From a276585dc339de0938159df25ff9d2b49747d8d3 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Thu, 16 Oct 2014 14:42:01 +0200 Subject: PHP 5.5.18 --- php-5.5.17-openssl.patch | 199 ----------------------------------------------- php-bug65641.patch | 63 --------------- php55.spec | 13 ++-- 3 files changed, 6 insertions(+), 269 deletions(-) delete mode 100644 php-5.5.17-openssl.patch delete mode 100644 php-bug65641.patch diff --git a/php-5.5.17-openssl.patch b/php-5.5.17-openssl.patch deleted file mode 100644 index 790f72c..0000000 --- a/php-5.5.17-openssl.patch +++ /dev/null @@ -1,199 +0,0 @@ -From 32be79dcfa1bc5af8682d9f512da68c5b3e2cbf3 Mon Sep 17 00:00:00 2001 -From: Chris Wright -Date: Sat, 23 Aug 2014 01:40:19 +0100 -Subject: [PATCH] Fix stream_select() issue with OpenSSL buffer - -Ensure data from OpenSSL internal buffer has been -transfered to PHP stream buffer before a select() -emulation operation is performed - -Addresses bug #65137 -https://bugs.php.net/bug.php?id=65137 - -Conflicts: - ext/openssl/xp_ssl.c ---- - ext/openssl/xp_ssl.c | 13 +++++++++++++ - main/php_streams.h | 3 +++ - main/streams/streams.c | 8 ++++---- - 3 files changed, 20 insertions(+), 4 deletions(-) - -diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c -index b7b8690..956ffd0 100644 ---- a/ext/openssl/xp_ssl.c -+++ b/ext/openssl/xp_ssl.c -@@ -835,6 +881,19 @@ - - case PHP_STREAM_AS_FD_FOR_SELECT: - if (ret) { -+ if (sslsock->ssl_active) { -+ /* OpenSSL has an internal buffer which select() cannot see. If we don't -+ fetch it into the stream's buffer, no activity will be reported on the -+ stream even though there is data waiting to be read - but we only fetch -+ the number of bytes OpenSSL has ready to give us since we weren't asked -+ for any data at this stage. This is only likely to cause issues with -+ non-blocking streams, but it's harmless to always do it. */ -+ int bytes; -+ while ((bytes = SSL_pending(sslsock->ssl_handle)) > 0) { -+ php_stream_fill_read_buffer(stream, (size_t)bytes); -+ } -+ } -+ - *(php_socket_t *)ret = sslsock->s.socket; - } - return SUCCESS; -diff --git a/main/php_streams.h b/main/php_streams.h -index 2e4a3a2..89b877f 100644 ---- a/main/php_streams.h -+++ b/main/php_streams.h -@@ -297,6 +297,9 @@ PHPAPI size_t _php_stream_write(php_stream *stream, const char *buf, size_t coun - #define php_stream_write_string(stream, str) _php_stream_write(stream, str, strlen(str) TSRMLS_CC) - #define php_stream_write(stream, buf, count) _php_stream_write(stream, (buf), (count) TSRMLS_CC) - -+PHPAPI void _php_stream_fill_read_buffer(php_stream *stream, size_t size TSRMLS_DC); -+#define php_stream_fill_read_buffer(stream, size) _php_stream_fill_read_buffer((stream), (size) TSRMLS_CC) -+ - #ifdef ZTS - PHPAPI size_t _php_stream_printf(php_stream *stream TSRMLS_DC, const char *fmt, ...) PHP_ATTRIBUTE_FORMAT(printf, 3, 4); - #else -diff --git a/main/streams/streams.c b/main/streams/streams.c -index 3fd4ab3..fbcc1ca 100644 ---- a/main/streams/streams.c -+++ b/main/streams/streams.c -@@ -568,7 +568,7 @@ fprintf(stderr, "stream_free: %s:%p[%s] preserve_handle=%d release_cast=%d remov - - /* {{{ generic stream operations */ - --static void php_stream_fill_read_buffer(php_stream *stream, size_t size TSRMLS_DC) -+PHPAPI void _php_stream_fill_read_buffer(php_stream *stream, size_t size TSRMLS_DC) - { - /* allocate/fill the buffer */ - -@@ -736,7 +736,7 @@ PHPAPI size_t _php_stream_read(php_stream *stream, char *buf, size_t size TSRMLS - break; - } - } else { -- php_stream_fill_read_buffer(stream, size TSRMLS_CC); -+ php_stream_fill_read_buffer(stream, size); - - toread = stream->writepos - stream->readpos; - if (toread > size) { -@@ -972,7 +972,7 @@ PHPAPI char *_php_stream_get_line(php_stream *stream, char *buf, size_t maxlen, - } - } - -- php_stream_fill_read_buffer(stream, toread TSRMLS_CC); -+ php_stream_fill_read_buffer(stream, toread); - - if (stream->writepos - stream->readpos == 0) { - break; -@@ -1047,7 +1047,7 @@ PHPAPI char *php_stream_get_record(php_stream *stream, size_t maxlen, size_t *re - - to_read_now = MIN(maxlen - buffered_len, stream->chunk_size); - -- php_stream_fill_read_buffer(stream, buffered_len + to_read_now TSRMLS_CC); -+ php_stream_fill_read_buffer(stream, buffered_len + to_read_now); - - just_read = STREAM_BUFFERED_AMOUNT(stream) - buffered_len; - --- -1.9.2 - -From 84a4041ba47e92e7a0ba03938d0ebf88b5fcf6cf Mon Sep 17 00:00:00 2001 -From: Anatol Belski -Date: Thu, 7 Aug 2014 19:49:59 +0200 -Subject: [PATCH] fix TS build - ---- - ext/openssl/xp_ssl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c -index 672070e..b7b8690 100644 ---- a/ext/openssl/xp_ssl.c -+++ b/ext/openssl/xp_ssl.c -@@ -204,7 +204,7 @@ static size_t php_openssl_sockop_write(php_stream *stream, const char *buf, size - return didwrite; - } - --static void php_openssl_stream_wait_for_data(php_netstream_data_t *sock TSRMLS_DC) -+static void php_openssl_stream_wait_for_data(php_netstream_data_t *sock) - { - int retval; - struct timeval *ptimeout; -From 6569db88081562f68a4f79e52cba83482bdf05fc Mon Sep 17 00:00:00 2001 -From: Daniel Lowrey -Date: Thu, 7 Aug 2014 11:47:42 -0400 -Subject: [PATCH] Bug #41631: Observe socket read timeouts in SSL streams - ---- - ext/openssl/xp_ssl.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 46 insertions(+) - -diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c -index 3082c83..672070e 100644 ---- a/ext/openssl/xp_ssl.c -+++ b/ext/openssl/xp_ssl.c -@@ -204,13 +204,59 @@ static size_t php_openssl_sockop_write(php_stream *stream, const char *buf, size - return didwrite; - } - -+static void php_openssl_stream_wait_for_data(php_netstream_data_t *sock TSRMLS_DC) -+{ -+ int retval; -+ struct timeval *ptimeout; -+ -+ if (sock->socket == -1) { -+ return; -+ } -+ -+ sock->timeout_event = 0; -+ -+ if (sock->timeout.tv_sec == -1) -+ ptimeout = NULL; -+ else -+ ptimeout = &sock->timeout; -+ -+ while(1) { -+ retval = php_pollfd_for(sock->socket, PHP_POLLREADABLE, ptimeout); -+ -+ if (retval == 0) -+ sock->timeout_event = 1; -+ -+ if (retval >= 0) -+ break; -+ -+ if (php_socket_errno() != EINTR) -+ break; -+ } -+} -+ - static size_t php_openssl_sockop_read(php_stream *stream, char *buf, size_t count TSRMLS_DC) - { - php_openssl_netstream_data_t *sslsock = (php_openssl_netstream_data_t*)stream->abstract; -+ php_netstream_data_t *sock; - int nr_bytes = 0; - - if (sslsock->ssl_active) { - int retry = 1; -+ sock = (php_netstream_data_t*)stream->abstract; -+ -+ /* The SSL_read() function will block indefinitely waiting for data on a blocking -+ socket. If we don't poll for readability first this operation has the potential -+ to hang forever. To avoid this scenario we poll with a timeout before performing -+ the actual read. If it times out we're finished. -+ */ -+ if (sock->is_blocked) { -+ php_openssl_stream_wait_for_data(sock); -+ if (sock->timeout_event) { -+ stream->eof = 1; -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL read operation timed out"); -+ return nr_bytes; -+ } -+ } - - do { - nr_bytes = SSL_read(sslsock->ssl_handle, buf, count); --- -1.9.2 - diff --git a/php-bug65641.patch b/php-bug65641.patch deleted file mode 100644 index d9b31d1..0000000 --- a/php-bug65641.