- updated to 7.4.5

[packages/php.git] / php-ini.patch

--- php-7.4.1/php.ini   2019-12-17 17:35:58.000000000 +0100
+++ php-7.4.1/php.ini   2019-12-22 17:27:40.860000000 +0100
@@ -82,6 +82,16 @@
 ; much more verbose when it comes to errors. We recommend using the
 ; development version only in development environments, as errors shown to
 ; application users can inadvertently leak otherwise secure information.
+;
+; This is the default settings file for new PHP installations on TLD Linux.
+;
+; It is based mainly on php.ini-production, but with some changes made with
+; security in mind (http://php.net/manual/en/security.php).
+;
+; Please note, that in TLD Linux file /etc/php74/php.ini contains global
+; settings for all SAPIs (cgi, cli, apache...), and after reading this file
+; SAPI-specific file is included so you don't have to duplicate whole large
+; file to override only few options.
 
 ; This is the php.ini-production INI file.
 
@@ -144,7 +154,7 @@
 ;   Production Value: 5
 
 ; short_open_tag
-;   Default Value: On
+;   Default Value: Off
 ;   Development Value: Off
 ;   Production Value: Off
 
@@ -160,7 +170,7 @@
 ;user_ini.filename = ".user.ini"
 
 ; To disable this feature set this option to an empty value
-;user_ini.filename =
+user_ini.filename =
 
 ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
 ;user_ini.cache_ttl = 300
@@ -180,7 +190,7 @@
 ; documents, however this remains supported for backward compatibility reasons.
 ; Note that this directive does not control the <?= shorthand tag, which can be
 ; used regardless of this directive.
-; Default Value: On
+; Default Value: Off
 ; Development Value: Off
 ; Production Value: Off
 ; http://php.net/short-open-tag
@@ -376,7 +386,7 @@
 ; threat in any way, but it makes it possible to determine whether you use PHP
 ; on your server or not.
 ; http://php.net/expose-php
-expose_php = On
+expose_php = Off
 
 ;;;;;;;;;;;;;;;;;;;
 ; Resource Limits ;
@@ -756,9 +766,7 @@
 
 ; Directory in which the loadable extensions (modules) reside.
 ; http://php.net/extension-dir
-;extension_dir = "./"
-; On windows:
-;extension_dir = "ext"
+;extension_dir = "/usr/lib/php"
 
 ; Directory where the temporary files should be placed.
 ; Defaults to the system default (see sys_get_temp_dir)
@@ -770,64 +778,6 @@
 ; http://php.net/enable-dl
 enable_dl = Off
 
-; cgi.force_redirect is necessary to provide security running PHP as a CGI under
-; most web servers.  Left undefined, PHP turns this on by default.  You can
-; turn it off here AT YOUR OWN RISK
-; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; http://php.net/cgi.force-redirect
-;cgi.force_redirect = 1
-
-; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request. PHP's default behavior is to disable this feature.
-;cgi.nph = 1
-
-; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
-; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
-; will look for to know it is OK to continue execution.  Setting this variable MAY
-; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; http://php.net/cgi.redirect-status-env
-;cgi.redirect_status_env =
-
-; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
-; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
-; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
-; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
-; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
-; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
-; http://php.net/cgi.fix-pathinfo
-;cgi.fix_pathinfo=1
-
-; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside
-; of the web tree and people will not be able to circumvent .htaccess security.
-;cgi.discard_path=1
-
-; FastCGI under IIS supports the ability to impersonate
-; security tokens of the calling client.  This allows IIS to define the
-; security context that the request runs under.  mod_fastcgi under Apache
-; does not currently support this feature (03/17/2002)
-; Set to 1 if running under IIS.  Default is zero.
-; http://php.net/fastcgi.impersonate
-;fastcgi.impersonate = 1
-
-; Disable logging through FastCGI connection. PHP's default behavior is to enable
-; this feature.
-;fastcgi.logging = 0
-
-; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If set to 0, PHP sends Status: header that
-; is supported by Apache. When this option is set to 1, PHP will send
-; RFC2616 compliant header.
-; Default is zero.
-; http://php.net/cgi.rfc2616-headers
-;cgi.rfc2616_headers = 0
-
-; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #!
-; (shebang) at the top of the running script. This line might be needed if the
-; script support running both as stand-alone script and via PHP CGI<. PHP in CGI
-; mode skips this line and ignores its content if this directive is turned on.
-; http://php.net/cgi.check-shebang-line
-;cgi.check_shebang_line=1
-
 ;;;;;;;;;;;;;;;;
 ; File Uploads ;
 ;;;;;;;;;;;;;;;;
@@ -983,19 +933,19 @@
 ; Use of this INI entry is deprecated, use global input_encoding instead.
 ; If empty, default_charset or input_encoding or iconv.input_encoding is used.
 ; The precedence is: default_charset < input_encoding < iconv.input_encoding
-;iconv.input_encoding =
+iconv.input_encoding = UTF-8
 
 ; Use of this INI entry is deprecated, use global internal_encoding instead.
 ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
 ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
-;iconv.internal_encoding =
+iconv.internal_encoding = UTF-8
 
 ; Use of this INI entry is deprecated, use global output_encoding instead.
 ; If empty, default_charset or output_encoding or iconv.output_encoding is used.
 ; The precedence is: default_charset < output_encoding < iconv.output_encoding
 ; To use an output encoding conversion, iconv's output handler must be set
 ; otherwise output encoding conversion cannot be performed.
-;iconv.output_encoding =
+iconv.output_encoding = UTF-8
 
