From 6b950164c83a5560d2a86a84da926f98a851d184 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Wed, 14 Mar 2018 09:08:20 +0000 Subject: [PATCH 01/16] - updated to 7.1.15 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index 9082ae5..6ae79f2 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.13 +Version: 7.1.15 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 86ea87c65d879b8684040fe19a5fba5d +# Source0-md5: 9bf2b48c9f928cbb99d59338da28e5b4 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From dd73041c9e8833655519e460a9c2e05e7cb77180 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sun, 25 Mar 2018 17:57:19 +0000 Subject: [PATCH 02/16] - install proper CLI binary --- php.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/php.spec b/php.spec index 6ae79f2..8427b14 100644 --- a/php.spec +++ b/php.spec @@ -143,7 +143,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.1.15 -Release: 1 +Release: 2 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -2584,6 +2584,7 @@ cp -p sapi/embed/php_embed.h $RPM_BUILD_ROOT%{_includedir}/php/php%{php_suffix}/ %endif # CLI +libtool --mode=install install -p sapi/cli/php $RPM_BUILD_ROOT%{_bindir}/php%{php_suffix} # touch for ghost touch $RPM_BUILD_ROOT%{_bindir}/php touch $RPM_BUILD_ROOT%{_mandir}/man1/php.1 -- 2.45.2 From f981b15d2bfa686b60b16676acf03f03791b890e Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Thu, 12 Apr 2018 13:02:12 +0000 Subject: [PATCH 03/16] - updated to 7.1.16, fixed libs problems --- php-ini.patch | 26 +++++++++++++------------- php.spec | 9 ++++++--- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/php-ini.patch b/php-ini.patch index 2b8f90a..91b4c87 100644 --- a/php-ini.patch +++ b/php-ini.patch @@ -1,5 +1,5 @@ ---- php-7.0.12/php.ini 2016-10-13 14:04:17.000000000 +0000 -+++ php-7.0.12/php.ini 2016-10-27 07:40:55.773715000 +0000 +--- php-7.0.13/php.ini 2018-03-28 07:11:55.000000000 +0000 ++++ php-7.0.13/php.ini 2018-04-12 12:56:14.398571302 +0000 @@ -82,6 +82,20 @@ ; much more verbose when it comes to errors. We recommend using the ; development version only in development environments, as errors shown to @@ -30,7 +30,7 @@ ; Development Value: Off ; Production Value: Off -@@ -175,7 +189,7 @@ +@@ -170,7 +184,7 @@ ;user_ini.filename = ".user.ini" ; To disable this feature set this option to empty value @@ -39,7 +39,7 @@ ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) ;user_ini.cache_ttl = 300 -@@ -195,7 +209,7 @@ +@@ -190,7 +204,7 @@ ; documents, however this remains supported for backward compatibility reasons. ; Note that this directive does not control the Date: Tue, 1 May 2018 17:42:25 +0000 Subject: [PATCH 04/16] - updated to 7.1.17 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index 8d11680..7476508 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.16 +Version: 7.1.17 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 537bf278c8f4d3afa163bab90af868a4 +# Source0-md5: 077652f5d9129fb836a320ea54b719e3 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 727d223bccb9d93d7ac6740ffd8a4704098619c2 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Fri, 25 May 2018 22:20:16 +0000 Subject: [PATCH 05/16] - updated to 7.1.18 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index 7476508..bfabcbf 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.17 +Version: 7.1.18 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 077652f5d9129fb836a320ea54b719e3 +# Source0-md5: 25fe6c15fbcc85c89a27dbd78ab82914 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 7adf22762da998ff783eb5069a5d51c49b2f62a0 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Mon, 25 Jun 2018 23:22:40 +0000 Subject: [PATCH 06/16] - updated to 7.1.19 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index bfabcbf..d4d4d1b 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.18 +Version: 7.1.19 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 25fe6c15fbcc85c89a27dbd78ab82914 +# Source0-md5: 7e6440ddcc6579b96e8a04737d31f1f6 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 3091d82f0d74fe0831b1acc59baa3780f117ef85 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sat, 21 Jul 2018 21:21:23 +0000 Subject: [PATCH 07/16] - updated to 7.1.20 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index d4d4d1b..9030e4f 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.19 +Version: 7.1.20 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 7e6440ddcc6579b96e8a04737d31f1f6 +# Source0-md5: cb544f8f3aea28abb6dba818de293ef4 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 88b9ebe587cd8285774c028508d399542ae8edd0 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sun, 22 Jul 2018 00:39:21 +0000 Subject: [PATCH 08/16] - temporarily revert mysql 8 auth fix, breaks build --- php.spec | 4 +- revert-mysql-8-auth-fix.patch | 632 ++++++++++++++++++++++++++++++++++ 2 files changed, 635 insertions(+), 1 deletion(-) create mode 100644 revert-mysql-8-auth-fix.patch diff --git a/php.spec b/php.spec index 9030e4f..d0e596f 100644 --- a/php.spec +++ b/php.spec @@ -143,7 +143,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.1.20 -Release: 1 +Release: 2 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -207,6 +207,7 @@ Patch69: fpm-conf-split.patch Patch70: mysqlnd-ssl.patch Patch71: libdb-info.patch Patch72: phar-hash-shared.patch +Patch73: revert-mysql-8-auth-fix.patch URL: http://php.net/ %{?with_interbase:%{!?with_interbase_inst:BuildRequires: Firebird-devel >= 1.0.2.908-2}} %{?with_pspell:BuildRequires: aspell-devel >= 2:0.50.0} @@ -1971,6 +1972,7 @@ cp -p php.ini-production php.ini %patch70 -p1 %patch71 -p1 %patch72 -p1 +%patch73 -p1 %{__sed} -i -e '/PHP_ADD_LIBRARY_WITH_PATH/s#xmlrpc,#xmlrpc-epi,#' ext/xmlrpc/config.m4 diff --git a/revert-mysql-8-auth-fix.patch b/revert-mysql-8-auth-fix.patch new file mode 100644 index 0000000..ccde5b8 --- /dev/null +++ b/revert-mysql-8-auth-fix.patch @@ -0,0 +1,632 @@ +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_auth.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c 2018-07-22 00:12:44.558404079 +0000 +@@ -89,7 +89,6 @@ mysqlnd_run_authentication( + } + } + +- + { + zend_uchar * switch_to_auth_protocol_data = NULL; + size_t switch_to_auth_protocol_data_len = 0; +@@ -114,11 +113,10 @@ mysqlnd_run_authentication( + DBG_INF_FMT("salt(%d)=[%.*s]", plugin_data_len, plugin_data_len, plugin_data); + /* The data should be allocated with malloc() */ + if (auth_plugin) { +- scrambled_data = auth_plugin->methods.get_auth_data( +- NULL, &scrambled_data_len, conn, user, passwd, +- passwd_len, plugin_data, plugin_data_len, +- session_options, conn->protocol_frame_codec->data, +- mysql_flags); ++ scrambled_data = ++ auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len, ++ plugin_data, plugin_data_len, session_options, ++ conn->protocol_frame_codec->data, mysql_flags); + } + + if (conn->error_info->error_no) { +@@ -129,7 +127,6 @@ mysqlnd_run_authentication( + charset_no, + first_call, + requested_protocol, +- auth_plugin, plugin_data, plugin_data_len, + scrambled_data, scrambled_data_len, + &switch_to_auth_protocol, &switch_to_auth_protocol_len, + &switch_to_auth_protocol_data, &switch_to_auth_protocol_data_len +@@ -251,9 +248,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + unsigned int server_charset_no, + zend_bool use_full_blown_auth_packet, + const char * const auth_protocol, +- struct st_mysqlnd_authentication_plugin * auth_plugin, +- const zend_uchar * const orig_auth_plugin_data, +- const size_t orig_auth_plugin_data_len, + const zend_uchar * const auth_plugin_data, + const size_t auth_plugin_data_len, + char ** switch_to_auth_protocol, +@@ -324,11 +318,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no); + } + +- if (auth_plugin && auth_plugin->methods.handle_server_response) { +- auth_plugin->methods.handle_server_response(auth_plugin, conn, +- orig_auth_plugin_data, orig_auth_plugin_data_len, passwd, passwd_len); +- } +- + if (FAIL == PACKET_READ(auth_resp_packet) || auth_resp_packet->response_code >= 0xFE) { + if (auth_resp_packet->response_code == 0xFE) { + /* old authentication with new server !