From: Joe Watkins <krakjoe@php.net>
Date: Thu, 3 Oct 2019 05:12:49 +0000 (+0200)
Subject: Merge branch 'PHP-7.3' into PHP-7.4
X-Git-Tag: php-7.4.0RC4~66
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5a8e7b95a16e0e8349fbe3d4fba1990d09f139e5;p=php

Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug #76809 (SSL settings aren't respected when persistent connection is reused)
---

5a8e7b95a16e0e8349fbe3d4fba1990d09f139e5
diff --cc NEWS
index 06cd74d5a8,58a236345b..38f7a9fddc
--- a/NEWS
+++ b/NEWS
@@@ -1,30 -1,18 +1,34 @@@
  PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 -?? ??? ????, PHP 7.3.11
 +?? ??? ????, PHP 7.4.0RC4
 +
 +- Pcntl:
 +  . Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
 +    (Nikita)
 +
++- MySQLi:
++  . Fixed bug #76809 (SSL settings aren't respected when persistent connections 
++    are used). (fabiomsouto)
++
 +- SimpleXML:
 +  . Fixed bug #75245 (Don't set content of elements with only whitespaces). 
 +    (eriklundin)
 +
 +- Standard:
 +  . Fixed bug #76859 (stream_get_line skips data if used with data-generating 
 +    filter). (kkopachev)
 +
 +03 Oct 2019, PHP 7.4.0RC3
  
  - Core:
 -  . Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
 -    (bugreportuser)
 +  . Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php with
 +    short_open_tag=0). (Nikita)
  
 -- Exif :
 -  . Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
 -	(Kalle)
 +- FFI:
 +  . Fixed bug #78543 (is_callable() on FFI\CData throws Exception). (cmb)
  
 -- FPM:
 -  . Fixed bug #78413 (request_terminate_timeout does not take effect after
 -    fastcgi_finish_request). (Sergei Turchanov)
 +- GMP:
 +  . Fixed bug #78574 (broken shared build). (Remi)
  
  - MBString:
    . Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
diff --cc ext/mysqli/mysqli_nonapi.c
index 2f272935b3,0f5714bf21..ef20f98019
--- a/ext/mysqli/mysqli_nonapi.c
+++ b/ext/mysqli/mysqli_nonapi.c
@@@ -54,11 -54,12 +54,13 @@@ void mysqli_common_connect(INTERNAL_FUN
  	MY_MYSQL			*mysql = NULL;
  	MYSQLI_RESOURCE		*mysqli_resource = NULL;
  	zval				*object = getThis();
- 	char				*hostname = NULL, *username=NULL, *passwd=NULL, *dbname=NULL, *socket=NULL;
- 	size_t					hostname_len = 0, username_len = 0, passwd_len = 0, dbname_len = 0, socket_len = 0;
- 	zend_bool			persistent = FALSE;
- 	zend_long				port = 0, flags = 0;
- 	zend_bool port_is_null = 1;
+ 	char				*hostname = NULL, *username=NULL, *passwd=NULL, *dbname=NULL, *socket=NULL,
+ 						*ssl_key = NULL, *ssl_cert = NULL, *ssl_ca = NULL, *ssl_capath = NULL,
+ 						*ssl_cipher = NULL;
+ 	size_t				hostname_len = 0, username_len = 0, passwd_len = 0, dbname_len = 0, socket_len = 0;
+ 	zend_bool			persistent = FALSE, ssl = FALSE;
+ 	zend_long			port = 0, flags = 0;
++	zend_bool           port_is_null = 1;
  	zend_string			*hash_key = NULL;
  	zend_bool			new_connection = FALSE;
  	zend_resource		*le;
@@@ -188,6 -184,33 +190,33 @@@
  
