]>
granicus.if.org Git - php/log
Daniel Lowrey [Sun, 2 Mar 2014 14:03:39 +0000 (07:03 -0700)]
Capture peer cert even if verify fails
Previously the "capture_peer_cert" SSL context option only
captured the peer's certificate if the verification routine
succeeded.
By also capturing the on verify failure applications have the
ability to parse the cert and ask users whether they wish to
proceed given the information presented by the peer.
Chris Wright [Sun, 2 Mar 2014 01:57:20 +0000 (01:57 +0000)]
Windows cert verify improvements + leak fixes
- Clean up properly at all fail points in native Windows peer
verification routine
- Bring certificate usages and chain flags into line with chromium
implementation in windows environments
Anatol Belski [Sun, 2 Mar 2014 11:49:30 +0000 (12:49 +0100)]
turn off some false positives
Anatol Belski [Sat, 1 Mar 2014 19:15:10 +0000 (20:15 +0100)]
support for static analyzers other than visual studio
Anatol Belski [Sat, 1 Mar 2014 12:28:02 +0000 (13:28 +0100)]
fix wording
Anatol Belski [Sat, 1 Mar 2014 12:16:16 +0000 (13:16 +0100)]
Merge branch 'PHP-5.6' of git.php.net:php-src into PHP-5.6
Anatol Belski [Sat, 1 Mar 2014 12:11:35 +0000 (13:11 +0100)]
reveal more info on the configure options
Tjerk Meesters [Sat, 1 Mar 2014 04:27:36 +0000 (12:27 +0800)]
Updated news for #66535 and #66109
Anatol Belski [Fri, 28 Feb 2014 18:39:34 +0000 (19:39 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
don't compare constants on run time
Anatol Belski [Fri, 28 Feb 2014 18:38:32 +0000 (19:38 +0100)]
don't compare constants on run time
Tjerk Meesters [Fri, 28 Feb 2014 15:48:34 +0000 (23:48 +0800)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
substr_compare(): Allow zero length comparison
datibbaw [Fri, 21 Feb 2014 02:24:52 +0000 (10:24 +0800)]
substr_compare(): Allow zero length comparison
Treat zero length comparison as always equal.
Tjerk Meesters [Fri, 28 Feb 2014 14:31:16 +0000 (22:31 +0800)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
Fixed test case title
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
Tjerk Meesters [Fri, 28 Feb 2014 14:30:21 +0000 (22:30 +0800)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fixed test case title
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
Tjerk Meesters [Fri, 28 Feb 2014 14:27:32 +0000 (22:27 +0800)]
Fixed test case title
Tjerk Meesters [Fri, 28 Feb 2014 14:22:07 +0000 (22:22 +0800)]
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
A newline is added to the mail headers when mail.add_x_header is used and no other headers are passed to mail().
The scenario in which custom headers are used was already fixed in #48620, back in 2009.
Tjerk Meesters [Fri, 28 Feb 2014 11:01:17 +0000 (19:01 +0800)]
Merge branch '5.5' into 5.6
* 5.5:
Fixed expected output of a few cURL test cases
Allow NULL as value for CURLOPT_CUSTOMREQUEST option.
Tjerk Meesters [Fri, 28 Feb 2014 10:59:06 +0000 (18:59 +0800)]
Fixed expected output of a few cURL test cases
datibbaw [Mon, 18 Nov 2013 04:06:27 +0000 (12:06 +0800)]
Allow NULL as value for CURLOPT_CUSTOMREQUEST option.
Added test case.
Refactored the code to isolate the string handling. Fixed return values to use SUCCESS and FAILURE.
Removed unused error variable.
Indentation fix.
Removed the ugly goto.