*/ +@@ -624,8 +613,7 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_native_auth_get_auth_data, +- NULL ++ mysqlnd_native_auth_get_auth_data + } + }; + +@@ -674,8 +662,7 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_pam_auth_get_auth_data, +- NULL ++ mysqlnd_pam_auth_get_auth_data + } + }; + +@@ -859,283 +846,17 @@ static struct st_mysqlnd_authentication_ + } + }, + {/* methods */ +- mysqlnd_sha256_auth_get_auth_data, +- NULL ++ mysqlnd_sha256_auth_get_auth_data + } + }; + #endif + +-/*************************************** CACHING SHA2 Password *******************************/ +- +-#undef L64 +- +-#include "ext/hash/php_hash.h" +-#include "ext/hash/php_hash_sha.h" +- +-#define SHA256_LENGTH 32 +- +-/* {{{ php_mysqlnd_scramble_sha2 */ +-void php_mysqlnd_scramble_sha2(zend_uchar * const buffer, const zend_uchar * const scramble, const zend_uchar * const password, const size_t password_len) +-{ +- PHP_SHA256_CTX context; +- zend_uchar sha1[SHA256_LENGTH]; +- zend_uchar sha2[SHA256_LENGTH]; +- +- /* Phase 1: hash password */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, password, password_len); +- PHP_SHA256Final(sha1, &context); +- +- /* Phase 2: hash sha1 */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, (zend_uchar*)sha1, SHA256_LENGTH); +- PHP_SHA256Final(sha2, &context); +- +- /* Phase 3: hash scramble + sha2 */ +- PHP_SHA256Init(&context); +- PHP_SHA256Update(&context, (zend_uchar*)sha2, SHA256_LENGTH); +- PHP_SHA256Update(&context, scramble, SCRAMBLE_LENGTH); +- PHP_SHA256Final(buffer, &context); +- +- /* let's crypt buffer now */ +- php_mysqlnd_crypt(buffer, (const zend_uchar *)sha1, (const zend_uchar *)buffer, SHA256_LENGTH); +-} +-/* }}} */ +- +- +-/* {{{ mysqlnd_native_auth_get_auth_data */ +-static zend_uchar * +-mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * self, +- size_t * auth_data_len, +- MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd, +- const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const MYSQLND_SESSION_OPTIONS * const session_options, +- const MYSQLND_PFC_DATA * const pfc_data, +- zend_ulong mysql_flags +- ) +-{ +- zend_uchar * ret = NULL; +- DBG_ENTER("mysqlnd_caching_sha2_get_auth_data"); +- DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data); +- *auth_data_len = 0; +- +- DBG_INF("First auth step: send hashed password"); +- /* copy scrambled pass*/ +- if (passwd && passwd_len) { +- ret = malloc(SHA256_LENGTH + 1); +- *auth_data_len = SHA256_LENGTH; +- php_mysqlnd_scramble_sha2((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len); +- ret[SHA256_LENGTH] = '\0'; +- DBG_INF_FMT("hash(%d)=[%.*s]", *auth_data_len, *auth_data_len, ret); +- } +- +- DBG_RETURN(ret); +-} +-/* }}} */ +- +-#ifdef MYSQLND_HAVE_SSL +-static RSA * +-mysqlnd_caching_sha2_get_key(MYSQLND_CONN_DATA *conn) +-{ +- RSA * ret = NULL; +- const MYSQLND_PFC_DATA * const pfc_data = conn->protocol_frame_codec->data; +- const char * fname = (pfc_data->sha256_server_public_key && pfc_data->sha256_server_public_key[0] != '\0')? +- pfc_data->sha256_server_public_key: +- MYSQLND_G(sha256_server_public_key); +- php_stream * stream; +- DBG_ENTER("mysqlnd_cached_sha2_get_key"); +- DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]", +- pfc_data->sha256_server_public_key? pfc_data->sha256_server_public_key:"n/a", +- MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a"); +- if (!fname || fname[0] == '\0') { +- MYSQLND_PACKET_CACHED_SHA2_RESULT *req_packet = NULL; +- MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE *pk_resp_packet = NULL; +- +- do { +- DBG_INF("requesting the public key from the server"); +- req_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); +- pk_resp_packet = conn->payload_decoder_factory->m.get_sha256_pk_request_response_packet(conn->payload_decoder_factory, FALSE); +- req_packet->request = 1; +- +- if (! PACKET_WRITE(req_packet)) { +- DBG_ERR_FMT("Error while sending public key request packet"); +- php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid()); +- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); +- break; +- } +- if (FAIL == PACKET_READ(pk_resp_packet) || NULL == pk_resp_packet->public_key) { +- DBG_ERR_FMT("Error while receiving public key"); +- php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid()); +- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); +- break; +- } +- DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key); +- /* now extract the public key */ +- { +- BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len); +- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); +- BIO_free(bio); +- } +- } while (0); +- PACKET_FREE(req_packet); +- PACKET_FREE(pk_resp_packet); +- +- DBG_INF_FMT("ret=%p", ret); +- DBG_RETURN(ret); +- +- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, +- "caching_sha2_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key"); +- DBG_ERR("server_public_key is not set"); +- DBG_RETURN(NULL); +- } else { +- zend_string * key_str; +- DBG_INF_FMT("Key in a file. [%s]", fname); +- stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL); +- +- if (stream) { +- if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) { +- BIO * bio = BIO_new_mem_buf(ZSTR_VAL(key_str), ZSTR_LEN(key_str)); +- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); +- BIO_free(bio); +- DBG_INF("Successfully loaded"); +- DBG_INF_FMT("Public key:%*.s", ZSTR_LEN(key_str), ZSTR_VAL(key_str)); +- zend_string_release(key_str); +- } +- php_stream_close(stream); +- } +- } +- DBG_RETURN(ret); +- +-} +-#endif +- +- +-/* {{{ mysqlnd_caching_sha2_get_key */ +-static size_t +-mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- unsigned char **crypted, +- const char * const passwd, +- const size_t passwd_len) +-{ +-#ifdef MYSQLND_HAVE_SSL +- static RSA *server_public_key; +- server_public_key = mysqlnd_caching_sha2_get_key(conn); +- +- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); +- +- if (server_public_key) { +- int server_public_key_len; +- char xor_str[passwd_len + 1]; +- memcpy(xor_str, passwd, passwd_len); +- xor_str[passwd_len] = '\0'; +- mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); +- +- server_public_key_len = RSA_size(server_public_key); +- /* +- Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len. +- RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here: +- http://www.openssl.org/docs/crypto/RSA_public_encrypt.html +- */ +- if ((size_t) server_public_key_len - 41 <= passwd_len) { +- /* password message is to long */ +- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); +- DBG_ERR("password is too long"); +- DBG_RETURN(0); +- } +- +- *crypted = emalloc(server_public_key_len); +- RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING); +- DBG_RETURN(server_public_key_len); +- } +- DBG_RETURN(0); +-#else +- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); +- php_error_docref(NULL, E_WARNING, "PHP was built without openssl extension, can't send password encrypted"); +- DBG_RETURN(0); +-#endif +-} +-/* }}} */ +- +-/* {{{ mysqlnd_native_auth_get_auth_data */ +-static void +-mysqlnd_caching_sha2_handle_server_response(struct st_mysqlnd_authentication_plugin *self, +- MYSQLND_CONN_DATA * conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const char * const passwd, +- const size_t passwd_len) +-{ +- DBG_ENTER("mysqlnd_caching_sha2_handle_server_response"); +- MYSQLND_PACKET_CACHED_SHA2_RESULT *result_packet; +- result_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); +- +- if (FAIL == PACKET_READ(result_packet)) { +- DBG_VOID_RETURN; +- } +- +- switch (result_packet->response_code) { +- case 3: +- DBG_INF("fast path suceeded"); +- PACKET_FREE(result_packet); +- DBG_VOID_RETURN; +- case 4: +- if (conn->vio->data->ssl || conn->unix_socket.s) { +- DBG_INF("fast path failed, doing