid_invalid.phpt
--- 2/ext/session/tests/rfc1867_sid_invalid.phpt
+++ b/ext/session/tests/rfc1867_sid_invalid.phpt
@@@ -47,13 -47,13 +47,13 @@@ session_destroy()
  --EXPECTF--
  Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
  
--Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
++Warning: Unknown: Failed to read session data: files (path: ) in Unknown on line 0
  
  Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0
  
  Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
  
--Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
++Warning: Unknown: Failed to read session data: files (path: ) in Unknown on line 0
  
  Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0
  string(%d) "%s"

diff --cc ext/session/tests/session_save_path_variation2.phpt
index 4cf44b75a443e594e329c34a1d4220cd2a0320da,4cf44b75a443e594e329c34a1d4220cd2a0320da..60675aec3c84e1a718c494aef5a020315070956b
--- 1/ext/session/tests/session_save_path_variation2.phpt
--- 2/ext/session/tests/session_save_path_variation2.phpt
+++ b/ext/session/tests/session_save_path_variation2.phpt
@@@ -33,8 -33,8 +33,12 @@@ ob_end_flush()
  string(5) "/blah"
  
  Warning: session_start(): open(%sblah%e%s, O_RDWR) failed: No such file or directory (2) in %s on line %d
--bool(true)
++
++Warning: session_start(): Failed to read session data: files (path: %sblah) in %s on line %d
++bool(false)
  string(5) "/blah"
--bool(true)
++
++Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d
++bool(false)
  string(5) "/blah"
  Done

diff --cc ext/session/tests/session_save_path_variation3.phpt
index b064f30183dbf7a9fa2882650a53d10010a51bd1,b064f30183dbf7a9fa2882650a53d10010a51bd1..1d290d95b33ebc8080a9891c169deefa2237060d
--- 1/ext/session/tests/session_save_path_variation3.phpt
--- 2/ext/session/tests/session_save_path_variation3.phpt
+++ b/ext/session/tests/session_save_path_variation3.phpt
@@@ -33,8 -33,8 +33,12 @@@ ob_end_flush()
  string(5) "/blah"
  
  Warning: session_start(): open(%s, O_RDWR) failed: No such file or directory (2) in %s on line %d
--bool(true)
++
++Warning: session_start(): Failed to read session data: files (path: %sblah) in %s on line %d
++bool(false)
  string(5) "/blah"
--bool(true)
++
++Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d
++bool(false)
  string(5) "/blah"
  Done

diff --cc ext/session/tests/session_set_save_handler_class_002.phpt
index b75a7e63908982b05d4fa4a22755291ac0feb57e,6fb831f6957a16ca638f3de74057d6d513ddb501..880bc33425fdd70cad29901673a6342906d18d3e
--- 1/ext/session/tests/session_set_save_handler_class_002.phpt
--- 2/ext/session/tests/session_set_save_handler_class_002.phpt
+++ b/ext/session/tests/session_set_save_handler_class_002.phpt
@@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle
        }
  
        public function read($id) {
--              return @file_get_contents($this->path . $id);
++              return (string)@file_get_contents($this->path . $id);
        }
  
        public function write($id, $data) {

diff --cc ext/session/tests/session_set_save_handler_class_005.phpt
index 5be735306ac6a8b6092c576afb788d8c5ed856c3,c74c81de1dbc8da8d792fbfd86098fa377e5d921..1b8c1ce645ebdc2e4e8cd432df8ea5c8e94ffccc
--- 1/ext/session/tests/session_set_save_handler_class_005.phpt
--- 2/ext/session/tests/session_set_save_handler_class_005.phpt
+++ b/ext/session/tests/session_set_save_handler_class_005.phpt
@@@ -33,7 -33,7 +33,7 @@@ class MySession6 extends SessionHandle
  
  $handler = new MySession6;
  session_set_save_handler($handler);
--session_start();
++var_dump(session_start());
  
  var_dump(session_id(), ini_get('session.save_handler'), $_SESSION);
  
@@@ -45,13 -45,11 +45,12 @@@ session_unset()
  *** Testing session_set_save_handler() : incomplete implementation ***
  
  Warning: SessionHandler::read(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d
++
++Warning: SessionHandler::close(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d
++
++Warning: session_start(): Failed to read session data: user (%s) in %ssession_set_save_handler_class_005.php on line %d
++bool(false)
  string(%d) "%s"
  string(4) "user"
  array(0) {
  }
--
--Warning: SessionHandler::write(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d
- 
- Warning: session_write_close(): Failed to write session data %s in %ssession_set_save_handler_class_005.php on line %d
--
--Warning: SessionHandler::close(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d

diff --cc ext/session/tests/session_set_save_handler_class_012.phpt
index 91e751bdfc172a25d0cc46e24e35cd186f56cd64,3899d28816e19856d9c4030a173b017235fd9798..0ce03f865e4c1716d7a2f8e8ffb625fa5012bc8c
--- 1/ext/session/tests/session_set_save_handler_class_012.phpt
--- 2/ext/session/tests/session_set_save_handler_class_012.phpt
+++ b/ext/session/tests/session_set_save_handler_class_012.phpt
@@@ -38,7 -36,7 +38,7 @@@ class MySession extends SessionHandler 
  $oldHandler = ini_get('session.save_handler');
  $handler = new MySession;
  session_set_save_handler($handler);
--session_start();
++var_dump(session_start());
  
  var_dump(session_id(), $oldHandler, ini_get('session.save_handler'), $handler->i, $_SESSION);
  
