* PHP-8.3:
Fix GH-18990, bug #81029, bug #47314: SOAP HTTP socket not closing on object destruction
Fix leak when path is too long in ZipArchive::extractTo()
curl: Remove incorrect string release on error
This is backport for 8.3 of b222c020bf
that originally targeted only 8.4+. This is however a bug fix.
Following 68f6ab7113, the ext/curl doesn't
need to be linked against OpenSSL anymore, if curl_version_info_data
ssl_version is OpenSSL/1.1 or later.
With OpenSSL 3 and later the check for old SSL crypto locking callbacks
was detected here.
This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and
syncs the minimum OpenSSL version (currently 1.0.2 or later) across the
PHP build system.
We must define `CURL_STATICLIB` only when building against a static
libcurl. The detection relies on our usual naming conventions, what
should be revised in the future (possibly using pkg-config, or
switching to CMake).
Closes GH-17857.
We must define `CURL_STATICLIB` only when building against a static
libcurl. The detection relies on our usual naming conventions, what
should be revised in the future (possibly using pkg-config, or
switching to CMake).
Closes GH-17857.
Due to a deliberate change in libcurl, the expiration is now capped to
at most 400 days. We could solve this by choosing another date roughly
a year in the future, but would need to update the test next year.
This would be especially annoying for security branches.
Another option would be to actually parse the cookie list lines, but
that might not be worth the trouble. Instead we just ignore the exact
timestamp created by libcurl.
[1] <https://github.com/curl/curl/pull/15937>
Closes GH-17709.
FreeBSD 13.2 is no longer supported[1], and apparently the respective
Cirrus CI image has been removed. We update to FreeBSD 13.3.
This also requires to disable some compiler warnings now, and adapt a
test case.
[1] <https://www.freebsd.org/security/#sup>
[2] <3304488820>
Co-authored-by: David Carlier <devnexen@gmail.com>
Closes GH-16817.
We copy the source handler's FCCs to those of the destination.
We also fix the erroneous test assumption that the trampoline wouldn't
be called.
Closes GH-16732.
Closes GH-16469
Working towards GH-16286
commit e0db221143b808d97bc3a44e9f0968c6308794b4
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Oct 25 22:48:20 2024 +0200
Move CFLAGS into ./configure command for consistency
commit 8ad67768250d181cd7fef30e0c866625bbd8ac94
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Oct 25 22:47:03 2024 +0200
Also upgrade nightly to macOS 13
commit 58a88ccb9f
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Oct 23 19:07:59 2024 +0200
Fix call to dc[n]gettext in tests with 0 $category
This causes a segfault on PHP-8.1
commit 611af05c50
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri Dec 8 13:36:52 2023 +0100
[skip ci] Skip intermittently failing curl test on macOS
The test fails with "CURL ERROR: 56". I will create an issue for it shortly.
commit ec745178bb
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Oct 23 19:05:32 2024 +0200
Backport parts of 9999a0c for gettext
See 9999a0cb75
commit 5ce703496f
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sun Jul 28 14:34:26 2024 +0200
Fix CI failure on macOS after Curl update
commit 714a3e7071
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sat Jul 27 16:09:50 2024 +0200
Fix CI failure after Curl update (#15124)
commit 4f2eb921b9
Author: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Thu May 23 22:20:37 2024 +0200
Fix GH-14307: Test curl_basic_024 fails with curl 8.8.0
Curl changed the behaviour, from the changelog:
- lib: make protocol handlers store scheme name lowercase curl/curl@c294f9c
From the docs: "The returned scheme might be upper or lowercase. Do
comparisons case insensitively."
Closes GH-14312.
commit 251195b41b
Author: Ayesh Karunaratne <ayesh@aye.sh>
Date: Thu Feb 1 02:03:55 2024 +0700
ext/curl: Fix failing tests due to string changes in libcurl 8.6.0
Upstream libcurl 8.6.0 contains a change[^1] that caused a test failure.
This fixes it by updating the test's `EXPECTF` to use a regex to account for both string patterns.
[^1]: 45cf4755e7 (diff-a8a54563608f8155973318f4ddb61d7328dab512b8ff2b5cc48cc76979d4204cL1683)
Closes GH-13293.
commit fc5d83f2b1
Author: Christoph M. Becker <cmbecker69@gmx.de>
Date: Wed Oct 16 22:46:20 2024 +0200
Prepare for necessary move to macOS 13
GH will remove macOS 12 runner images as of December 3rd, so we prepare
for that.
Besides the obvious need to change the runner, we also suppress a
couple of warnings, because otherwise the build would fail due to
`-Werror`.
* curl: Prevent a CurlMultiHandle from holding onto a CurlHandle if `add_handle` fails
As a user I expect `curl_multi_add_handle` to not have any effect if it returns
an error and I specifically do not expect that it would be necessary to call
`curl_multi_remove_handle`.