full auth via SSL"); +- result_packet->password = (zend_uchar *)passwd; +- result_packet->password_len = passwd_len + 1; +- PACKET_WRITE(result_packet); +- } else { +- DBG_INF("fast path failed, doing full auth without SSL"); +- result_packet->password_len = mysqlnd_caching_sha2_get_and_use_key(conn, auth_plugin_data, auth_plugin_data_len, &result_packet->password, passwd, passwd_len); +- PACKET_WRITE(result_packet); +- efree(result_packet->password); +- } +- PACKET_FREE(result_packet); +- DBG_VOID_RETURN; +- case 2: +- // The server tried to send a key, which we didn't expect +- // fall-through +- default: +- php_error_docref(NULL, E_WARNING, "Unexpected server respose while doing caching_sha2 auth: %i", result_packet->response_code); +- } +- +- PACKET_FREE(result_packet); +- +- DBG_VOID_RETURN; +-} +-/* }}} */ +- +-static struct st_mysqlnd_authentication_plugin mysqlnd_caching_sha2_auth_plugin = +-{ +- { +- MYSQLND_PLUGIN_API_VERSION, +- "auth_plugin_caching_sha2_password", +- MYSQLND_VERSION_ID, +- PHP_MYSQLND_VERSION, +- "PHP License 3.01", +- "Johannes Schlüter ", +- { +- NULL, /* no statistics , will be filled later if there are some */ +- NULL, /* no statistics */ +- }, +- { +- NULL /* plugin shutdown */ +- } +- }, +- {/* methods */ +- mysqlnd_caching_sha2_get_auth_data, +- mysqlnd_caching_sha2_handle_server_response +- } +-}; +- +- + /* {{{ mysqlnd_register_builtin_authentication_plugins */ + void + mysqlnd_register_builtin_authentication_plugins(void) + { + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_native_auth_plugin); + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_pam_authentication_plugin); +- mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_caching_sha2_auth_plugin); + #ifdef MYSQLND_HAVE_SSL + mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_sha256_authentication_plugin); + #endif +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_auth.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h 2018-07-22 00:10:53.908410675 +0000 +@@ -31,9 +31,26 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA + unsigned int server_charset_no, + zend_bool use_full_blown_auth_packet, + const char * const auth_protocol, +- struct st_mysqlnd_authentication_plugin * auth_plugin, +- const zend_uchar * const orig_auth_plugin_data, +- const size_t orig_auth_plugin_data_len, ++ const zend_uchar * const auth_plugin_data, ++ const size_t auth_plugin_data_len, ++ char ** switch_to_auth_protocol, ++ size_t * switch_to_auth_protocol_len, ++ zend_uchar ** switch_to_auth_protocol_data, ++ size_t * switch_to_auth_protocol_data_len ++ ); ++ ++enum_func_status ++mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn, ++ const char * const user, ++ const char * const passwd, ++ const size_t passwd_len, ++ const char * const db, ++ const size_t db_len, ++ const MYSQLND_SESSION_OPTIONS * const session_options, ++ zend_ulong mysql_flags, ++ unsigned int server_charset_no, ++ zend_bool use_full_blown_auth_packet, ++ const char * const auth_protocol, + const zend_uchar * const auth_plugin_data, + const size_t auth_plugin_data_len, + char ** switch_to_auth_protocol, +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_connection.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_connection.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c 2018-07-22 00:10:53.909410674 +0000 +@@ -678,10 +678,7 @@ MYSQLND_METHOD(mysqlnd_conn_data, connec + + { + const MYSQLND_CSTRING scheme = { transport.s, transport.l }; +- /* This will be overwritten below with a copy, but we can use it during authentication */ +- conn->unix_socket.s = (char *)socket_or_pipe.s; + if (FAIL == conn->m->connect_handshake(conn, &scheme, &username, &password, &database, mysql_flags)) { +- conn->unix_socket.s = NULL; + goto err; + } + conn->unix_socket.s = NULL; +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-22 00:10:53.909410674 +0000 +@@ -631,7 +631,6 @@ enum mysqlnd_packet_type + PROT_CHG_USER_RESP_PACKET, + PROT_SHA256_PK_REQUEST_PACKET, + PROT_SHA256_PK_REQUEST_RESPONSE_PACKET, +- PROT_CACHED_SHA2_RESULT_PACKET, + PROT_LAST /* should always be last */ + }; + +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_structs.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_structs.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h 2018-07-22 00:10:53.909410674 +0000 +@@ -970,7 +970,6 @@ struct st_mysqlnd_packet_chg_user_resp; + struct st_mysqlnd_packet_auth_pam; + struct st_mysqlnd_packet_sha256_pk_request; + struct st_mysqlnd_packet_sha256_pk_request_response; +-struct st_mysqlnd_packet_cached_sha2_result; + + typedef struct st_mysqlnd_packet_greet * (*func_mysqlnd_protocol_payload_decoder_factory__get_greet_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_auth * (*func_mysqlnd_protocol_payload_decoder_factory__get_auth_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); +@@ -987,7 +986,6 @@ typedef struct st_mysqlnd_packet_prepare + typedef struct st_mysqlnd_packet_chg_user_resp*(*func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_sha256_pk_request *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + typedef struct st_mysqlnd_packet_sha256_pk_request_response *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); +-typedef struct st_mysqlnd_packet_cached_sha2_result *(*func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); + + typedef enum_func_status (*func_mysqlnd_protocol_payload_decoder_factory__send_command)( + MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * payload_decoder_factory, +@@ -1045,7 +1043,6 @@ MYSQLND_CLASS_METHODS_TYPE(mysqlnd_proto + func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet get_change_user_response_packet; + func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet get_sha256_pk_request_packet; + func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet get_sha256_pk_request_response_packet; +- func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet get_cached_sha2_result_packet; + + func_mysqlnd_protocol_payload_decoder_factory__send_command send_command; + func_mysqlnd_protocol_payload_decoder_factory__send_command_handle_response send_command_handle_response; +@@ -1358,18 +1355,11 @@ typedef zend_uchar * (*func_auth_plugin_ + const MYSQLND_PFC_DATA * const pfc_data, zend_ulong mysql_flags + ); + +-typedef void (*func_auth_plugin__handle_server_response)(struct st_mysqlnd_authentication_plugin * self, +- MYSQLND_CONN_DATA * conn, +- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, +- const char * const passwd, +- const size_t passwd_len); +- + struct st_mysqlnd_authentication_plugin + { + struct st_mysqlnd_plugin_header plugin_header; + struct { + func_auth_plugin__get_auth_data get_auth_data; +- func_auth_plugin__handle_server_response handle_server_response; + } methods; + }; + +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c +--- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-22 00:11:47.108407504 +0000 +@@ -2273,85 +2273,6 @@ php_mysqlnd_sha256_pk_request_response_f + } + /* }}} */ + +-static +-size_t php_mysqlnd_cached_sha2_result_write(void * _packet) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; +- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; +- MYSQLND_VIO * vio = packet->header.vio; +- MYSQLND_STATS * stats = packet->header.stats; +-#ifndef _MSC_VER +- zend_uchar buffer[MYSQLND_HEADER_SIZE + packet->password_len + 1]; +-#else +- ALLOCA_FLAG(use_heap) +- zend_uchar *buffer = do_alloca(MYSQLND_HEADER_SIZE + packet->password_len + 1, use_heap); +-#endif +- size_t sent; +- +- DBG_ENTER("php_mysqlnd_cached_sha2_result_write"); +- +- if (packet->request == 1) { +- int1store(buffer + MYSQLND_HEADER_SIZE, '\2'); +- sent = pfc->data->m.send(pfc, vio, buffer, 1, stats, error_info); +- } else { +- memcpy(buffer + MYSQLND_HEADER_SIZE, packet->password, packet->password_len); +- sent = pfc->data->m.send(pfc, vio, buffer, packet->password_len, stats, error_info); +- } +- +-#ifdef _MSC_VER +- free_alloca(buffer, use_heap); +-#endif +- +- DBG_RETURN(sent); +-} +- +-static enum_func_status +-php_mysqlnd_cached_sha2_result_read(void * _packet) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; +- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; +- MYSQLND_VIO * vio = packet->header.vio; +- MYSQLND_STATS * stats = packet->header.stats; +- MYSQLND_CONNECTION_STATE * connection_state = packet->header.connection_state; +- zend_uchar buf[SHA256_PK_REQUEST_RESP_BUFFER_SIZE]; +- zend_uchar *p = buf; +- const zend_uchar * const begin = buf; +- +- DBG_ENTER("php_mysqlnd_cached_sha2_result_read"); +- if (FAIL == mysqlnd_read_packet_header_and_body(&(packet->header), pfc, vio, stats, error_info, connection_state, buf, sizeof(buf), "PROT_CACHED_SHA2_RESULT_PACKET", PROT_CACHED_SHA2_RESULT_PACKET)) { +- DBG_RETURN(FAIL); +- } +- BAIL_IF_NO_MORE_DATA; +- +- p++; +- packet->response_code = uint1korr(p); +- BAIL_IF_NO_MORE_DATA; +- +- p++; +- packet->result = uint1korr(p); +- BAIL_IF_NO_MORE_DATA; +- +- DBG_RETURN(PASS); +- +-premature_end: +- DBG_ERR_FMT("OK packet %d bytes shorter than expected", p - begin - packet->header.size); +- php_error_docref(NULL, E_WARNING, "SHA256_PK_REQUEST_RESPONSE packet "MYSQLND_SZ_T_SPEC" bytes shorter than expected", +- p - begin - packet->header.size); +- DBG_RETURN(FAIL); +-} +- +-static void +-php_mysqlnd_cached_sha2_result_free_mem(void * _packet, zend_bool stack_allocation) +-{ +- MYSQLND_PACKET_CACHED_SHA2_RESULT * p = (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; +- +- if (!stack_allocation) { +- mnd_pefree(p, p->header.persistent); +- } +-} +-/* }}} */ + /* {{{ packet_methods */ + static + mysqlnd_packet_methods packet_methods[PROT_LAST] = +@@ -2445,15 +2366,9 @@ mysqlnd_packet_methods packet_methods[PR + php_mysqlnd_sha256_pk_request_response_read, + NULL, /* write */ + php_mysqlnd_sha256_pk_request_response_free_mem, +- }, /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ +- { +- sizeof(MYSQLND_PACKET_CACHED_SHA2_RESULT), +- php_mysqlnd_cached_sha2_result_read, +- php_mysqlnd_cached_sha2_result_write, +- php_mysqlnd_cached_sha2_result_free_mem +- } /* PROT_CACHED_SHA2_RESULT_PACKET */ ++ } /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ + }; +-/* }}} */ ++/* }}} */ + + + /* {{{ mysqlnd_protocol::get_greet_packet */ +@@ -2802,30 +2717,6 @@ MYSQLND_METHOD(mysqlnd_protocol, get_sha + } + /* }}} */ + +-/* {{{ mysqlnd_protocol::init_cached_sha2_result_packet */ +-static struct st_mysqlnd_packet_cached_sha2_result * +-MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet) +-(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent) +-{ +- struct st_mysqlnd_packet_cached_sha2_result * packet = mnd_pecalloc(1, packet_methods[PROT_CACHED_SHA2_RESULT_PACKET].struct_size, persistent); +- DBG_ENTER("mysqlnd_protocol::init_cached_sha2_result_packet"); +- if (packet) { +- memset(packet, 0, sizeof(*packet)); +- packet->header.m = &packet_methods[PROT_CACHED_SHA2_RESULT_PACKET]; +- packet->header.factory = factory; +- +- packet->header.protocol_frame_codec = factory->conn->protocol_frame_codec; +- packet->header.vio = factory->conn->vio; +- packet->header.stats = factory->conn->stats; +- packet->header.error_info = factory->conn->error_info; +- packet->header.connection_state = &factory->conn->state; +- +- packet->header.persistent = persistent; +- } +- DBG_RETURN(packet); +-} +-/* }}} */ +- + + /* {{{ mysqlnd_protocol::send_command */ + static enum_func_status +@@ -3056,7 +2947,6 @@ MYSQLND_CLASS_METHODS_START(mysqlnd_prot + MYSQLND_METHOD(mysqlnd_protocol, get_change_user_response_packet), + MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_packet), + MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_response_packet), +- MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet), + + MYSQLND_METHOD(mysqlnd_protocol, send_command), + MYSQLND_METHOD(mysqlnd_protocol, send_command_handle_response), +diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h +--- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-17 05:35:47.000000000 +0000 ++++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-22 00:10:53.910410674 +0000 +@@ -292,16 +292,6 @@ typedef struct st_mysqlnd_packet_sha256 + size_t public_key_len; + } MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE; + +-typedef struct st_mysqlnd_packet_cached_sha2_result { +- MYSQLND_PACKET_HEADER header; +- uint8_t response_code; +- uint8_t result; +- uint8_t request; +- zend_uchar * password; +- size_t password_len; +-} MYSQLND_PACKET_CACHED_SHA2_RESULT; +- +- + + zend_ulong php_mysqlnd_net_field_length(const zend_uchar **packet); + zend_uchar * php_mysqlnd_net_store_length(zend_uchar *packet, const uint64_t length); -- 2.45.2 From 95b92479a559949479c08391cea7233a4ea05713 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sun, 19 Aug 2018 14:20:45 +0000 Subject: [PATCH 09/16] - updated to 7.1.21 --- php.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/php.spec b/php.spec index d0e596f..9faef10 100644 --- a/php.spec +++ b/php.spec @@ -142,8 +142,8 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.20 -Release: 2 +Version: 7.1.21 +Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: cb544f8f3aea28abb6dba818de293ef4 +# Source0-md5: c3262432ad190d16c8d16f49d6b1cedf Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 357152b93c46771a1965ce602942b99e757680b4 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Wed, 22 Aug 2018 12:04:25 +0000 Subject: [PATCH 10/16] - fixed removing alternatives on uninstall --- php.spec | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php.spec b/php.spec index 9faef10..05da72f 100644 --- a/php.spec +++ b/php.spec @@ -143,7 +143,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.1.21 -Release: 1 +Release: 2 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -2666,7 +2666,7 @@ update-alternatives \ %postun cli if [ $1 -eq 0 ]; then - update-alternatives --remove php %{_bindir}/php || : + update-alternatives --remove php %{_bindir}/php%{php_suffix} || : fi %post common -p /sbin/ldconfig @@ -2682,8 +2682,8 @@ update-alternatives \ %postun devel if [ $1 -eq 0 ]; then - update-alternatives --remove phpize %{_bindir}/phpize || : - update-alternatives --remove php-config %{_bindir}/php-config || : + update-alternatives --remove phpize %{_bindir}/phpize%{php_suffix} || : + update-alternatives --remove php-config %{_bindir}/php-config%{php_suffix} || : fi %pre fpm @@ -2698,7 +2698,7 @@ update-alternatives --install %{_sbindir}/php-fpm php-fpm %{_sbindir}/php%{php_s if [ "$1" = "0" ]; then %service %{name}-fpm stop /sbin/chkconfig --del %{name}-fpm - update-alternatives --remove php-fpm %{_sbindir}/php-fpm || : + update-alternatives --remove php-fpm %{_sbindir}/php%{php_suffix}-fpm || : fi %postun fpm @@ -2861,7 +2861,7 @@ update-alternatives \ %postun phar %ext_postun if [ $1 -eq 0 ]; then - update-alternatives --remove phar %{_bindir}/phar || : + update-alternatives --remove phar %{_bindir}/phar%{php_suffix}.phar || : fi %if %{with apache2} -- 2.45.2 From f53e3b69a5dcd8a639bedd6c9f0eaa9c3682a65c Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Fri, 31 Aug 2018 12:54:03 +0000 Subject: [PATCH 11/16] - release 3 --- php.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php.spec b/php.spec index 05da72f..abcd150 100644 --- a/php.spec +++ b/php.spec @@ -143,7 +143,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.1.21 -Release: 2 +Release: 3 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend -- 2.45.2 From 24d09fdeaf09b62b581458e2e3f5bd0cb283096d Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Mon, 3 Sep 2018 10:07:46 +0000 Subject: [PATCH 12/16] - release 4 --- php.