@@@ -50,15 -48,13 +50,14 @@@ Warning: SessionHandler::open() expect
  Read %s
  
  Warning: SessionHandler::read(): Parent session handler is not open in %s on line %d
++
++Warning: SessionHandler::close(): Parent session handler is not open in %s on line %d
++
++Warning: session_start(): Failed to read session data: user (%s) in %s on line %d
++bool(false)
  string(%d) "%s"
  string(5) "files"
  string(4) "user"
  int(2)
  array(0) {
  }
- 
- Warning: SessionHandler::write(): Parent session handler is not open in Unknown on line 0
--
- Warning: session_write_close(): Failed to write session data %s in %s on line %d
 -Warning: Unknown: Parent session handler is not open in Unknown on line 0
--
- Warning: SessionHandler::close(): Parent session handler is not open in Unknown on line 0
 -Warning: Unknown: Parent session handler is not open in Unknown on line 0

diff --cc ext/session/tests/session_set_save_handler_class_016.phpt
index 521bd86f31845380106f39291ceb5aa131eaa175,2de03c0682e56d59520e820a962fa3d28eccaf24..4095813c9d8d2e9d74091807c98ab27d257a17b2
--- 1/ext/session/tests/session_set_save_handler_class_016.phpt
--- 2/ext/session/tests/session_set_save_handler_class_016.phpt
+++ b/ext/session/tests/session_set_save_handler_class_016.phpt
@@@ -10,10 -10,10 +10,10 @@@ session.name=PHPSESSI
  
  ob_start();
  
--/* 
++/*
   * Prototype : bool session_set_save_handler(SessionHandlerInterface $handler [, bool $register_shutdown_function = true])
   * Description : Sets user-level session storage functions
-- * Source code : ext/session/session.c 
++ * Source code : ext/session/session.c
   */
  
  echo "*** Testing session_set_save_handler() function: class with create_sid ***\n";
@@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle
        }
  
        public function read($id) {
--              return @file_get_contents($this->path . $id);
++              return (string)@file_get_contents($this->path . $id);
        }
  
        public function write($id, $data) {

diff --cc ext/session/tests/session_set_save_handler_class_017.phpt
index 6f42d7809adec51455ee9179a233ebae3d681022,756dc55d030418e78a0600a71b3513605e5696ea..b8e7d7a7ad0033a40dbafba5d59e5552e1bea589
--- 1/ext/session/tests/session_set_save_handler_class_017.phpt
--- 2/ext/session/tests/session_set_save_handler_class_017.phpt
+++ b/ext/session/tests/session_set_save_handler_class_017.phpt
@@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle
        }
  
        public function read($id) {
--              return @file_get_contents($this->path . $id);
++              return (string)@file_get_contents($this->path . $id);
        }
  
        public function write($id, $data) {

diff --cc ext/session/tests/session_set_save_handler_error4.phpt
index be3429b084240b864f7246e09c32d96c7826f0d6,d286f07d99d7ff411061fbce8690ac98678c34b2..4267195ee15e2d15a2b58fe515e9afce6f18e4f9
--- 1/ext/session/tests/session_set_save_handler_error4.phpt
--- 2/ext/session/tests/session_set_save_handler_error4.phpt
+++ b/ext/session/tests/session_set_save_handler_error4.phpt
@@@ -24,7 -24,7 +24,7 @@@ session_set_save_handler("callback", "c
  session_set_save_handler("callback", "callback", "callback", "callback", "echo", "callback");
  session_set_save_handler("callback", "callback", "callback", "callback", "callback", "echo");
  session_set_save_handler("callback", "callback", "callback", "callback", "callback", "callback");
--session_start();
++var_dump(session_start());
  ob_end_flush();
  ?>
  --EXPECTF--
@@@ -39,3 -39,3 +39,6 @@@ Warning: session_set_save_handler(): Ar
  Warning: session_set_save_handler(): Argument 5 is not a valid callback in %s on line %d
  
  Warning: session_set_save_handler(): Argument 6 is not a valid callback in %s on line %d
++
++Warning: session_start(): Failed to read session data: user (%s) in %s on line %d
++bool(false)

diff --cc ext/session/tests/session_set_save_handler_iface_001.phpt
index 03ee42865c093cb425dbc67fa5511ebbb9a99056,39a4b9975b58966e99596d49fa431b7b1d331878..6943d59cbec931a17de650a43ca0b65fd1811a67
--- 1/ext/session/tests/session_set_save_handler_iface_001.phpt
--- 2/ext/session/tests/session_set_save_handler_iface_001.phpt
+++ b/ext/session/tests/session_set_save_handler_iface_001.phpt
@@@ -34,7 -34,7 +34,7 @@@ class MySession2 implements SessionHand
        }
  
        public function read($id) {
--              return @file_get_contents($this->path . $id);
++              return (string)@file_get_contents($this->path . $id);
        }
  
        public function write($id, $data) {

diff --cc ext/session/tests/session_set_save_handler_iface_002.phpt
index 40c9ac68257969ad63d641df412be43cd9313263,40c9ac68257969ad63d641df412be43cd9313263..204d88c785bb19c816575e80e490a651f76687dc
--- 1/ext/session/tests/session_set_save_handler_iface_002.phpt
--- 2/ext/session/tests/session_set_save_handler_iface_002.phpt
+++ b/ext/session/tests/session_set_save_handler_iface_002.phpt
@@@ -43,7 -43,7 +43,7 @@@ class MySession2 implements MySessionHa
        }
  
        public function read($id) {
--              return @file_get_contents($this->path . $id);
++              return (string)@file_get_contents($this->path . $id);
        }
  
        public function write($id, $data) {