From: Nikita Popov Date: Wed, 10 Sep 2014 16:06:21 +0000 (+0200) Subject: Remove xsl.security_prefs ini option X-Git-Tag: PRE_PHP7_NSAPI_REMOVAL~739 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a81e65a5018a04379914c605f7a9c69ac8941600;p=php Remove xsl.security_prefs ini option Conflicts: ext/xsl/php_xsl.c ext/xsl/xsltprocessor.c --- diff --git a/NEWS b/NEWS index d0d16b8e91..3cf7c96314 100644 --- a/NEWS +++ b/NEWS @@ -169,5 +169,6 @@ - XSL: . Fixed bug #64776 (The XSLT extension is not thread safe). (Mike) + . Removed xsl.security_prefs ini option. (Nikita) <<< NOTE: Insert NEWS from last stable release here prior to actual release! >>> diff --git a/UPGRADING b/UPGRADING index 3e6c550143..3291e0cb31 100644 --- a/UPGRADING +++ b/UPGRADING @@ -395,6 +395,10 @@ Other - Stream: . Removed set_socket_blocking() in favor of its alias stream_set_blocking(). +- XSL: + . Removed xsl.security_prefs ini option. Use XsltProcessor::setSecurityPrefs() + instead. + ======================================== 2. New Features ======================================== diff --git a/ext/xsl/php_xsl.c b/ext/xsl/php_xsl.c index 793c0fc6db..d89b4cbd33 100644 --- a/ext/xsl/php_xsl.c +++ b/ext/xsl/php_xsl.c @@ -129,13 +129,6 @@ zend_object *xsl_objects_new(zend_class_entry *class_type) } /* }}} */ -PHP_INI_BEGIN() -/* Default is not allowing any write operations. - XSL_SECPREF_CREATE_DIRECTORY | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_WRITE_FILE == 44 -*/ -PHP_INI_ENTRY("xsl.security_prefs", "44", PHP_INI_ALL, NULL) -PHP_INI_END() - /* {{{ PHP_MINIT_FUNCTION */ PHP_MINIT_FUNCTION(xsl) @@ -181,8 +174,6 @@ PHP_MINIT_FUNCTION(xsl) REGISTER_STRING_CONSTANT("LIBEXSLT_DOTTED_VERSION", LIBEXSLT_DOTTED_VERSION, CONST_CS | CONST_PERSISTENT); #endif - REGISTER_INI_ENTRIES(); - return SUCCESS; } /* }}} */ @@ -260,8 +251,6 @@ PHP_MSHUTDOWN_FUNCTION(xsl) xsltSetGenericErrorFunc(NULL, NULL); xsltCleanupGlobals(); - UNREGISTER_INI_ENTRIES(); - return SUCCESS; } /* }}} */ diff --git a/ext/xsl/tests/bug54446_with_ini.phpt b/ext/xsl/tests/bug54446_with_ini.phpt index fbe03659d3..9edc8b38f3 100644 --- a/ext/xsl/tests/bug54446_with_ini.phpt +++ b/ext/xsl/tests/bug54446_with_ini.phpt @@ -44,9 +44,9 @@ if (file_exists($outputfile)) { } #SET NO SECURITY PREFS -ini_set("xsl.security_prefs", XSL_SECPREF_NONE); +$proc->setSecurityPrefs(XSL_SECPREF_NONE); -# TRASNFORM & PRINT +# TRANSFORM & PRINT print $proc->transformToXML( $dom ); @@ -59,9 +59,9 @@ if (file_exists($outputfile)) { unlink($outputfile); #SET SECURITY PREFS AGAIN -ini_set("xsl.security_prefs", XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); +$proc->setSecurityPrefs(XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); -# TRASNFORM & PRINT +# TRANSFORM & PRINT print $proc->transformToXML( $dom ); if (file_exists($outputfile)) { @@ -70,31 +70,7 @@ if (file_exists($outputfile)) { print "OK, no file created\n"; } -#SET NO SECURITY PREFS with ini, but set them with ->setSecurityPrefs -ini_set("xsl.security_prefs", XSL_SECPREF_NONE); -$proc->setSecurityPrefs( XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); - -print $proc->transformToXML( $dom ); -if (file_exists($outputfile)) { - print "$outputfile exists, but shouldn't!\n"; -} else { - print "OK, no file created\n"; -} - -#don't throw a warning if both ini and through-the-method have the same value -$proc->setSecurityPrefs(XSL_SECPREF_NONE); - -print $proc->transformToXML( $dom ); - -if (file_exists($outputfile)) { - print "OK, file exists\n"; -} else { - print "$outputfile doesn't exist, but should!\n"; -} -unlink($outputfile); - - - +?> --EXPECTF-- Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d @@ -104,8 +80,6 @@ Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d OK, no file created - -Deprecated: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini option is deprecated; use XsltProcessor->setSecurityPrefs() instead in %s on line %d OK, file exists Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d @@ -116,20 +90,6 @@ Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d OK, no file created - -Deprecated: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini option is deprecated; use XsltProcessor->setSecurityPrefs() instead in %s on line %d - -Notice: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini was not used, since the XsltProcessor->setSecurityPrefs() method was used in %s on line %d - -Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d - -Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s - -Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d - -Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d -OK, no file created -OK, file exists --CREDITS-- Christian Stocker, chregu@php.net diff --git a/ext/xsl/xsltprocessor.c b/ext/xsl/xsltprocessor.c index 6b97dca4dc..553836b8c5 100644 --- a/ext/xsl/xsltprocessor.c +++ b/ext/xsl/xsltprocessor.c @@ -483,7 +483,7 @@ static xmlDocPtr php_xsl_apply_stylesheet(zval *id, xsl_object *intern, xsltStyl zend_object_handlers *std_hnd; FILE *f; int secPrefsError = 0; - int secPrefsValue, secPrefsIni; + int secPrefsValue; xsltSecurityPrefsPtr secPrefs = NULL; node = php_libxml_import_node(docp); @@ -542,23 +542,6 @@ static xmlDocPtr php_xsl_apply_stylesheet(zval *id, xsl_object *intern, xsltStyl secPrefsValue = intern->securityPrefs; - /* This whole if block can be removed, when we remove the xsl.security_prefs php.ini option in PHP 6+ */ - secPrefsIni= INI_INT("xsl.security_prefs"); - /* if secPrefsIni has the same value as secPrefsValue, all is fine */ - if (secPrefsIni != secPrefsValue) { - if (secPrefsIni != XSL_SECPREF_DEFAULT) { - /* if the ini value is not set to the default, throw an E_DEPRECATED warning */ - php_error_docref(NULL, E_DEPRECATED, "The xsl.security_prefs php.ini option is deprecated; use XsltProcessor->setSecurityPrefs() instead"); - if (intern->securityPrefsSet == 0) { - /* if securityPrefs were not set through the setSecurityPrefs method, take the ini setting */ - secPrefsValue = secPrefsIni; - } else { - /* else throw a notice, that the ini setting was not used */ - php_error_docref(NULL, E_NOTICE, "The xsl.security_prefs php.ini was not used, since the XsltProcessor->setSecurityPrefs() method was used"); - } - } - } - /* if securityPrefs is set to NONE, we don't have to do any checks, but otherwise... */ if (secPrefsValue != XSL_SECPREF_NONE) { secPrefs = xsltNewSecurityPrefs();