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php.spec b/php.spec index abcd150..c456351 100644 --- a/php.spec +++ b/php.spec @@ -143,7 +143,7 @@ Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирова Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} Version: 7.1.21 -Release: 3 +Release: 4 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend -- 2.45.2 From 7482936ec59c5393e60aa2c6e2f8d6a3f227ee33 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Thu, 20 Sep 2018 13:32:41 +0000 Subject: [PATCH 13/16] - updated to 7.1.22 --- php.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/php.spec b/php.spec index c456351..e422449 100644 --- a/php.spec +++ b/php.spec @@ -142,8 +142,8 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.21 -Release: 4 +Version: 7.1.22 +Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: c3262432ad190d16c8d16f49d6b1cedf +# Source0-md5: d708374c749446beec8539f4fcdad8aa Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2 From 0ce6064f945c28210b023ded38b376f6da91813b Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Thu, 11 Oct 2018 20:28:25 +0000 Subject: [PATCH 14/16] - updated to 7.1.23 --- php.spec | 6 +- revert-mysql-8-auth-fix.patch | 632 ---------------------------------- 2 files changed, 2 insertions(+), 636 deletions(-) delete mode 100644 revert-mysql-8-auth-fix.patch diff --git a/php.spec b/php.spec index e422449..10afe15 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.22 +Version: 7.1.23 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: d708374c749446beec8539f4fcdad8aa +# Source0-md5: 5e5baa60cfd85dd70bed9e740dd6dbc6 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini @@ -207,7 +207,6 @@ Patch69: fpm-conf-split.patch Patch70: mysqlnd-ssl.patch Patch71: libdb-info.patch Patch72: phar-hash-shared.patch -Patch73: revert-mysql-8-auth-fix.patch URL: http://php.net/ %{?with_interbase:%{!?with_interbase_inst:BuildRequires: Firebird-devel >= 1.0.2.908-2}} %{?with_pspell:BuildRequires: aspell-devel >= 2:0.50.0} @@ -1972,7 +1971,6 @@ cp -p php.ini-production php.ini %patch70 -p1 %patch71 -p1 %patch72 -p1 -%patch73 -p1 %{__sed} -i -e '/PHP_ADD_LIBRARY_WITH_PATH/s#xmlrpc,#xmlrpc-epi,#' ext/xmlrpc/config.m4 diff --git a/revert-mysql-8-auth-fix.patch b/revert-mysql-8-auth-fix.patch deleted file mode 100644 index ccde5b8..0000000 --- a/revert-mysql-8-auth-fix.patch +++ /dev/null @@ -1,632 +0,0 @@ -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c ---- php-7.2.8/ext/mysqlnd/mysqlnd_auth.c 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.c 2018-07-22 00:12:44.558404079 +0000 -@@ -89,7 +89,6 @@ mysqlnd_run_authentication( - } - } - -- - { - zend_uchar * switch_to_auth_protocol_data = NULL; - size_t switch_to_auth_protocol_data_len = 0; -@@ -114,11 +113,10 @@ mysqlnd_run_authentication( - DBG_INF_FMT("salt(%d)=[%.*s]", plugin_data_len, plugin_data_len, plugin_data); - /* The data should be allocated with malloc() */ - if (auth_plugin) { -- scrambled_data = auth_plugin->methods.get_auth_data( -- NULL, &scrambled_data_len, conn, user, passwd, -- passwd_len, plugin_data, plugin_data_len, -- session_options, conn->protocol_frame_codec->data, -- mysql_flags); -+ scrambled_data = -+ auth_plugin->methods.get_auth_data(NULL, &scrambled_data_len, conn, user, passwd, passwd_len, -+ plugin_data, plugin_data_len, session_options, -+ conn->protocol_frame_codec->data, mysql_flags); - } - - if (conn->error_info->error_no) { -@@ -129,7 +127,6 @@ mysqlnd_run_authentication( - charset_no, - first_call, - requested_protocol, -- auth_plugin, plugin_data, plugin_data_len, - scrambled_data, scrambled_data_len, - &switch_to_auth_protocol, &switch_to_auth_protocol_len, - &switch_to_auth_protocol_data, &switch_to_auth_protocol_data_len -@@ -251,9 +248,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA - unsigned int server_charset_no, - zend_bool use_full_blown_auth_packet, - const char * const auth_protocol, -- struct st_mysqlnd_authentication_plugin * auth_plugin, -- const zend_uchar * const orig_auth_plugin_data, -- const size_t orig_auth_plugin_data_len, - const zend_uchar * const auth_plugin_data, - const size_t auth_plugin_data_len, - char ** switch_to_auth_protocol, -@@ -324,11 +318,6 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA - conn->charset = mysqlnd_find_charset_nr(auth_packet->charset_no); - } - -- if (auth_plugin && auth_plugin->methods.handle_server_response) { -- auth_plugin->methods.handle_server_response(auth_plugin, conn, -- orig_auth_plugin_data, orig_auth_plugin_data_len, passwd, passwd_len); -- } -- - if (FAIL == PACKET_READ(auth_resp_packet) || auth_resp_packet->response_code >= 0xFE) { - if (auth_resp_packet->response_code == 0xFE) { - /* old authentication with new server !*/ -@@ -624,8 +613,7 @@ static struct st_mysqlnd_authentication_ - } - }, - {/* methods */ -- mysqlnd_native_auth_get_auth_data, -- NULL -+ mysqlnd_native_auth_get_auth_data - } - }; - -@@ -674,8 +662,7 @@ static struct st_mysqlnd_authentication_ - } - }, - {/* methods */ -- mysqlnd_pam_auth_get_auth_data, -- NULL -+ mysqlnd_pam_auth_get_auth_data - } - }; - -@@ -859,283 +846,17 @@ static struct st_mysqlnd_authentication_ - } - }, - {/* methods */ -- mysqlnd_sha256_auth_get_auth_data, -- NULL -+ mysqlnd_sha256_auth_get_auth_data - } - }; - #endif - --/*************************************** CACHING SHA2 Password *******************************/ -- --#undef L64 -- --#include "ext/hash/php_hash.h" --#include "ext/hash/php_hash_sha.h" -- --#define SHA256_LENGTH 32 -- --/* {{{ php_mysqlnd_scramble_sha2 */ --void php_mysqlnd_scramble_sha2(zend_uchar * const buffer, const zend_uchar * const scramble, const zend_uchar * const password, const size_t password_len) --{ -- PHP_SHA256_CTX context; -- zend_uchar sha1[SHA256_LENGTH]; -- zend_uchar sha2[SHA256_LENGTH]; -- -- /* Phase 1: hash password */ -- PHP_SHA256Init(&context); -- PHP_SHA256Update(&context, password, password_len); -- PHP_SHA256Final(sha1, &context); -- -- /* Phase 2: hash sha1 */ -- PHP_SHA256Init(&context); -- PHP_SHA256Update(&context, (zend_uchar*)sha1, SHA256_LENGTH); -- PHP_SHA256Final(sha2, &context); -- -- /* Phase 3: hash scramble + sha2 */ -- PHP_SHA256Init(&context); -- PHP_SHA256Update(&context, (zend_uchar*)sha2, SHA256_LENGTH); -- PHP_SHA256Update(&context, scramble, SCRAMBLE_LENGTH); -- PHP_SHA256Final(buffer, &context); -- -- /* let's crypt buffer now */ -- php_mysqlnd_crypt(buffer, (const zend_uchar *)sha1, (const zend_uchar *)buffer, SHA256_LENGTH); --} --/* }}} */ -- -- --/* {{{ mysqlnd_native_auth_get_auth_data */ --static zend_uchar * --mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * self, -- size_t * auth_data_len, -- MYSQLND_CONN_DATA * conn, const char * const user, const char * const passwd, -- const size_t passwd_len, zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, -- const MYSQLND_SESSION_OPTIONS * const session_options, -- const MYSQLND_PFC_DATA * const pfc_data, -- zend_ulong mysql_flags -- ) --{ -- zend_uchar * ret = NULL; -- DBG_ENTER("mysqlnd_caching_sha2_get_auth_data"); -- DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data); -- *auth_data_len = 0; -- -- DBG_INF("First auth step: send hashed password"); -- /* copy scrambled pass*/ -- if (passwd && passwd_len) { -- ret = malloc(SHA256_LENGTH + 1); -- *auth_data_len = SHA256_LENGTH; -- php_mysqlnd_scramble_sha2((zend_uchar*)ret, auth_plugin_data, (zend_uchar*)passwd, passwd_len); -- ret[SHA256_LENGTH] = '\0'; -- DBG_INF_FMT("hash(%d)=[%.