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 8cac75969e5abb2b6be5bbd489d851a4f9e50979 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Mon, 15 Sep 2014 13:29:55 +0200 -Subject: [PATCH] Fixed bug #65641 PHP-FPM incorrectly defines the SCRIPT_NAME - variable when using Apache - -ProxyPass is unable to provide correct PATH_INFO -as it is not aware of file path (while SetHandler is). - -As we can extract PATH_INFO from PATH_TRANSLATED, -we also need to check if present in SCRIPT_NAME -and remove it. - -After applying this patch. -With mod_php -_SERVER["REQUEST_URI"] /info.php/foo/bar?q=1 -_SERVER["SCRIPT_NAME"] /info.php -_SERVER["PATH_INFO"] /foor/bar -_SERVER["PHP_SELF"] /info.php/foo/bar -_SERVER["QUERY_STRING"] q=1 - -With mod_proxy_fcgi + SetHandler -_SERVER["REQUEST_URI"] /info.php/foo/bar?q=1 -_SERVER["SCRIPT_NAME"] /info.php -_SERVER["PATH_INFO"] /foo/bar -_SERVER["PHP_SELF"] /info.php/foo/bar -_SERVER["QUERY_STRING"] q=1 - -With mod_proxy_fcgi + ProxyPass -_SERVER["REQUEST_URI"] /info.php/foo/bar?q=1 -_SERVER["SCRIPT_NAME"] /info.php -_SERVER["PATH_INFO"] /foo/bar -_SERVER["PHP_SELF"] /info.php/foo/bar -_SERVER["QUERY_STRING"] q=1 ---- - sapi/fpm/fpm/fpm_main.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c -index 56a06f9..331342c 100644 ---- a/sapi/fpm/fpm/fpm_main.c -+++ b/sapi/fpm/fpm/fpm_main.c -@@ -1231,6 +1231,17 @@ static void init_request_info(TSRMLS_D) - SG(request_info).request_uri = orig_script_name; - } - path_info[0] = old; -+ } else if (apache_was_here && env_script_name) { -+ /* Using mod_proxy_fcgi and ProxyPass, apache cannot set PATH_INFO -+ * As we can extract PATH_INFO from PATH_TRANSLATED -+ * it is probably also in SCRIPT_NAME and need to be removed -+ */ -+ int snlen = strlen(env_script_name); -+ if (snlen>slen && !strcmp(env_script_name+snlen-slen, path_info)) { -+ _sapi_cgibin_putenv("ORIG_SCRIPT_NAME", orig_script_name TSRMLS_CC); -+ env_script_name[snlen-slen] = 0; -+ SG(request_info).request_uri = _sapi_cgibin_putenv("SCRIPT_NAME", env_script_name TSRMLS_CC); -+ } - } - env_path_info = _sapi_cgibin_putenv("PATH_INFO", path_info TSRMLS_CC); - } --- -1.9.2 - diff --git a/php55.spec b/php55.spec index 251afc9..5778467 100644 --- a/php55.spec +++ b/php55.spec @@ -125,11 +125,11 @@ Summary: PHP scripting language for creating dynamic web sites Name: php -Version: 5.5.17 +Version: 5.5.18 %if 0%{?snapdate:1}%{?rcver:1} Release: 0.1.%{?snapdate}%{?rcver}%{?dist} %else -Release: 3%{?dist} +Release: 1%{?dist} %endif # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -190,9 +190,6 @@ Patch47: php-5.4.9-phpinfo.patch Patch91: php-5.3.7-oci8conf.patch # Upstream fixes (100+) -Patch100: php-bug65641.patch -# Revert to fix regression -Patch101: php-5.5.17-openssl.patch # Security fixes (200+) @@ -944,8 +941,6 @@ rm -rf ext/json %patch91 -p1 -b .remi-oci8 # upstream patches -%patch100 -p1 -b .bug65641 -%patch101 -p1 -R -b .revert # security patches @@ -1949,6 +1944,10 @@ fi %changelog +* Thu Oct 16 2014 Remi Collet 5.5.18-1 +- Update to 5.5.18 + http://www.php.net/releases/5_5_18.php + * Wed Sep 24 2014 Remi Collet 5.5.17-3 - rebuild (fedora, x86_64) -- cgit