Anatol Belski [Fri, 28 Feb 2014 08:43:57 +0000 (09:43 +0100)]
primitive test fixes
Remi Collet [Fri, 28 Feb 2014 07:12:26 +0000 (08:12 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
man page: long option name is --strip, not --stripped
--global have be removed in 5.2
Remi Collet [Fri, 28 Feb 2014 07:12:16 +0000 (08:12 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
man page: long option name is --strip, not --stripped
--global have be removed in 5.2
Remi Collet [Fri, 28 Feb 2014 07:12:03 +0000 (08:12 +0100)]
man page: long option name is --strip, not --stripped
Remi Collet [Fri, 28 Feb 2014 07:10:01 +0000 (08:10 +0100)]
--global have be removed in 5.2
Anatol Belski [Thu, 27 Feb 2014 14:50:17 +0000 (15:50 +0100)]
remove pcntl leftover from the test code
Ferenc Kovacs [Thu, 27 Feb 2014 11:54:07 +0000 (12:54 +0100)]
list the fpm change hat rfc in UPGRADING
Ferenc Kovacs [Thu, 27 Feb 2014 11:43:42 +0000 (12:43 +0100)]
mention the apparmor support in fpm
Ferenc Kovacs [Thu, 27 Feb 2014 10:30:23 +0000 (11:30 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
typo spotted by Lajos Veres
Ferenc Kovacs [Thu, 27 Feb 2014 10:28:46 +0000 (11:28 +0100)]
typo spotted by Lajos Veres
Anatol Belski [Thu, 27 Feb 2014 08:26:48 +0000 (09:26 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
update libs_version.txt
Conflicts:
win32/build/libs_version.txt
Anatol Belski [Thu, 27 Feb 2014 08:25:15 +0000 (09:25 +0100)]
update libs_version.txt
Anatol Belski [Thu, 27 Feb 2014 08:23:48 +0000 (09:23 +0100)]
update libs_version.txt
Remi Collet [Thu, 27 Feb 2014 07:50:29 +0000 (08:50 +0100)]
NEWS
Remi Collet [Thu, 27 Feb 2014 07:50:07 +0000 (08:50 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
NEWS
NEWS
test for bug #66762
Fixed Bug #66762 Segfault in mysqli_stmt::bind_result() when link closed
Remi Collet [Thu, 27 Feb 2014 07:49:56 +0000 (08:49 +0100)]
NEWS
Remi Collet [Thu, 27 Feb 2014 07:49:33 +0000 (08:49 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
NEWS
test for bug #66762
Fixed Bug #66762 Segfault in mysqli_stmt::bind_result() when link closed
Remi Collet [Thu, 27 Feb 2014 07:49:08 +0000 (08:49 +0100)]
NEWS
Remi Collet [Thu, 27 Feb 2014 07:48:01 +0000 (08:48 +0100)]
test for bug #66762
Remi Collet [Thu, 27 Feb 2014 07:45:16 +0000 (08:45 +0100)]
Fixed Bug #66762 Segfault in mysqli_stmt::bind_result() when link closed
Each new mysqli_stmt now increase the refcount of the link object.
So the link is really destroy after all statements.
Only implemented with libmysqlclient, as mysqlnd already implement
this internally.
So, libmysqlclient and mysqlnd have the same behavior.
Ferenc Kovacs [Thu, 27 Feb 2014 01:32:47 +0000 (02:32 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
fix tests broken by
633f898f1520253d3530fe91fc82f68bca7c4627
Ferenc Kovacs [Thu, 27 Feb 2014 01:32:07 +0000 (02:32 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
fix tests broken by
633f898f1520253d3530fe91fc82f68bca7c4627
Ferenc Kovacs [Thu, 27 Feb 2014 01:31:42 +0000 (02:31 +0100)]
Ferenc Kovacs [Thu, 27 Feb 2014 00:28:57 +0000 (01:28 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:26:23 +0000 (01:26 +0100)]
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:23:58 +0000 (01:23 +0100)]
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:22:15 +0000 (01:22 +0100)]
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:19:08 +0000 (01:19 +0100)]
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:12:17 +0000 (01:12 +0100)]
add missing NEWS entry
Ferenc Kovacs [Thu, 27 Feb 2014 00:18:11 +0000 (01:18 +0100)]
add missing NEWS entry
Daniel Lowrey [Wed, 26 Feb 2014 20:29:10 +0000 (13:29 -0700)]
Merge branch 'curlClosePolicy' of https://github.com/DaveRandom/php-src into PHP-5.6
* 'curlClosePolicy' of https://github.com/DaveRandom/php-src:
Remove cURL close policy related constants
Daniel Lowrey [Wed, 26 Feb 2014 20:06:08 +0000 (13:06 -0700)]
Deprecate CN_match in favor of peer_name in SSL contexts
Chris Wright [Wed, 26 Feb 2014 17:48:14 +0000 (17:48 +0000)]
Remove cURL close policy related constants
These options don't do anything and they never have.
Refs:
http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTCLOSEPOLICY
http://curl.haxx.se/mail/lib-2006-11/0301.html
Nikita Popov [Wed, 26 Feb 2014 15:37:58 +0000 (16:37 +0100)]
Update stack size in tests/func/010.phpt
Stack size is 16K nowadays. Now the test takes a more reasonable
amount of time to run...
Nikita Popov [Wed, 26 Feb 2014 15:25:10 +0000 (16:25 +0100)]
Don't add num_additional_args in SEND opcodes
Now that trailing positional args are disallowed,
num_additional_args will always be zero in SEND opcodes (and
FUNC_ARG fetches).
Nikita Popov [Wed, 26 Feb 2014 15:08:58 +0000 (16:08 +0100)]
Disallow use of positional args after unpacking
This commit disallows the use of trailing positional arguments
after argument unpacking was used. The following calls are no
longer valid:
fn(...$array, $var);
fn(...$array1, $var, ...$array2);
However, all of the following continue to be valid:
fn($var, ...$array);
fn(...$array1, ...$array2);
fn($var, ...$array1, ...$array2);
The reason behind this change is a stack allocation issue pointed
out by Dmitry: As of PHP 5.5 the stack necessary for pushing
arguments is precomputed and preallocated, as such the individual
SEND opcodes no longer verify that there is enough stack space.