*s]", *auth_data_len, *auth_data_len, ret); -- } -- -- DBG_RETURN(ret); --} --/* }}} */ -- --#ifdef MYSQLND_HAVE_SSL --static RSA * --mysqlnd_caching_sha2_get_key(MYSQLND_CONN_DATA *conn) --{ -- RSA * ret = NULL; -- const MYSQLND_PFC_DATA * const pfc_data = conn->protocol_frame_codec->data; -- const char * fname = (pfc_data->sha256_server_public_key && pfc_data->sha256_server_public_key[0] != '\0')? -- pfc_data->sha256_server_public_key: -- MYSQLND_G(sha256_server_public_key); -- php_stream * stream; -- DBG_ENTER("mysqlnd_cached_sha2_get_key"); -- DBG_INF_FMT("options_s256_pk=[%s] MYSQLND_G(sha256_server_public_key)=[%s]", -- pfc_data->sha256_server_public_key? pfc_data->sha256_server_public_key:"n/a", -- MYSQLND_G(sha256_server_public_key)? MYSQLND_G(sha256_server_public_key):"n/a"); -- if (!fname || fname[0] == '\0') { -- MYSQLND_PACKET_CACHED_SHA2_RESULT *req_packet = NULL; -- MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE *pk_resp_packet = NULL; -- -- do { -- DBG_INF("requesting the public key from the server"); -- req_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); -- pk_resp_packet = conn->payload_decoder_factory->m.get_sha256_pk_request_response_packet(conn->payload_decoder_factory, FALSE); -- req_packet->request = 1; -- -- if (! PACKET_WRITE(req_packet)) { -- DBG_ERR_FMT("Error while sending public key request packet"); -- php_error(E_WARNING, "Error while sending public key request packet. PID=%d", getpid()); -- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); -- break; -- } -- if (FAIL == PACKET_READ(pk_resp_packet) || NULL == pk_resp_packet->public_key) { -- DBG_ERR_FMT("Error while receiving public key"); -- php_error(E_WARNING, "Error while receiving public key. PID=%d", getpid()); -- SET_CONNECTION_STATE(&conn->state, CONN_QUIT_SENT); -- break; -- } -- DBG_INF_FMT("Public key(%d):\n%s", pk_resp_packet->public_key_len, pk_resp_packet->public_key); -- /* now extract the public key */ -- { -- BIO * bio = BIO_new_mem_buf(pk_resp_packet->public_key, pk_resp_packet->public_key_len); -- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); -- BIO_free(bio); -- } -- } while (0); -- PACKET_FREE(req_packet); -- PACKET_FREE(pk_resp_packet); -- -- DBG_INF_FMT("ret=%p", ret); -- DBG_RETURN(ret); -- -- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, -- "caching_sha2_server_public_key is not set for the connection or as mysqlnd.sha256_server_public_key"); -- DBG_ERR("server_public_key is not set"); -- DBG_RETURN(NULL); -- } else { -- zend_string * key_str; -- DBG_INF_FMT("Key in a file. [%s]", fname); -- stream = php_stream_open_wrapper((char *) fname, "rb", REPORT_ERRORS, NULL); -- -- if (stream) { -- if ((key_str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) != NULL) { -- BIO * bio = BIO_new_mem_buf(ZSTR_VAL(key_str), ZSTR_LEN(key_str)); -- ret = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); -- BIO_free(bio); -- DBG_INF("Successfully loaded"); -- DBG_INF_FMT("Public key:%*.s", ZSTR_LEN(key_str), ZSTR_VAL(key_str)); -- zend_string_release(key_str); -- } -- php_stream_close(stream); -- } -- } -- DBG_RETURN(ret); -- --} --#endif -- -- --/* {{{ mysqlnd_caching_sha2_get_key */ --static size_t --mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, -- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, -- unsigned char **crypted, -- const char * const passwd, -- const size_t passwd_len) --{ --#ifdef MYSQLND_HAVE_SSL -- static RSA *server_public_key; -- server_public_key = mysqlnd_caching_sha2_get_key(conn); -- -- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); -- -- if (server_public_key) { -- int server_public_key_len; -- char xor_str[passwd_len + 1]; -- memcpy(xor_str, passwd, passwd_len); -- xor_str[passwd_len] = '\0'; -- mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); -- -- server_public_key_len = RSA_size(server_public_key); -- /* -- Because RSA_PKCS1_OAEP_PADDING is used there is a restriction on the passwd_len. -- RSA_PKCS1_OAEP_PADDING is recommended for new applications. See more here: -- http://www.openssl.org/docs/crypto/RSA_public_encrypt.html -- */ -- if ((size_t) server_public_key_len - 41 <= passwd_len) { -- /* password message is to long */ -- SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); -- DBG_ERR("password is too long"); -- DBG_RETURN(0); -- } -- -- *crypted = emalloc(server_public_key_len); -- RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING); -- DBG_RETURN(server_public_key_len); -- } -- DBG_RETURN(0); --#else -- DBG_ENTER("mysqlnd_caching_sha2_get_and_use_key("); -- php_error_docref(NULL, E_WARNING, "PHP was built without openssl extension, can't send password encrypted"); -- DBG_RETURN(0); --#endif --} --/* }}} */ -- --/* {{{ mysqlnd_native_auth_get_auth_data */ --static void --mysqlnd_caching_sha2_handle_server_response(struct st_mysqlnd_authentication_plugin *self, -- MYSQLND_CONN_DATA * conn, -- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, -- const char * const passwd, -- const size_t passwd_len) --{ -- DBG_ENTER("mysqlnd_caching_sha2_handle_server_response"); -- MYSQLND_PACKET_CACHED_SHA2_RESULT *result_packet; -- result_packet = conn->payload_decoder_factory->m.get_cached_sha2_result_packet(conn->payload_decoder_factory, FALSE); -- -- if (FAIL == PACKET_READ(result_packet)) { -- DBG_VOID_RETURN; -- } -- -- switch (result_packet->response_code) { -- case 3: -- DBG_INF("fast path suceeded"); -- PACKET_FREE(result_packet); -- DBG_VOID_RETURN; -- case 4: -- if (conn->vio->data->ssl || conn->unix_socket.s) { -- DBG_INF("fast path failed, doing full auth via SSL"); -- result_packet->password = (zend_uchar *)passwd; -- result_packet->password_len = passwd_len + 1; -- PACKET_WRITE(result_packet); -- } else { -- DBG_INF("fast path failed, doing full auth without SSL"); -- result_packet->password_len = mysqlnd_caching_sha2_get_and_use_key(conn, auth_plugin_data, auth_plugin_data_len, &result_packet->password, passwd, passwd_len); -- PACKET_WRITE(result_packet); -- efree(result_packet->password); -- } -- PACKET_FREE(result_packet); -- DBG_VOID_RETURN; -- case 2: -- // The server tried to send a key, which we didn't expect -- // fall-through -- default: -- php_error_docref(NULL, E_WARNING, "Unexpected server respose while doing caching_sha2 auth: %i", result_packet->response_code); -- } -- -- PACKET_FREE(result_packet); -- -- DBG_VOID_RETURN; --} --/* }}} */ -- --static struct st_mysqlnd_authentication_plugin mysqlnd_caching_sha2_auth_plugin = --{ -- { -- MYSQLND_PLUGIN_API_VERSION, -- "auth_plugin_caching_sha2_password", -- MYSQLND_VERSION_ID, -- PHP_MYSQLND_VERSION, -- "PHP License 3.01", -- "Johannes Schlüter ", -- { -- NULL, /* no statistics , will be filled later if there are some */ -- NULL, /* no statistics */ -- }, -- { -- NULL /* plugin shutdown */ -- } -- }, -- {/* methods */ -- mysqlnd_caching_sha2_get_auth_data, -- mysqlnd_caching_sha2_handle_server_response -- } --}; -- -- - /* {{{ mysqlnd_register_builtin_authentication_plugins */ - void - mysqlnd_register_builtin_authentication_plugins(void) - { - mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_native_auth_plugin); - mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_pam_authentication_plugin); -- mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_caching_sha2_auth_plugin); - #ifdef MYSQLND_HAVE_SSL - mysqlnd_plugin_register_ex((struct st_mysqlnd_plugin_header *) &mysqlnd_sha256_authentication_plugin); - #endif -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_auth.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h ---- php-7.2.8/ext/mysqlnd/mysqlnd_auth.h 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_auth.h 2018-07-22 00:10:53.908410675 +0000 -@@ -31,9 +31,26 @@ mysqlnd_auth_handshake(MYSQLND_CONN_DATA - unsigned int server_charset_no, - zend_bool use_full_blown_auth_packet, - const char * const auth_protocol, -- struct st_mysqlnd_authentication_plugin * auth_plugin, -- const zend_uchar * const orig_auth_plugin_data, -- const size_t orig_auth_plugin_data_len, -+ const zend_uchar * const auth_plugin_data, -+ const size_t auth_plugin_data_len, -+ char ** switch_to_auth_protocol, -+ size_t * switch_to_auth_protocol_len, -+ zend_uchar ** switch_to_auth_protocol_data, -+ size_t * switch_to_auth_protocol_data_len -+ ); -+ -+enum_func_status -+mysqlnd_auth_handshake(MYSQLND_CONN_DATA * conn, -+ const char * const user, -+ const char * const passwd, -+ const size_t passwd_len, -+ const char * const db, -+ const size_t db_len, -+ const MYSQLND_SESSION_OPTIONS * const session_options, -+ zend_ulong mysql_flags, -+ unsigned int server_charset_no, -+ zend_bool use_full_blown_auth_packet, -+ const char * const auth_protocol, - const zend_uchar * const auth_plugin_data, - const size_t auth_plugin_data_len, - char ** switch_to_auth_protocol, -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_connection.