diff options
| author | Remi Collet <remi@remirepo.net> | 2025-11-21 10:10:04 +0100 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2025-11-21 10:10:04 +0100 |
| commit | 88968a659d6f4c52ad4a1220311b9fdd71ce61ef (patch) | |
| tree | 878c502d55a9c9325fcaa6b4fd1f529d264375c7 | |
| parent | cbb9bae84ab343458d18d5e4661458a3adaea450 (diff) | |
in square brackets (upstream patch)
| -rw-r--r-- | php-bug20528.patch | 81 | ||||
| -rw-r--r-- | php.spec | 10 |
2 files changed, 89 insertions, 2 deletions
diff --git a/php-bug20528.patch b/php-bug20528.patch new file mode 100644 index 0000000..f8a790a --- /dev/null +++ b/php-bug20528.patch @@ -0,0 +1,81 @@ +From 9d71c1e0b60cd152a47528dbe514efc443fce920 Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 20 Nov 2025 02:58:45 +0100 +Subject: [PATCH] Fix GH-20528: Regression breaks mysql connexion using an IPv6 + address enclosed in square brackets + +--- + ext/mysqli/tests/mysqli_connect_port.phpt | 31 +++++++++++++++++++++++ + ext/mysqlnd/mysqlnd_connection.c | 17 ++++++++++--- + 2 files changed, 45 insertions(+), 3 deletions(-) + create mode 100644 ext/mysqli/tests/mysqli_connect_port.phpt + +diff --git a/ext/mysqli/tests/mysqli_connect_port.phpt b/ext/mysqli/tests/mysqli_connect_port.phpt +new file mode 100644 +index 0000000000000..cb7fd1d8d1628 +--- /dev/null ++++ b/ext/mysqli/tests/mysqli_connect_port.phpt +@@ -0,0 +1,31 @@ ++--TEST-- ++mysqli_connect() with port in host ++--EXTENSIONS-- ++mysqli ++--SKIPIF-- ++<?php ++require_once 'skipifconnectfailure.inc'; ++?> ++--FILE-- ++<?php ++ require_once 'connect.inc'; ++ ++ // using port / host arguments ++ if (!$link = mysqli_connect($host, $user, $passwd, $db, $port, $socket)) { ++ printf("Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", ++ $host, $user, $db, $port, $socket); ++ } ++ ++ mysqli_close($link); ++ ++ // using port in host ++ if (!$link = mysqli_connect("$host:$port", $user, $passwd, $db, "1$port", $socket)) { ++ printf("Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", ++ "$host:$port", $user, $db, "1$port", $socket); ++ } ++ ++ mysqli_close($link); ++?> ++Done ++--EXPECTF-- ++Done +diff --git a/ext/mysqlnd/mysqlnd_connection.c b/ext/mysqlnd/mysqlnd_connection.c +index d8e7304e9665f..8268034e8b798 100644 +--- a/ext/mysqlnd/mysqlnd_connection.c ++++ b/ext/mysqlnd/mysqlnd_connection.c +@@ -553,13 +553,24 @@ MYSQLND_METHOD(mysqlnd_conn_data, get_scheme)(MYSQLND_CONN_DATA * conn, MYSQLND_ + port = 3306; + } + +- /* ipv6 addresses are in the format [address]:port */ + if (hostname.s[0] != '[' && mysqlnd_fast_is_ipv6_address(hostname.s)) { ++ /* IPv6 without square brackets so without port */ + transport.l = mnd_sprintf(&transport.s, 0, "tcp://[%s]:%u", hostname.s, port); + } else { +- /* Not ipv6, but could already contain a port number, in which case we should not add an extra port. ++ char *p; ++ ++ /* IPv6 addresses are in the format [address]:port */ ++ if (hostname.s[0] == '[') { /* IPv6 */ ++ p = strchr(hostname.s, ']'); ++ if (p && p[1] != ':') { ++ p = NULL; ++ } ++ } else { /* IPv4 or name */ ++ p = strchr(hostname.s, ':'); ++ } ++ /* Could already contain a port number, in which case we should not add an extra port. + * See GH-8978. In a port doubling scenario, the first port would be used so we do the same to keep BC. */ +- if (strchr(hostname.s, ':')) { ++ if (p) { + /* TODO: Ideally we should be able to get rid of this workaround in the future. */ + transport.l = mnd_sprintf(&transport.s, 0, "tcp://%s", hostname.s); + } else { @@ -108,7 +108,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?lowrc:~%{lowrc}}%{?gh_date:.%{gh_date}} -Release: 1%{?dist} +Release: 2%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -169,6 +169,7 @@ Patch48: php-8.5.0-openssl-ec-param.patch # RC Patch # Upstream fixes (100+) +Patch100: php-bug20528.patch # Security fixes (200+) @@ -869,6 +870,7 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %patch -P48 -p1 -b .ec-param # upstream patches +%patch -P100 -p1 -b .20528 # security patches @@ -1372,7 +1374,7 @@ ln -s %{_bindir}/lsphp $RPM_BUILD_ROOT%{_root_bindir}/ls%{scl} TESTCMD="$RPM_BUILD_ROOT%{_bindir}/php --no-php-ini" # Ensure all provided extensions are really there -for mod in core date filter hash json lexbor libxml openssl pcntl pcre random readline reflection session spl standard uri zlib +for mod in core date filter hash json lexbor libxml openssl pcntl pcre random readline reflection session sockets spl standard uri zlib do $TESTCMD --modules | grep -i "$mod\$" done @@ -1657,6 +1659,10 @@ fi %changelog +* Fri Nov 21 2025 Remi Collet <remi@remirepo.net> - 8.5.0-2 +- Fix GH-20528 regression breaks mysql connexion using an IPv6 address enclosed + in square brackets (upstream patch) + * Wed Nov 19 2025 Remi Collet <remi@remirepo.net> - 8.5.0-1 - Update to 8.5.0 GA - switch to bz2 archive to workaround RHEL-125143 |