update to 0.13.0HEADmaster

4 files changed, 13 insertions, 190 deletions

diff --git a/PHPINFO b/PHPINFO
index dc773df..ec03355 100644
--- a/PHPINFO
+++ b/PHPINFO
@@ -2,7 +2,7 @@
 snuffleupagus
 
 snuffleupagus support => enabled
-Version => 0.12.0
+Version => 0.13.0
 Valid config => yes
 
 Directive => Local Value => Master Value
diff --git a/REFLECTION b/REFLECTION
index 061c8c1..516e0a9 100644
--- a/REFLECTION
+++ b/REFLECTION
@@ -1,4 +1,4 @@
-Extension [ <persistent> extension #111 snuffleupagus version 0.12.0 ] {
+Extension [ <persistent> extension #116 snuffleupagus version 0.13.0 ] {
 
   - INI {
     Entry [ sp.configuration_file <SYSTEM> ]
diff --git a/php-snuffleupagus.spec b/php-snuffleupagus.spec
index 29bcf7c..cc4b9ea 100644
--- a/php-snuffleupagus.spec
+++ b/php-snuffleupagus.spec
@@ -1,6 +1,6 @@
 # remirepo spec file for php-snuffleupagus
 #
-# SPDX-FileCopyrightText:  Copyright 2018-2025 Remi Collet
+# SPDX-FileCopyrightText:  Copyright 2018-2026 Remi Collet
 # SPDX-License-Identifier: CECILL-2.1
 # http://www.cecill.info/licences/Licence_CeCILL_V2-en.txt
 #
@@ -16,7 +16,7 @@
 
 %bcond_without      tests
 
-%global gh_commit   1c7598c432551d0c49c2c57f249ccd5ccabce638
+%global gh_commit   5f944e2b1085bdd07b75f7c13bec2b2ad49ea09e
 %global gh_short    %(c=%{gh_commit}; echo ${c:0:7})
 %global gh_owner    jvoisin
 %global gh_project  snuffleupagus
@@ -31,19 +31,17 @@
 
 Summary:       Security module for PHP
 Name:          %{?scl_prefix}php-snuffleupagus
-Version:       0.12.0
+Version:       0.13.0
 %if 0%{?gh_date}
-Release:       1%{gh_date}.%{gh_short}%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}
+Release:       1%{gh_date}.%{gh_short}%{?dist}
 %else
-Release:       3%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}
+Release:       1%{?dist}
 %endif
 License:       LGPL-3.0-only
 Group:         Development/Languages
 URL:           https://github.com/%{gh_owner}/%{gh_project}
 Source0:       https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{pkg_name}-%{version}-%{gh_short}.tar.gz
 
-Patch0:        php85.patch
-
 BuildRequires: %{?dtsprefix}gcc
 BuildRequires: %{?scl_prefix}php-devel >= 7.0
 # For tests/upload_validation_real.phpt
@@ -75,8 +73,6 @@ Package built for PHP %(%{__php} -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSIO
 %setup -q -n %{gh_project}-%{gh_commit}
 
 cd %{sources}
-%patch -P0 -p2
-
 # Sanity check, really often broken
 grep PHP_SNUFFLEUPAGUS_VERSION php_snuffleupagus.h
 # sed -e '/PHP_SNUFFLEUPAGUS_VERSION/s/0.9.0/0.8.0/' -i php_snuffleupagus.h
@@ -171,6 +167,9 @@ VER=$(%{__php} -r 'echo PHP_VERSION_ID;')
 if [ $VER -lt 80000 ]; then
 	rm -rf src/tests/*php8*/
 fi
+if [ $VER -lt 70100 ]; then
+	rm -rf src/tests/session_encryption/set_custom_session_handler2.phpt
+fi
 
 cd %{sources}
 export SP_SKIP_OLD_PHP_CHECK=1
@@ -216,6 +215,9 @@ REPORT_EXIT_STATUS=1 \
 
 
 %changelog
+* Wed Jan  7 2026 Remi Collet <remi@remirepo.net> - 0.13.0-1
+- update to 0.13.0
+
 * Thu Oct  2 2025 Remi Collet <remi@remirepo.net> - 0.12.0-3
 - add upstream patch for PHP 8.5.0RC1
 
