Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed
Addresses bug #65137https://bugs.php.net/bug.php?id=65137
Conflicts:
ext/openssl/xp_ssl.c
* master: (39 commits)
Add __debugInfo() to UPGRADING.
fix TS build
Update NEWS
Update NEWS
Update NEWS
Small tidy ups and raise visibility of GitHub PR process
Bug #41631: Observe socket read timeouts in SSL streams
wrap int8_t and int16_t with #ifdef to avoid possible clashes
- Updated to version 2014.6 (2014f)
Removed Countable::count() change info from UPGRADE.INTERNALS too
NEWS and UPGRADING for intdiv()
Revert "Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option"
Fixed skip case for intdiv 64-bit test
Use callback structure
Add EXPECTF
Fix handling of multi-result sets with PS...used to clean not only the result set but the whole PS.
5.5.17 now
5.4.33-dev now
Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option
Add SO_REUSEPORT + SO_BROADCAST support via socket stream context option
...
Conflicts:
ext/fileinfo/libmagic/softmagic.c
main/streams/xp_socket.c
* master: (46 commits)
PHP_INT_MIN and _MAX tests
NEWS and UPGRADING
Added PHP_INT_MIN
Fix wrong lenght size
Bug #51096 - Remove unnecessary ? for first/last day of
Moved streams related functions to xp_ssl.c
Remove duplicate NEWS
Update NEWS
Update NEWS
Update NEWS
BFN
BFN
Fixed bug #67715 (php-milter does not build and crashes randomly).
We need to turn off any strict mode here for this warning to show up
Disable restrictions regarding arrays in constants at run-time. For the discussion around it, see the thread on the mailing list: http://www.mail-archive.com/internals@lists.php.net/msg68245.html
Revert "Fix bug #67064 in a BC safe way"
Updated NEWS for #67693
Updated NEWS for #67693
Fixed bug #67693 - incorrect push to the empty array
add missing entry to NEWS
...
Conflicts:
Zend/tests/errmsg_040.phpt
Zend/tests/ns_059.phpt
Zend/zend_language_parser.y
Zend/zend_vm_def.h
ext/openssl/openssl.c
ext/reflection/php_reflection.c
ext/session/session.c
ext/spl/spl_directory.c
ext/spl/spl_iterators.c
ext/sqlite3/sqlite3.c
ext/standard/array.c
- New "SNI_server_certs" context option maps host names to
appropriate certs should client handshakes advertise the
SNI extension:
$ctx = stream_context_create(["ssl" => [
"local_cert" => "/path/to/cert.pem",
"SNI_server_certs" => [
"domain1.com" => "/path/to/domain1.pem",
"*.domain2.com" => "/path/to/domain2.pem",
"domain3.com" => "/path/to/domain3.pem"
]
]]);
- Prefixing a "*." will utilize the matching cert if a client
requests the primary host name or any subdomain thereof. So
in the above example our "domain2.pem" will be used for both
requests to "domain2.com" -and- "subdomain.domain2.com"
- The "SNI_server_certs" ctx option has no effect for client
streams.
- SNI support is enabled by default as of 5.6 for both servers
and clients. Servers must specify the "SNI_server_certs" array
to actually use the SNI extension, though.
- If the `"SNI_enabled" => false` ctx option is also passed then
"SNI_server_certs" has no effect.
- While supporting SNI by itself is enough to successfully
negotiate the TLS handshake with many clients, servers MUST
still specify a "local_cert" ctx option or run the risk of
connection failures from clients that do not support the SNI
extension.
- All streams-related code now lives in xp_ssl.c. Previously
stream code was split across both openssl.c and xp_ssl.c
- Folded superfluous php_openssl_structs.h into xp_ssl.c
- Server-specific options now set on SSL_CTX instead of SSL
- Deprecate SNI_server_name ctx option
- Miscellaneous refactoring