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c ---- php-7.2.8/ext/mysqlnd/mysqlnd_connection.c 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_connection.c 2018-07-22 00:10:53.909410674 +0000 -@@ -678,10 +678,7 @@ MYSQLND_METHOD(mysqlnd_conn_data, connec - - { - const MYSQLND_CSTRING scheme = { transport.s, transport.l }; -- /* This will be overwritten below with a copy, but we can use it during authentication */ -- conn->unix_socket.s = (char *)socket_or_pipe.s; - if (FAIL == conn->m->connect_handshake(conn, &scheme, &username, &password, &database, mysql_flags)) { -- conn->unix_socket.s = NULL; - goto err; - } - conn->unix_socket.s = NULL; -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h ---- php-7.2.8/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_enum_n_def.h 2018-07-22 00:10:53.909410674 +0000 -@@ -631,7 +631,6 @@ enum mysqlnd_packet_type - PROT_CHG_USER_RESP_PACKET, - PROT_SHA256_PK_REQUEST_PACKET, - PROT_SHA256_PK_REQUEST_RESPONSE_PACKET, -- PROT_CACHED_SHA2_RESULT_PACKET, - PROT_LAST /* should always be last */ - }; - -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_structs.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h ---- php-7.2.8/ext/mysqlnd/mysqlnd_structs.h 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_structs.h 2018-07-22 00:10:53.909410674 +0000 -@@ -970,7 +970,6 @@ struct st_mysqlnd_packet_chg_user_resp; - struct st_mysqlnd_packet_auth_pam; - struct st_mysqlnd_packet_sha256_pk_request; - struct st_mysqlnd_packet_sha256_pk_request_response; --struct st_mysqlnd_packet_cached_sha2_result; - - typedef struct st_mysqlnd_packet_greet * (*func_mysqlnd_protocol_payload_decoder_factory__get_greet_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); - typedef struct st_mysqlnd_packet_auth * (*func_mysqlnd_protocol_payload_decoder_factory__get_auth_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); -@@ -987,7 +986,6 @@ typedef struct st_mysqlnd_packet_prepare - typedef struct st_mysqlnd_packet_chg_user_resp*(*func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); - typedef struct st_mysqlnd_packet_sha256_pk_request *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); - typedef struct st_mysqlnd_packet_sha256_pk_request_response *(*func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); --typedef struct st_mysqlnd_packet_cached_sha2_result *(*func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet)(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent); - - typedef enum_func_status (*func_mysqlnd_protocol_payload_decoder_factory__send_command)( - MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * payload_decoder_factory, -@@ -1045,7 +1043,6 @@ MYSQLND_CLASS_METHODS_TYPE(mysqlnd_proto - func_mysqlnd_protocol_payload_decoder_factory__get_change_user_response_packet get_change_user_response_packet; - func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_packet get_sha256_pk_request_packet; - func_mysqlnd_protocol_payload_decoder_factory__get_sha256_pk_request_response_packet get_sha256_pk_request_response_packet; -- func_mysqlnd_protocol_payload_decoder_factory__get_cached_sha2_result_packet get_cached_sha2_result_packet; - - func_mysqlnd_protocol_payload_decoder_factory__send_command send_command; - func_mysqlnd_protocol_payload_decoder_factory__send_command_handle_response send_command_handle_response; -@@ -1358,18 +1355,11 @@ typedef zend_uchar * (*func_auth_plugin_ - const MYSQLND_PFC_DATA * const pfc_data, zend_ulong mysql_flags - ); - --typedef void (*func_auth_plugin__handle_server_response)(struct st_mysqlnd_authentication_plugin * self, -- MYSQLND_CONN_DATA * conn, -- const zend_uchar * auth_plugin_data, size_t auth_plugin_data_len, -- const char * const passwd, -- const size_t passwd_len); -- - struct st_mysqlnd_authentication_plugin - { - struct st_mysqlnd_plugin_header plugin_header; - struct { - func_auth_plugin__get_auth_data get_auth_data; -- func_auth_plugin__handle_server_response handle_server_response; - } methods; - }; - -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c ---- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.c 2018-07-22 00:11:47.108407504 +0000 -@@ -2273,85 +2273,6 @@ php_mysqlnd_sha256_pk_request_response_f - } - /* }}} */ - --static --size_t php_mysqlnd_cached_sha2_result_write(void * _packet) --{ -- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; -- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; -- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; -- MYSQLND_VIO * vio = packet->header.vio; -- MYSQLND_STATS * stats = packet->header.stats; --#ifndef _MSC_VER -- zend_uchar buffer[MYSQLND_HEADER_SIZE + packet->password_len + 1]; --#else -- ALLOCA_FLAG(use_heap) -- zend_uchar *buffer = do_alloca(MYSQLND_HEADER_SIZE + packet->password_len + 1, use_heap); --#endif -- size_t sent; -- -- DBG_ENTER("php_mysqlnd_cached_sha2_result_write"); -- -- if (packet->request == 1) { -- int1store(buffer + MYSQLND_HEADER_SIZE, '\2'); -- sent = pfc->data->m.send(pfc, vio, buffer, 1, stats, error_info); -- } else { -- memcpy(buffer + MYSQLND_HEADER_SIZE, packet->password, packet->password_len); -- sent = pfc->data->m.send(pfc, vio, buffer, packet->password_len, stats, error_info); -- } -- --#ifdef _MSC_VER -- free_alloca(buffer, use_heap); --#endif -- -- DBG_RETURN(sent); --} -- --static enum_func_status --php_mysqlnd_cached_sha2_result_read(void * _packet) --{ -- MYSQLND_PACKET_CACHED_SHA2_RESULT * packet= (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; -- MYSQLND_ERROR_INFO * error_info = packet->header.error_info; -- MYSQLND_PFC * pfc = packet->header.protocol_frame_codec; -- MYSQLND_VIO * vio = packet->header.vio; -- MYSQLND_STATS * stats = packet->header.stats; -- MYSQLND_CONNECTION_STATE * connection_state = packet->header.connection_state; -- zend_uchar buf[SHA256_PK_REQUEST_RESP_BUFFER_SIZE]; -- zend_uchar *p = buf; -- const zend_uchar * const begin = buf; -- -- DBG_ENTER("php_mysqlnd_cached_sha2_result_read"); -- if (FAIL == mysqlnd_read_packet_header_and_body(&(packet->header), pfc, vio, stats, error_info, connection_state, buf, sizeof(buf), "PROT_CACHED_SHA2_RESULT_PACKET", PROT_CACHED_SHA2_RESULT_PACKET)) { -- DBG_RETURN(FAIL); -- } -- BAIL_IF_NO_MORE_DATA; -- -- p++; -- packet->response_code = uint1korr(p); -- BAIL_IF_NO_MORE_DATA; -- -- p++; -- packet->result = uint1korr(p); -- BAIL_IF_NO_MORE_DATA; -- -- DBG_RETURN(PASS); -- --premature_end: -- DBG_ERR_FMT("OK packet %d bytes shorter than expected", p - begin - packet->header.size); -- php_error_docref(NULL, E_WARNING, "SHA256_PK_REQUEST_RESPONSE packet "MYSQLND_SZ_T_SPEC" bytes shorter than expected", -- p - begin - packet->header.size); -- DBG_RETURN(FAIL); --} -- --static void --php_mysqlnd_cached_sha2_result_free_mem(void * _packet, zend_bool stack_allocation) --{ -- MYSQLND_PACKET_CACHED_SHA2_RESULT * p = (MYSQLND_PACKET_CACHED_SHA2_RESULT *) _packet; -- -- if (!stack_allocation) { -- mnd_pefree(p, p->header.persistent); -- } --} --/* }}} */ - /* {{{ packet_methods */ - static - mysqlnd_packet_methods packet_methods[PROT_LAST] = -@@ -2445,15 +2366,9 @@ mysqlnd_packet_methods packet_methods[PR - php_mysqlnd_sha256_pk_request_response_read, - NULL, /* write */ - php_mysqlnd_sha256_pk_request_response_free_mem, -- }, /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ -- { -- sizeof(MYSQLND_PACKET_CACHED_SHA2_RESULT), -- php_mysqlnd_cached_sha2_result_read, -- php_mysqlnd_cached_sha2_result_write, -- php_mysqlnd_cached_sha2_result_free_mem -- } /* PROT_CACHED_SHA2_RESULT_PACKET */ -+ } /* PROT_SHA256_PK_REQUEST_RESPONSE_PACKET */ - }; --/* }}} */ -+/* }}} */ - - - /* {{{ mysqlnd_protocol::get_greet_packet */ -@@ -2802,30 +2717,6 @@ MYSQLND_METHOD(mysqlnd_protocol, get_sha - } - /* }}} */ - --/* {{{ mysqlnd_protocol::init_cached_sha2_result_packet */ --static struct st_mysqlnd_packet_cached_sha2_result * --MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet) --(MYSQLND_PROTOCOL_PAYLOAD_DECODER_FACTORY * const factory, const zend_bool persistent) --{ -- struct st_mysqlnd_packet_cached_sha2_result * packet = mnd_pecalloc(1, packet_methods[PROT_CACHED_SHA2_RESULT_PACKET].struct_size, persistent); -- DBG_ENTER("mysqlnd_protocol::init_cached_sha2_result_packet"); -- if (packet) { -- memset(packet, 0, sizeof(*packet)); -- packet->header.m = &packet_methods[PROT_CACHED_SHA2_RESULT_PACKET]; -- packet->header.factory = factory; -- -- packet->header.protocol_frame_codec = factory->conn->protocol_frame_codec; -- packet->header.vio = factory->conn->vio; -- packet->header.stats = factory->conn->stats; -- packet->header.error_info = factory->conn->error_info; -- packet->header.connection_state = &factory->conn->state; -- -- packet->header.persistent = persistent; -- } -- DBG_RETURN(packet); --} --/* }}} */ -- - - /* {{{ mysqlnd_protocol::send_command */ - static enum_func_status -@@ -3056,7 +2947,6 @@ MYSQLND_CLASS_METHODS_START(mysqlnd_prot - MYSQLND_METHOD(mysqlnd_protocol, get_change_user_response_packet), - MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_packet), - MYSQLND_METHOD(mysqlnd_protocol, get_sha256_pk_request_response_packet), -- MYSQLND_METHOD(mysqlnd_protocol, get_cached_sha2_result_packet), - - MYSQLND_METHOD(mysqlnd_protocol, send_command), - MYSQLND_METHOD(mysqlnd_protocol, send_command_handle_response), -diff -urpa php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h ---- php-7.2.8/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-17 05:35:47.000000000 +0000 -+++ php-7.2.8.rev/ext/mysqlnd/mysqlnd_wireprotocol.h 2018-07-22 00:10:53.910410674 +0000 -@@ -292,16 +292,6 @@ typedef struct st_mysqlnd_packet_sha256 - size_t public_key_len; - } MYSQLND_PACKET_SHA256_PK_REQUEST_RESPONSE; - --typedef struct st_mysqlnd_packet_cached_sha2_result { -- MYSQLND_PACKET_HEADER header; -- uint8_t response_code; -- uint8_t result; -- uint8_t request; -- zend_uchar * password; -- size_t password_len; --} MYSQLND_PACKET_CACHED_SHA2_RESULT; -- -- - - zend_ulong php_mysqlnd_net_field_length(const zend_uchar **packet); - zend_uchar * php_mysqlnd_net_store_length(zend_uchar *packet, const uint64_t length); -- 2.45.2 From d2a00cb8d3d3e645fbce4d056515efc3ebd08a8b Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Wed, 14 Nov 2018 08:54:09 +0000 Subject: [PATCH 15/16] - updated to 7.1.24 --- bug-52078-fileinode.patch | 2 +- pcre-shared.patch | 4 ++-- php-link-libs.patch | 4 ++-- php-pear.patch | 12 ++++++------ php.spec | 4 ++-- spl-shared.patch | 8 ++++---- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/bug-52078-fileinode.patch b/bug-52078-fileinode.patch index 0fd0163..419be68 100644 --- a/bug-52078-fileinode.patch +++ b/bug-52078-fileinode.patch @@ -72,7 +72,7 @@ @@ -30,17 +30,17 @@ echo "Done\n"; ?> - --EXPECTF-- + --EXPECTF-- +int(%i) int(%d) int(%d) diff --git a/pcre-shared.patch b/pcre-shared.patch index ae69ebd..21a2172 100644 --- a/pcre-shared.patch +++ b/pcre-shared.patch @@ -17,14 +17,14 @@ + for j in $PHP_PCRE_REGEX $PHP_PCRE_REGEX/$PHP_LIBDIR /usr/$PHP_LIBDIR; do test -f $j/libpcre.a || test -f $j/libpcre.$SHLIB_SUFFIX_NAME && PCRE_LIBDIR=$j done - + @@ -43,12 +43,13 @@ AC_MSG_ERROR([The PCRE extension requires PCRE library version >= 6.6]) fi - PHP_ADD_LIBRARY_WITH_PATH(pcre, $PCRE_LIBDIR) + PHP_ADD_LIBRARY_WITH_PATH(pcre, $PCRE_LIBDIR, PCRE_SHARED_LIBADD) - + AC_DEFINE(HAVE_PCRE, 1, [ ]) PHP_ADD_INCLUDE($PCRE_INCDIR) - PHP_NEW_EXTENSION(pcre, php_pcre.c, no,, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1) diff --git a/php-link-libs.patch b/php-link-libs.patch index 23a7acc..8938d7d 100644 --- a/php-link-libs.patch +++ b/php-link-libs.patch @@ -10,14 +10,14 @@ if test "$ac_cv_func_dlopen" = "yes"; then --- php-5.2.0/acinclude.m4.orig 2006-12-22 21:52:13.766461055 +0100 +++ php-5.2.0/acinclude.m4 2006-12-22 21:52:37.159794165 +0100 -@@ -1740,18 +1740,18 @@ +@@ -1845,18 +1845,18 @@ dnl Wrapper for AC_CHECK_LIB dnl AC_DEFUN([PHP_CHECK_LIBRARY], [ - save_old_LDFLAGS=$LDFLAGS + save_old_LIBS=$LIBS ac_stuff="$5" - + save_ext_shared=$ext_shared ext_shared=yes - PHP_EVAL_LIBLINE([$]ac_stuff, LDFLAGS) diff --git a/php-pear.patch b/php-pear.patch index 400359d..f8f05a7 100644 --- a/php-pear.patch +++ b/php-pear.patch @@ -1,6 +1,6 @@ --- php-5.3.1/configure.in~ 2010-02-19 23:26:13.000000000 +0200 +++ php-5.3.1/configure.in 2010-02-19 23:27:58.273207305 +0200 -@@ -934,11 +934,6 @@ +@@ -1091,11 +1091,6 @@ with_pear=no fi @@ -10,25 +10,25 @@ -fi - PHP_ARG_WITH(pear, [whether to install PEAR], - [ --with-pear=DIR Install PEAR in DIR [PREFIX/lib/php] + [ --with-pear=DIR Install PEAR in DIR @<:@PREFIX/lib/php@:>@ --without-pear Do not install PEAR], DEFAULT, yes) -@@ -1023,11 +1023,11 @@ +@@ -1105,11 +1100,11 @@ dnl dnl PEAR dependancies dnl - if test "$PHP_XML" = "no"; then -- pear_error_msg="$pear_error_msg +- pear_error_msg="$pear_error_msg - PEAR requires XML to be enabled. Add --enable-xml to the configure line. (or --without-pear)" - fi - +dnl if test "$PHP_XML" = "no"; then -+dnl pear_error_msg="$pear_error_msg ++dnl pear_error_msg="$pear_error_msg +dnl PEAR requires XML to be enabled. Add --enable-xml to the configure line. (or --without-pear)" +dnl fi +dnl dnl dnl if test "$PHP_XMLRPC" = "no"; then - dnl pear_error_msg="$pear_error_msg + dnl pear_error_msg="$pear_error_msg --- php-5.2.6/sapi/cli/config.m4~ 2008-11-16 18:35:31.000000000 +0200 +++ php-5.2.6/sapi/cli/config.m4 2008-11-20 19:04:12.585061299 +0200 @@ -4,7 +4,7 @@ diff --git a/php.spec b/php.spec index 10afe15..8c55568 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.23 +Version: 7.1.24 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 5e5baa60cfd85dd70bed9e740dd6dbc6 +# Source0-md5: dafc475872cb182d504d98771fecbeb2 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini diff --git a/spl-shared.patch b/spl-shared.patch index cf0fc4e..a89096b 100644 --- a/spl-shared.patch +++ b/spl-shared.patch @@ -1,9 +1,9 @@ --- php-7.0/ext/spl/config.m4~ 2015-05-21 17:57:06.000000000 +0300 +++ php-7.0/ext/spl/config.m4 2015-05-23 11:25:19.609715006 +0300 -@@ -22,6 +22,6 @@ - CPPFLAGS=$old_CPPFLAGS - AC_DEFINE_UNQUOTED(HAVE_PACKED_OBJECT_VALUE, $ac_result, [Whether struct _zend_object_value is packed]) - AC_DEFINE(HAVE_SPL, 1, [Whether you want SPL (Standard PHP Library) support]) +@@ -2,6 +2,6 @@ + dnl config.m4 for extension SPL + + AC_DEFINE(HAVE_SPL, 1, [Whether you want SPL (Standard PHP Library) support]) - PHP_NEW_EXTENSION(spl, php_spl.c spl_functions.c spl_engine.c spl_iterators.c spl_array.c spl_directory.c spl_exceptions.c spl_observer.c spl_dllist.c spl_heap.c spl_fixedarray.c, no,, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1) + PHP_NEW_EXTENSION(spl, php_spl.c spl_functions.c spl_engine.c spl_iterators.c spl_array.c spl_directory.c spl_exceptions.c spl_observer.c spl_dllist.c spl_heap.c spl_fixedarray.c, $ext_shared,, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1) PHP_INSTALL_HEADERS([ext/spl], [php_spl.h spl_array.h spl_directory.h spl_engine.h spl_exceptions.h spl_functions.h spl_iterators.h spl_observer.h spl_dllist.h spl_heap.h spl_fixedarray.h]) -- 2.45.2 From 715d292e97e3a35f40d470ef986e8f4448eb60e9 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Fri, 7 Dec 2018 15:02:20 +0000 Subject: [PATCH 16/16] - updated to 7.1.25 --- php.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php.spec b/php.spec index 8c55568..1ef05cd 100644 --- a/php.spec +++ b/php.spec @@ -142,7 +142,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.1.24 +Version: 7.1.25 Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except @@ -151,7 +151,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: dafc475872cb182d504d98771fecbeb2 +# Source0-md5: 5540e0c6cc29ed743bcca8ab6d1381c9 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini -- 2.45.2