* NEWS
libcurl ref: [`CURLINFO_POSTTRANSFER_TIME_T`](https://curl.se/libcurl/c/CURLINFO_POSTTRANSFER_TIME_T.html)
`CURLINFO_POSTTRANSFER_TIME_T` is a libcurl info option that returns
the time it took to "post" the transfer. Available since libcurl 8.10.0
This value is also exposed as `posttransfer_time_us` in the
`curl_getinfo()` return value when the `$option` parameter is not
passed.
This adds support for `CURLOPT_DEBUGFUNCTION`[^1] Curl option to set a
custom callback that gets called with debug information during the
lifetime of a Curl request.
The callback gets called with the `CurlHandle` object, an integer
containing the type of the debug message, and a string containing the
debug message. The callback may get called multiple times with the
same message type during a request.
PHP already uses `CURLOPT_DEBUGFUNCTION` functionality to internally
to expose a Curl option named `CURLINFO_HEADER_OUT`.
However,`CURLINFO_HEADER_OUT` is not a "real" Curl option supported
by libcurl. Back in 2006, `CURLINFO_HEADER_OUT` was added[^2] as
a Curl option by using the debug-callback feature. Git history does
not run that back to show why `CURLINFO_HEADER_OUT` was added as a
Curl option, and why the other debug types (such as
`CURLINFO_HEADER_IN` were not added as Curl options, but this seems
to be a historical artifact when we added features without trying
to be close to libcurl options.
This approach has a few issues:
1. `CURLINFO_HEADER_OUT` is not an actual Curl option supported by
upstream libcurl.
2. All of the Curl options have `CURLOPT_` prefix, and `CURLINFO_HEADER_OUT`
is the only Curl "option" that uses the `CURLINFO` prefix. This exception
is, however, noted[^3] in docs.
3. When `CURLINFO_HEADER_OUT` is set, the `CURLOPT_VERBOSE` is also implicitly
set. This was reported[^4] to bugs.php.net, but the bug is marked as wontfix.
This commit adds support for `CURLOPT_DEBUGFUNCTION`. It extends the existing
`curl_debug` callback to store the header-in information if it encounters
a debug message with `CURLINFO_HEADER_OUT`. In all cases, if a callable
is set, it gets called.
`CURLOPT_DEBUGFUNCTION` intends to replace `CURLINFO_HEADER_OUT` Curl
option as a versatile alternative that can also be used to extract
other debug information such as SSL data, text information messages,
incoming headers, as well as headers sent out (which `CURLINFO_HEADER_OUT`
makes available).
The callables are allowed to throw exceptions, but the return values are
ignored.
`CURLOPT_DEBUGFUNCTION` requires `CURLOPT_VERBOSE` enabled, and setting
`CURLOPT_DEBUGFUNCTION` does _not_ implicitly enable `CURLOPT_VERBOSE`.
If the `CURLOPT_DEBUGFUNCTION` option is set, setting `CURLINFO_HEADER_OUT`
throws a `ValueError` exception. Setting `CURLOPT_DEBUGFUNCTION` _after_
enabling `CURLINFO_HEADER_OUT` is allowed. Technically, it is possible
for both functionality (calling user-provided callback _and_ storing
header-out data) is possible, setting `CURLINFO_HEADER_OUT` is not
allowed to encourage the use of `CURLOPT_DEBUGFUNCTION` function.
This commit also adds the rest of the `CURLINFO_` constants used as
the `type` integer value in `CURLOPT_DEBUGFUNCTION` callback.
---
[^1]: [cur.se - CURLOPT_DEBUGFUNCTION](https://curl.se/libcurl/c/CURLOPT_DEBUGFUNCTION.html)
[^2]: [`5f25d80`](5f25d80d10)
[^3]: [curl_setopt doc mentioning `CURLINFO_` prefix is intentional](https://www.php.net/manual/en/function.curl-setopt.php#:~:text=prefix%20is%20intentional)
[^4]: [bugs.php.net - `CURLOPT_VERBOSE` does not work with `CURLINFO_HEADER_OUT`](https://bugs.php.net/bug.php?id=65348)
Exactly these tests are failing on all our macOS x64 CI runners for
about a week. For now we mark them as xfail, to get back to a green
CI pipeline.
Closes GH-16002.
Libcurl `CURLOPT_DNS_USE_GLOBAL_CACHE` constant is no longer supported
since libcurl[^1] 7.62. This no-ops the constant, but without causing
any deprecation notices.
[^1]: [CURLOPT_DNS_USE_GLOBAL_CACHE](https://curl.se/libcurl/c/CURLOPT_DNS_USE_GLOBAL_CACHE.html)
When a class (or enum) has no methods, rather than using an array that only
contains `ZEND_FE_END`, use `NULL` for the functions. The implementation of
class registration for internal classes, `do_register_internal_class()` in
zend_API.c, already skips classes where the functions are `NULL`. By removing
these unneeded arrays, we can reduce the size of the header files, while also
removing an unneeded call to zend_register_functions() for each internal class
with no extra methods.
