* master: (39 commits)
Add __debugInfo() to UPGRADING.
fix TS build
Update NEWS
Update NEWS
Update NEWS
Small tidy ups and raise visibility of GitHub PR process
Bug #41631: Observe socket read timeouts in SSL streams
wrap int8_t and int16_t with #ifdef to avoid possible clashes
- Updated to version 2014.6 (2014f)
Removed Countable::count() change info from UPGRADE.INTERNALS too
NEWS and UPGRADING for intdiv()
Revert "Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option"
Fixed skip case for intdiv 64-bit test
Use callback structure
Add EXPECTF
Fix handling of multi-result sets with PS...used to clean not only the result set but the whole PS.
5.5.17 now
5.4.33-dev now
Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option
Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option
...
Conflicts:
ext/fileinfo/libmagic/softmagic.c
main/streams/xp_socket.c
* master: (46 commits)
PHP_INT_MIN and _MAX tests
NEWS and UPGRADING
Added PHP_INT_MIN
Fix wrong lenght size
Bug #51096 - Remove unnecessary ? for first/last day of
Moved streams related functions to xp_ssl.c
Remove duplicate NEWS
Update NEWS
Update NEWS
Update NEWS
BFN
BFN
Fixed bug #67715 (php-milter does not build and crashes randomly).
We need to turn off any strict mode here for this warning to show up
Disable restrictions regarding arrays in constants at run-time. For the discussion around it, see the thread on the mailing list: http://www.mail-archive.com/internals@lists.php.net/msg68245.html
Revert "Fix bug #67064 in a BC safe way"
Updated NEWS for #67693
Updated NEWS for #67693
Fixed bug #67693 - incorrect push to the empty array
add missing entry to NEWS
...
Conflicts:
Zend/tests/errmsg_040.phpt
Zend/tests/ns_059.phpt
Zend/zend_language_parser.y
Zend/zend_vm_def.h
ext/openssl/openssl.c
ext/reflection/php_reflection.c
ext/session/session.c
ext/spl/spl_directory.c
ext/spl/spl_iterators.c
ext/sqlite3/sqlite3.c
ext/standard/array.c
* master:
skip this test which fails without network
add missing entry to NEWS
add missing entry to NEWS
add NEWS block for 5.6.0RC2
Add support for gb18030/MySQL 5.7
Fix another problem with MySQL 5.7
new test, missing in ea466a3
Suppress test failure with MySQL 5.7
* master: (41 commits)
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
Update copyright year to 2014
NEWS
Fix Request #67453 Allow to unserialize empty data.
Update copyright year to 2014
Update copyright year for re2c generated files
Update copyright year to 2014
Update copyright year for re2c files as well
Fix patch for bug #67436
fix failed test
Fix test on modern distro where old unsecure algo are disabled in openssl config. Testing recent algo should be enough to check this function.
Added tests for bug 67436
Fixed wrong XFAIL test - already fixed
Fix typo in Bug #67406 NEWS entry
Fix typo in Bug #67406 NEWS entry
...
Conflicts:
Zend/zend_compile.c
ext/session/session.c
ext/standard/array.c
ext/standard/http_fopen_wrapper.c
tests/classes/bug63462.phpt
* PHP-5.6:
Fix test on modern distro where old unsecure algo are disabled in openssl config. Testing recent algo should be enough to check this function.
* master: (77 commits)
NEWS entry for Fix potential segfault in dns_get_record()
NEWS entry for "Fix potential segfault in dns_get_record()"
NEWS entry for Fix potential segfault in dns_get_record(
Fix potential segfault in dns_get_record()
Revert "Add optional second arg to unserialize()"
5.5.15 now
update NEWS
Fix bug #66127 (Segmentation fault with ArrayObject unset)
5.4.31 next
Add NEWS. This doesn't need UPGRADING (or an RFC), IMO.
Fix broken test.
Add a mime type map generation script and update the header.
Move the mime type map out of php_cli_server.c for easier generation.
Replace the CLI server's linear search for extensions with a hash table.
fix test
Remove unused included file
NEWS
NEWS
NEWS
Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec
...
Conflicts:
Zend/zend_closures.c
Zend/zend_execute.c
Zend/zend_vm_def.h
Zend/zend_vm_execute.h
ext/spl/spl_array.c
ext/standard/basic_functions.c
ext/standard/dns.c
ext/standard/var.c
Switch to SHA1, which match internal openssl hardcoded algo.
In most case, won't even be noticed
- priority on user input (default_md)
- fallback on system config
- fallback on this default value
Recent system reject MD5 digest, noticed in bug36732.phpt failure.
While SHA1 is better than MD5, SHA256 is recommenced,
and defined as default algo in provided configuration on
recent system (Fedora 21, RHEL-7, ...). But the idea is to
keep in sync with openssl internal value for PHP internal value.
* PHP-5.6:
Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
Add NEWS/UPGRADING notes (openssl + curl)
- New "SNI_server_certs" context option maps host names to
appropriate certs should client handshakes advertise the
SNI extension:
$ctx = stream_context_create(["ssl" => [
"local_cert" => "/path/to/cert.pem",
"SNI_server_certs" => [
"domain1.com" => "/path/to/domain1.pem",
"*.domain2.com" => "/path/to/domain2.pem",
"domain3.com" => "/path/to/domain3.pem"
]
]]);
- Prefixing a "*." will utilize the matching cert if a client
requests the primary host name or any subdomain thereof. So
in the above example our "domain2.pem" will be used for both
requests to "domain2.com" -and- "subdomain.domain2.com"
- The "SNI_server_certs" ctx option has no effect for client
streams.
- SNI support is enabled by default as of 5.6 for both servers
and clients. Servers must specify the "SNI_server_certs" array
to actually use the SNI extension, though.
- If the `"SNI_enabled" => false` ctx option is also passed then
"SNI_server_certs" has no effect.
- While supporting SNI by itself is enough to successfully
negotiate the TLS handshake with many clients, servers MUST
still specify a "local_cert" ctx option or run the risk of
connection failures from clients that do not support the SNI
extension.
- All streams-related code now lives in xp_ssl.c. Previously
stream code was split across both openssl.c and xp_ssl.c
- Folded superfluous php_openssl_structs.h into xp_ssl.c
- Server-specific options now set on SSL_CTX instead of SSL
- Deprecate SNI_server_name ctx option
- Miscellaneous refactoring
Previously the "capture_peer_cert" SSL context option only
captured the peer's certificate if the verification routine
succeeded.
By also capturing the on verify failure applications have the
ability to parse the cert and ask users whether they wish to
proceed given the information presented by the peer.
- Clean up properly at all fail points in native Windows peer
verification routine
- Bring certificate usages and chain flags into line with chromium
implementation in windows environments
* PHP-5.6:
Remove test case invalidated by openssl.cafile accessibility change
Tolerate non-standard newlines when parsing stream CA files
Remove openssl tests that shouldn't have survived last merge
Add openssl.cafile ini check when loading cainfo
Change openssl directives to PHP_INI_PERDIR
Update openssl tests with new server/client test harness
Add peer certificate verification on windows
* 'windowsPeerVerification' of https://github.com/DaveRandom/php-src:
Update openssl tests with new server/client test harness
Add peer certificate verification on windows