The unpacked arguments will occupy some of that preallocated
space and as such following positional arguments could write past
a stack page boundary.
An alternative resolution for this issue is to ensure that there
is enough space for the remaining arguments in the UNPACK opcode.
However making this allocation precise (rather than using a
conversative over-estimate) would require some effort. Given that
this particular aspect of the feature wasn't very popular in the
first place, it doesn't seem worth the effort.
Nikita Popov [Tue, 25 Feb 2014 23:14:50 +0000 (00:14 +0100)]
Store arg_num in fcall entry
Instead of storing the argument number in the znode of the parameter
list, store it in fcall->arg_num. This mainly cleans up the parameter
parsing code, which previously had to duplicate all rules (this
becomes more excessive as more features are added, e.g. named params
would already require a minimum of 14 rules...)
Nikita Popov [Tue, 25 Feb 2014 22:39:50 +0000 (23:39 +0100)]
Introduce zend_function_call_entry structure
Instead of directly pushing the zend_function* onto the
function_call_stack, push this structure. This allows us to store
additional data on this stack.
Ferenc Kovacs [Wed, 26 Feb 2014 14:29:40 +0000 (15:29 +0100)]
move the default encoding NEWS entry to alpha3, as it was pushed after beta2 was tagged
Ferenc Kovacs [Wed, 26 Feb 2014 14:28:36 +0000 (15:28 +0100)]
rearrange the NEWS blocks a bit
Ferenc Kovacs [Wed, 26 Feb 2014 14:13:40 +0000 (15:13 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
add news entry
add news entry
add clear_env option to FPM config
add clear_env option to FPM config
Reduce test noise on cross Oracle client <-> server version tests. This fix is already in PHP 5.6+
Reduce test noise in cross Oracle client <-> server version testing. This change is already in PHP 5.6+
Ferenc Kovacs [Wed, 26 Feb 2014 14:10:23 +0000 (15:10 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
add news entry
add clear_env option to FPM config
Ferenc Kovacs [Wed, 26 Feb 2014 14:08:08 +0000 (15:08 +0100)]
add NEWS block for 5.6.0 beta1
Anatol Belski [Wed, 26 Feb 2014 12:37:20 +0000 (13:37 +0100)]
restored that test part in ext/openssl to enable notify/wait
Anatol Belski [Wed, 26 Feb 2014 11:41:36 +0000 (12:41 +0100)]
remove echo
Anatol Belski [Wed, 26 Feb 2014 10:27:24 +0000 (11:27 +0100)]
fix stdin reading in new openssl tests
Anatol Belski [Wed, 26 Feb 2014 10:23:43 +0000 (11:23 +0100)]
kick redundant include
this is already present from php.h
Daniel Lowrey [Wed, 26 Feb 2014 02:12:33 +0000 (19:12 -0700)]
Prevent implicit function declaration when TLSEXT unavailable
Daniel Lowrey [Tue, 25 Feb 2014 20:22:16 +0000 (13:22 -0700)]
Update NEWS+UPGRADING (openssl)
Daniel Lowrey [Tue, 25 Feb 2014 20:02:13 +0000 (13:02 -0700)]
Remove test case invalidated by openssl.cafile accessibility change
Daniel Lowrey [Tue, 25 Feb 2014 19:43:52 +0000 (12:43 -0700)]
Merge branch 'windowsPeerVerification' of https://github.com/DaveRandom/php-src into PHP-5.6
* 'windowsPeerVerification' of https://github.com/DaveRandom/php-src:
Update openssl tests with new server/client test harness
Add peer certificate verification on windows
Daniel Lowrey [Tue, 25 Feb 2014 05:03:55 +0000 (22:03 -0700)]
Tolerate non-standard newlines when parsing stream CA files
Daniel Lowrey [Mon, 24 Feb 2014 21:41:46 +0000 (14:41 -0700)]
Remove openssl tests that shouldn't have survived last merge
These are .phpt files I meant to remove with the last batch as
the same functionality is now covered in other tests and these
are no longer needed.