  								goto end;
  							} else {
+ #ifdef MYSQLI_USE_MYSQLND
+ 								if (mysql->mysql->data->vio->data->ssl) {
+ 									/* copy over pre-existing ssl settings so we can reuse them when reconnecting */
+ 									ssl = TRUE;
+ 
 -									ssl_key = my_estrdup(mysql->mysql->data->vio->data->options.ssl_key);
 -									ssl_cert = my_estrdup(mysql->mysql->data->vio->data->options.ssl_cert);
 -									ssl_ca = my_estrdup(mysql->mysql->data->vio->data->options.ssl_ca);
 -									ssl_capath = my_estrdup(mysql->mysql->data->vio->data->options.ssl_capath);
 -									ssl_cipher = my_estrdup(mysql->mysql->data->vio->data->options.ssl_cipher);
++									ssl_key = mysql->mysql->data->vio->data->options.ssl_key ? estrdup(mysql->mysql->data->vio->data->options.ssl_key) : NULL;
++									ssl_cert = mysql->mysql->data->vio->data->options.ssl_cert ? estrdup(mysql->mysql->data->vio->data->options.ssl_cert) : NULL;
++									ssl_ca = mysql->mysql->data->vio->data->options.ssl_ca ? estrdup(mysql->mysql->data->vio->data->options.ssl_ca) : NULL;
++									ssl_capath = mysql->mysql->data->vio->data->options.ssl_capath ? estrdup(mysql->mysql->data->vio->data->options.ssl_capath) : NULL;
++									ssl_cipher = mysql->mysql->data->vio->data->options.ssl_cipher ? estrdup(mysql->mysql->data->vio->data->options.ssl_cipher) : NULL;
+ 								}
+ #else
+ 								if (mysql->mysql->options.ssl_key
+ 										|| mysql->mysql->options.ssl_cert
+ 										|| mysql->mysql->options.ssl_ca
+ 										|| mysql->mysql->options.ssl_capath
+ 										|| mysql->mysql->options.ssl_cipher) {
+ 									/* copy over pre-existing ssl settings so we can reuse them when reconnecting */
+ 									ssl = TRUE;
+ 
 -									ssl_key = my_estrdup(mysql->mysql->options.ssl_key);
 -									ssl_cert = my_estrdup(mysql->mysql->options.ssl_cert);
 -									ssl_ca = my_estrdup(mysql->mysql->options.ssl_ca);
 -									ssl_capath = my_estrdup(mysql->mysql->options.ssl_capath);
 -									ssl_cipher = my_estrdup(mysql->mysql->options.ssl_cipher);
++									ssl_key = mysql->mysql->options.ssl_key ? estrdup(mysql->mysql->options.ssl_key) : NULL;
++									ssl_cert = mysql->mysql->options.ssl_cert ? estrdup(mysql->mysql->options.ssl_cert) : NULL;
++									ssl_ca = mysql->mysql->options.ssl_ca ? estrdup(mysql->mysql->options.ssl_ca) : NULL;
++									ssl_capath = mysql->mysql->options.ssl_capath ? estrdup(mysql->mysql->options.ssl_capath) : NULL;
++									ssl_cipher = mysql->mysql->options.ssl_cipher ? estrdup(mysql->mysql->options.ssl_cipher) : NULL;
+ 								}
+ #endif
  								mysqli_close(mysql->mysql, MYSQLI_CLOSE_IMPLICIT);
  								mysql->mysql = NULL;
  							}
@@@ -229,8 -261,28 +258,56 @@@
  	/* BC for prior to bug fix #53425 */
  	flags |= CLIENT_MULTI_RESULTS;
  
+ 	if (ssl) {
+ 		/* if we're here, this means previous conn was ssl, repopulate settings */
+ 		mysql_ssl_set(mysql->mysql, ssl_key, ssl_cert, ssl_ca, ssl_capath, ssl_cipher);
+ 
 -		my_efree(ssl_key);
 -		my_efree(ssl_cert);
 -		my_efree(ssl_ca);
 -		my_efree(ssl_capath);
 -		my_efree(ssl_cipher);
++		if (ssl_key) {
++		    efree(ssl_key);
++		}
++
++		if (ssl_cert) {
++		    efree(ssl_cert);
++		}
++
++		if (ssl_ca) {
++		    efree(ssl_ca);
++		}
++
++		if (ssl_capath) {
++		    efree(ssl_capath);
++		}
++
++		if (ssl_cipher) {
++		    efree(ssl_cipher);
++		}
+ 	}
  	if (mysql_real_connect(mysql->mysql, hostname, username, passwd, dbname, port, socket, flags) == NULL)
  #else
+ 	if (ssl) {
+ 		/* if we're here, this means previous conn was ssl, repopulate settings */
+ 		mysql_ssl_set(mysql->mysql, ssl_key, ssl_cert, ssl_ca, ssl_capath, ssl_cipher);
+ 
 -		my_efree(ssl_key);
 -		my_efree(ssl_cert);
 -		my_efree(ssl_ca);
 -		my_efree(ssl_capath);
 -		my_efree(ssl_cipher);
++		if (ssl_key) {
++		    efree(ssl_key);
++		}
++
++		if (ssl_cert) {
++		    efree(ssl_cert);
++		}
++
++		if (ssl_ca) {
++		    efree(ssl_ca);
++		}
++
++		if (ssl_capath) {
++		    efree(ssl_capath);
++		}
++
++		if (ssl_cipher) {
++		    efree(ssl_cipher);
++		}
+ 	}
  	if (mysqlnd_connect(mysql->mysql, hostname, username, passwd, passwd_len, dbname, dbname_len,
  						port, socket, flags, MYSQLND_CLIENT_KNOWS_RSET_COPY_DATA) == NULL)
  #endif