diff --git a/php85.patch b/php85.patch
deleted file mode 100644
index 63588b4..0000000
--- a/php85.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-From ee5e383c6bbca94d5f93134510468b3fe87a470c Mon Sep 17 00:00:00 2001
-From: jvoisin <julien.voisin@dustri.org>
-Date: Sun, 31 Aug 2025 16:05:44 +0200
-Subject: [PATCH] Add support for PHP8.5
-
----
- .github/workflows/builds.yml                  |  1 +
- src/sp_cookie_encryption.c                    | 23 +++++++++++++++++--
- ...isabled_functions_shell_exec_backtick.phpt |  1 +
- ...led_functions_shell_exec_backtick_var.phpt |  1 +
- ...ctions_shell_exec_backtick_var_string.phpt |  1 +
- 5 files changed, 25 insertions(+), 2 deletions(-)
-
-diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
-index c833f943..ec5c7c2d 100644
---- a/src/sp_cookie_encryption.c
-+++ b/src/sp_cookie_encryption.c
-@@ -48,7 +48,11 @@ static zend_string *encrypt_data(zend_string *data) {
- #if PHP_VERSION_ID >= 70300
- static void php_head_parse_cookie_options_array(
-     zval *options, zend_long *expires, zend_string **path, zend_string **domain,
--    zend_bool *secure, zend_bool *httponly, zend_string **samesite) {
-+    zend_bool *secure, zend_bool *httponly, zend_string **samesite
-+#if PHP_VERSION_ID >= 80500
-+    ,bool *partitioned
-+#endif
-+    ) {
-   int found = 0;
-   zend_string *key;
-   zval *value;
-@@ -73,6 +77,11 @@ static void php_head_parse_cookie_options_array(
-       } else if (zend_string_equals_literal_ci(key, "samesite")) {
-         *samesite = zval_get_string(value);
-         found++;
-+#if PHP_VERSION_ID >= 80500
-+      } else if (zend_string_equals_literal_ci(key, "partitioned")) {
-+        *partitioned = zval_is_true(value);
-+        found++;
-+#endif
-       } else {
-         php_error_docref(NULL, E_WARNING,
-                          "Unrecognized key '%s' found in the options array",
-@@ -94,6 +103,9 @@ static void php_head_parse_cookie_options_array(
- #endif
- 
- PHP_FUNCTION(sp_setcookie) {
-+#if PHP_VERSION_ID >= 80500
-+  zend_bool partitioned;
-+#endif
-   zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL,
-               *value_enc = NULL,
- #if PHP_VERSION_ID < 70300
-@@ -133,7 +145,11 @@ PHP_FUNCTION(sp_setcookie) {
-       }
-       php_head_parse_cookie_options_array(expires_or_options, &expires, &path,
-                                           &domain, &secure, &httponly,
-+#if PHP_VERSION_ID < 80500
-                                           &samesite);
-+#else
-+                                          &samesite, &partitioned);
-+#endif
-     } else {
-       expires = zval_get_long(expires_or_options);
-     }
-@@ -194,9 +210,12 @@ PHP_FUNCTION(sp_setcookie) {
-   if (php_setcookie(name, (value_enc ? value_enc : value), expires,
-                     (path_samesite ? path_samesite : path), domain, secure, 1,
-                     httponly) == SUCCESS) {
--#else
-+#elif PHP_VERSION_ID < 80500
-   if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
-                     domain, secure, httponly, samesite, 1) == SUCCESS) {
-+#else
-+  if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
-+                    domain, secure, httponly, samesite, partitioned, false) == SUCCESS) {
- #endif
-     RETVAL_TRUE;
-   } else {
-diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
-index aeb64c29..6f53ceae 100644
---- a/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
-+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
-@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator
- <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
- --INI--
- sp.configuration_file={PWD}/config/disabled_functions_extra.ini
-+error_reporting = E_ALL & ~E_DEPRECATED
- --FILE--
- <?php 
- echo `ls`;
-diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
-index a312acfb..6ea5865d 100644
---- a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
-+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
-@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator in context of a var name
- <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
- --INI--
- sp.configuration_file={PWD}/config/disabled_functions_extra.ini
-+error_reporting = E_ALL & ~E_DEPRECATED
- --FILE--
- <?php 
- echo ${`ls`};
-diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
-index ea77a7dd..f1175680 100644
---- a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
-+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
-@@ -4,6 +4,7 @@ Disable functions - shell_exec via backtick operator in context of a var name in
- <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
- --INI--
- sp.configuration_file={PWD}/config/disabled_functions_extra.ini
-+error_reporting = E_ALL & ~E_DEPRECATED
- --FILE--
- <?php 
- echo "{${`ls`}}";
-From 9509733befcb4010bc77b06fcf41e77078976e80 Mon Sep 17 00:00:00 2001
-From: jvoisin <julien.voisin@dustri.org>
-Date: Wed, 1 Oct 2025 13:44:06 +0200
-Subject: [PATCH] Fix a cookie-related warning for PHP8.5.0
-
-```
-========DIFF========
-001- OK
-001+ Fatal error: Uncaught ValueError: setcookie(): "partitioned" option cannot be used without "secure" option in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php:2
-002+ Stack trace:
-003+ #0 /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php(2): setcookie('super_cookie', 'super_value')
-004+ #1 {main}
-005+   thrown in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php on line 2
-========DONE========
-FAIL Cookie samesite [tests/samesite_cookies.phpt]
-```
-
-Even though the warning might be spurious, let's fix this properly, by
-initialising `partitioned` to false, and by setting it only if `secure` is set
-as well.
----
- src/sp_cookie_encryption.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
-diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
-index ec5c7c2d..888d2178 100644
---- a/src/sp_cookie_encryption.c
-+++ b/src/sp_cookie_encryption.c
-@@ -104,7 +104,7 @@ static void php_head_parse_cookie_options_array(
- 
- PHP_FUNCTION(sp_setcookie) {
- #if PHP_VERSION_ID >= 80500
--  zend_bool partitioned;
-+  zend_bool partitioned = false;
- #endif
-   zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL,
-               *value_enc = NULL,
-@@ -144,12 +144,11 @@ PHP_FUNCTION(sp_setcookie) {
-         RETURN_FALSE;
-       }
-       php_head_parse_cookie_options_array(expires_or_options, &expires, &path,
--                                          &domain, &secure, &httponly,
--#if PHP_VERSION_ID < 80500
--                                          &samesite);
--#else
--                                          &samesite, &partitioned);
-+                                          &domain, &secure, &httponly, &samesite
-+#if PHP_VERSION_ID >= 80500
-+                                          , &partitioned
- #endif
-+      );
-     } else {
-       expires = zval_get_long(expires_or_options);
-     }
-@@ -214,6 +213,10 @@ PHP_FUNCTION(sp_setcookie) {
-   if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
-                     domain, secure, httponly, samesite, 1) == SUCCESS) {
- #else
-+  if (!secure) {
-+    // Can't have partitioned cookies without the secure flag.
-+    partitioned = false;
-+  }
-   if (php_setcookie(name, (value_enc ? value_enc : value), expires, path,
-                     domain, secure, httponly, samesite, partitioned, false) == SUCCESS) {
- #endif