Daniel Lowrey [Mon, 24 Feb 2014 20:55:55 +0000 (13:55 -0700)]
Add openssl.cafile ini check when loading cainfo
Daniel Lowrey [Mon, 24 Feb 2014 20:40:43 +0000 (13:40 -0700)]
Change openssl directives to PHP_INI_PERDIR
Because openssl.cafile and openssl.capath have implications for
security these directives have been changed to PHP_INI_PERDIR
(previously PHP_INI_ALL)
Chris Wright [Mon, 24 Feb 2014 14:55:17 +0000 (14:55 +0000)]
Update openssl tests with new server/client test harness
Chris Wright [Fri, 21 Feb 2014 12:08:13 +0000 (12:08 +0000)]
Add peer certificate verification on windows
Peer certificate verification on Windows using the native certificate store and the Windows API
Andrey Hristov [Tue, 25 Feb 2014 15:39:06 +0000 (17:39 +0200)]
Use API instead of directly acessing the structure
Antony Dovgal [Tue, 25 Feb 2014 08:15:35 +0000 (12:15 +0400)]
add news entry
Antony Dovgal [Tue, 25 Feb 2014 08:14:50 +0000 (12:14 +0400)]
add news entry
Paul Annesley [Wed, 19 Feb 2014 19:48:40 +0000 (11:48 -0800)]
add clear_env option to FPM config
This makes it possible to leave the envoronment as is on startup and
pass all the variables to the workers.
The default value of clear_env is "yes", preserving previous behaviour.
Patch by Paul Annesley.
Paul Annesley [Wed, 19 Feb 2014 19:48:40 +0000 (11:48 -0800)]
add clear_env option to FPM config
This makes it possible to leave the envoronment as is on startup and
pass all the variables to the workers.
The default value of clear_env is "yes", preserving previous behaviour.
Patch by Paul Annesley.
Christopher Jones [Tue, 25 Feb 2014 01:02:16 +0000 (17:02 -0800)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Reduce test noise on cross Oracle client <-> server version tests. This fix is already in PHP 5.6+
Christopher Jones [Tue, 25 Feb 2014 01:01:30 +0000 (17:01 -0800)]
Reduce test noise on cross Oracle client <-> server version tests.
This fix is already in PHP 5.6+
Christopher Jones [Tue, 25 Feb 2014 00:35:08 +0000 (16:35 -0800)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Reduce test noise in cross Oracle client <-> server version testing. This change is already in PHP 5.6+
Christopher Jones [Tue, 25 Feb 2014 00:33:41 +0000 (16:33 -0800)]
Reduce test noise in cross Oracle client <-> server version testing.
This change is already in PHP 5.6+
Anatol Belski [Mon, 24 Feb 2014 09:13:11 +0000 (10:13 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
fixed macro
Anatol Belski [Mon, 24 Feb 2014 09:12:50 +0000 (10:12 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
fixed macro
Anatol Belski [Mon, 24 Feb 2014 09:12:18 +0000 (10:12 +0100)]
fixed macro
Paul Annesley [Wed, 19 Feb 2014 19:48:40 +0000 (11:48 -0800)]
add clear_env option to FPM config
This makes it possible to leave the envoronment as is on startup and
pass all the variables to the workers.
The default value of clear_env is "yes", preserving previous behaviour.
Patch by Paul Annesley.
Johannes Schlüter [Sun, 23 Feb 2014 13:57:21 +0000 (14:57 +0100)]
Merge branch 'PHP-5.5' into PHP-5.6
Johannes Schlüter [Sun, 23 Feb 2014 13:56:32 +0000 (14:56 +0100)]
Merge branch 'PHP-5.4' into PHP-5.5
Johannes Schlüter [Sun, 23 Feb 2014 13:55:29 +0000 (14:55 +0100)]
Make sure value is initialized
Johannes Schlüter [Sun, 23 Feb 2014 13:18:24 +0000 (14:18 +0100)]
We can't dereference dbh if it is NULL
Anatol Belski [Fri, 21 Feb 2014 22:09:16 +0000 (23:09 +0100)]
fix linkage
"extern inline" looks like tricky case for portability, but extern
is required with VS. So reduce the case to a starndard one to avoid
unporbatibily.
Daniel Lowrey [Fri, 21 Feb 2014 19:54:37 +0000 (12:54 -0700)]
More openssl UPGRADING updates
Daniel Lowrey [Fri, 21 Feb 2014 19:16:23 +0000 (12:16 -0700)]
Fix build against older OpenSSL libs
Daniel Lowrey [Fri, 21 Feb 2014 16:38:15 +0000 (09:38 -0700)]
Update NEWS/UPGRADING with openssl additions
Daniel Lowrey [Fri, 21 Feb 2014 16:13:55 +0000 (09:13 -0700)]
Merge branch 'reneg-limit' of https://github.com/rdlowrey/php-src into PHP-5.6
* 'reneg-limit' of https://github.com/rdlowrey/php-src:
Mitigate client-initiated SSL renegotiation DoS
Daniel Lowrey [Thu, 20 Feb 2014 23:26:55 +0000 (16:26 -0700)]
Mitigate client-initiated SSL renegotiation DoS
Anatol Belski [Fri, 21 Feb 2014 10:23:42 +0000 (11:23 +0100)]
C89 compat