From a1dbb57fb367a407ace5513fb71a1382dbbca319 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 11 Sep 2018 11:53:51 +0200 Subject: Update to 7.2.10 - http://www.php.net/releases/7_2_10.php --- be50a72715c141befe6f34ece660745da894aaf3.patch | 37 +++++++++++++++++++++++++ c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch | 22 +++++++++++++++ cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch | 38 ++++++++++++++++++++++++++ failed.txt | 13 ++------- php72.spec | 11 +++++++- 5 files changed, 110 insertions(+), 11 deletions(-) create mode 100644 be50a72715c141befe6f34ece660745da894aaf3.patch create mode 100644 c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch create mode 100644 cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch diff --git a/be50a72715c141befe6f34ece660745da894aaf3.patch b/be50a72715c141befe6f34ece660745da894aaf3.patch new file mode 100644 index 0000000..2bcf82d --- /dev/null +++ b/be50a72715c141befe6f34ece660745da894aaf3.patch @@ -0,0 +1,37 @@ +From be50a72715c141befe6f34ece660745da894aaf3 Mon Sep 17 00:00:00 2001 +From: Jakub Zelenka +Date: Sun, 9 Sep 2018 18:53:37 +0100 +Subject: [PATCH] Fix ssl stream reneg limit test to print only after first + renegotiation + +It has been reported that in some setup the test does multiple +renegotiations which is allowed. +--- + ext/openssl/tests/stream_server_reneg_limit.phpt | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/ext/openssl/tests/stream_server_reneg_limit.phpt b/ext/openssl/tests/stream_server_reneg_limit.phpt +index f0353351a23a..f033cbabe343 100644 +--- a/ext/openssl/tests/stream_server_reneg_limit.phpt ++++ b/ext/openssl/tests/stream_server_reneg_limit.phpt +@@ -22,14 +22,18 @@ if(substr(PHP_OS, 0, 3) == 'WIN') { + */ + + $serverCode = <<<'CODE' ++ $printed = false; + $serverUri = "ssl://127.0.0.1:64321"; + $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; + $serverCtx = stream_context_create(['ssl' => [ + 'local_cert' => __DIR__ . '/bug54992.pem', + 'reneg_limit' => 0, + 'reneg_window' => 30, +- 'reneg_limit_callback' => function($stream) { +- var_dump($stream); ++ 'reneg_limit_callback' => function($stream) use (&$printed) { ++ if (!$printed) { ++ $printed = true; ++ var_dump($stream); ++ } + } + ]]); + diff --git a/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch b/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch new file mode 100644 index 0000000..d945192 --- /dev/null +++ b/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch @@ -0,0 +1,22 @@ +From c1729272b17a1fe893d1a54e423d3b71470f3ee8 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Wed, 29 Aug 2018 09:10:59 +0200 +Subject: [PATCH] fix double cast to int on 32-bit + +--- + Zend/zend_operators.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c +index cafb14d4cc25..9a8a40142433 100644 +--- a/Zend/zend_operators.c ++++ b/Zend/zend_operators.c +@@ -3101,7 +3101,7 @@ ZEND_API zend_long ZEND_FASTCALL zend_dval_to_lval_slow(double d) + if (dmod < 0) { + /* we're going to make this number positive; call ceil() + * to simulate rounding towards 0 of the negative number */ +- dmod = ceil(dmod);// + two_pow_32; ++ dmod = ceil(dmod) + two_pow_32; + } + return (zend_long)(zend_ulong)dmod; + } diff --git a/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch b/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch new file mode 100644 index 0000000..0cb89c8 --- /dev/null +++ b/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch @@ -0,0 +1,38 @@ +From cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a Mon Sep 17 00:00:00 2001 +From: Jakub Zelenka +Date: Sun, 2 Sep 2018 20:00:08 +0100 +Subject: [PATCH] Fix stream_security_level.phpt with OpenSSL 1.1.1 + +--- + ext/openssl/tests/stream_security_level.phpt | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt +index fb1d36a58624..26fedcf670e9 100644 +--- a/ext/openssl/tests/stream_security_level.phpt ++++ b/ext/openssl/tests/stream_security_level.phpt +@@ -5,6 +5,7 @@ security_level setting to prohibit cert + if (!extension_loaded("openssl")) die("skip openssl not loaded"); + if (OPENSSL_VERSION_NUMBER < 0x10100000) die("skip OpenSSL >= v1.1.0 required"); + if (!function_exists("proc_open")) die("skip no proc_open"); ++?> + --FILE-- + [ +- 'security_level' => 3, ++ 'security_level' => 2, + 'verify_peer' => true, + 'cafile' => __DIR__ . '/bug54992-ca.pem', + 'verify_peer_name' => false +@@ -38,6 +39,7 @@ CODE; + + include 'ServerClientTestCase.inc'; + ServerClientTestCase::getInstance()->run($clientCode, $serverCode); ++?> + --EXPECTF-- + Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: + error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d diff --git a/failed.txt b/failed.txt index a07fd1e..0e64660 100644 --- a/failed.txt +++ b/failed.txt @@ -1,4 +1,4 @@ -===== 7.2.10RC1 (2018-08-30) +===== 7.2.10 (2018-09-13) $ grep -r 'Tests failed' /var/lib/mock/{fc,el}*/build.log @@ -13,17 +13,10 @@ $ grep -r 'Tests failed' /var/lib/mock/{fc,el}*/build.log /var/lib/mock/fc27x/build.log:Tests failed : 0 /var/lib/mock/fc28i/build.log:Tests failed : 0 /var/lib/mock/fc28x/build.log:Tests failed : 0 -/var/lib/mock/fc29i/build.log:Tests failed : 4 -/var/lib/mock/fc29x/build.log:Tests failed : 2 +/var/lib/mock/fc29i/build.log:Tests failed : 0 +/var/lib/mock/fc29x/build.log:Tests failed : 0 -fc29i: - 5 zend_dval_to_lval preserves low bits (32 bit long) [Zend/tests/dval_to_lval_32.phpt] - 5 testing integer underflow (32bit) [Zend/tests/int_underflow_32bit.phpt] - -fc29i, fc29x: - 5 security_level setting to prohibit cert [ext/openssl/tests/stream_security_level.phpt] - 5 TLS server rate-limits client-initiated renegotiation [ext/openssl/tests/stream_server_reneg_limit.phpt] 1 proc_open give erratic test results :( diff --git a/php72.spec b/php72.spec index 4113dd3..77b93b0 100644 --- a/php72.spec +++ b/php72.spec @@ -112,7 +112,7 @@ %endif %global upver 7.2.10 -%global rcver RC1 +#global rcver RC1 Summary: PHP scripting language for creating dynamic web sites Name: php @@ -175,6 +175,9 @@ Patch48: php-7.2.8-getallheaders.patch Patch91: php-7.2.0-oci8conf.patch # Upstream fixes (100+) +Patch100: https://github.com/php/php-src/commit/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch +Patch101: https://github.com/php/php-src/commit/be50a72715c141befe6f34ece660745da894aaf3.patch +Patch102: https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch # Security fixes (200+) @@ -1087,6 +1090,9 @@ low-level PHP extension for the libsodium cryptographic library. %patch91 -p1 -b .remi-oci8 # upstream patches +%patch100 -p1 -b .up1 +%patch101 -p1 -b .up2 +%patch102 -p1 -b .up3 # security patches @@ -2143,6 +2149,9 @@ fi %changelog +* Tue Sep 11 2018 Remi Collet - 7.2.10-1 +- Update to 7.2.10 - http://www.php.net/releases/7_2_10.php + * Tue Aug 28 2018 Remi Collet - 7.2.10~RC1-1 - update to 7.2.10RC1 -- cgit