 [imap]
 ; rsh/ssh logins are disabled by default. Use this INI entry if you want to
@@ -1163,6 +1113,9 @@
 ; http://php.net/mysqli.default-socket
 mysqli.default_socket =
 
+; The name of the character set to use as the default character set.
+;mysqli.connect_charset=utf8
+
 ; Default host for mysqli_connect() (doesn't apply in safe mode).
 ; http://php.net/mysqli.default-host
 mysqli.default_host =
@@ -1304,7 +1257,7 @@
 
 [browscap]
 ; http://php.net/browscap
-;browscap = extra/browscap.ini
+;browscap = /usr/share/browscap/php_browscap.ini
 
 [Session]
 ; Handler used to store/retrieve data.
@@ -1748,7 +1701,7 @@
 
 ; Sets the directory name where SOAP extension will put cache files.
 ; http://php.net/soap.wsdl-cache-dir
-soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_dir="/var/cache/php"
 
 ; (time to live) Sets the number of second while cached file will be used
 ; instead of original one.
@@ -1769,160 +1722,6 @@
 [dba]
 ;dba.default_handler=
 
-[opcache]
-; Determines if Zend OPCache is enabled
-;opcache.enable=1
-
-; Determines if Zend OPCache is enabled for the CLI version of PHP
-;opcache.enable_cli=0
-
-; The OPcache shared memory storage size.
-;opcache.memory_consumption=128
-
-; The amount of memory for interned strings in Mbytes.
-;opcache.interned_strings_buffer=8
-
-; The maximum number of keys (scripts) in the OPcache hash table.
-; Only numbers between 200 and 1000000 are allowed.
-;opcache.max_accelerated_files=10000
-
-; The maximum percentage of "wasted" memory until a restart is scheduled.
-;opcache.max_wasted_percentage=5
-
-; When this directive is enabled, the OPcache appends the current working
-; directory to the script key, thus eliminating possible collisions between
-; files with the same name (basename). Disabling the directive improves
-; performance, but may break existing applications.
-;opcache.use_cwd=1
-
-; When disabled, you must reset the OPcache manually or restart the
-; webserver for changes to the filesystem to take effect.
-;opcache.validate_timestamps=1
-
-; How often (in seconds) to check file timestamps for changes to the shared
-; memory storage allocation. ("1" means validate once per second, but only
-; once per request. "0" means always validate)
-;opcache.revalidate_freq=2
-
-; Enables or disables file search in include_path optimization
-;opcache.revalidate_path=0
-
-; If disabled, all PHPDoc comments are dropped from the code to reduce the
-; size of the optimized code.
-;opcache.save_comments=1
-
-; Allow file existence override (file_exists, etc.) performance feature.
-;opcache.enable_file_override=0
-
-; A bitmask, where each bit enables or disables the appropriate OPcache
-; passes
-;opcache.optimization_level=0x7FFFBFFF
-
-;opcache.dups_fix=0
-
-; The location of the OPcache blacklist file (wildcards allowed).
-; Each OPcache blacklist file is a text file that holds the names of files
-; that should not be accelerated. The file format is to add each filename
-; to a new line. The filename may be a full path or just a file prefix
-; (i.e., /var/www/x  blacklists all the files and directories in /var/www
-; that start with 'x'). Line starting with a ; are ignored (comments).
-;opcache.blacklist_filename=
-
-; Allows exclusion of large files from being cached. By default all files
-; are cached.
-;opcache.max_file_size=0
-
-; Check the cache checksum each N requests.
-; The default value of "0" means that the checks are disabled.
-;opcache.consistency_checks=0
-
-; How long to wait (in seconds) for a scheduled restart to begin if the cache
-; is not being accessed.
-;opcache.force_restart_timeout=180
-
-; OPcache error_log file name. Empty string assumes "stderr".
-;opcache.error_log=
-
-; All OPcache errors go to the Web server log.
-; By default, only fatal errors (level 0) or errors (level 1) are logged.
-; You can also enable warnings (level 2), info messages (level 3) or
-; debug messages (level 4).
-;opcache.log_verbosity_level=1
-
-; Preferred Shared Memory back-end. Leave empty and let the system decide.
-;opcache.preferred_memory_model=
-
-; Protect the shared memory from unexpected writing during script execution.
-; Useful for internal debugging only.
-;opcache.protect_memory=0
-
-; Allows calling OPcache API functions only from PHP scripts which path is
-; started from specified string. The default "" means no restriction
-;opcache.restrict_api=
-
-; Mapping base of shared memory segments (for Windows only). All the PHP
-; processes have to map shared memory into the same address space. This
-; directive allows to manually fix the "Unable to reattach to base address"
-; errors.
-;opcache.mmap_base=
-
-; Facilitates multiple OPcache instances per user (for Windows only). All PHP
-; processes with the same cache ID and user share an OPcache instance.
-;opcache.cache_id=
-
-; Enables and sets the second level cache directory.
-; It should improve performance when SHM memory is full, at server restart or
-; SHM reset. The default "" disables file based caching.
-;opcache.file_cache=
-
-; Enables or disables opcode caching in shared memory.
-;opcache.file_cache_only=0
-
-; Enables or disables checksum validation when script loaded from file cache.
-;opcache.file_cache_consistency_checks=1
-
-; Implies opcache.file_cache_only=1 for a certain process that failed to
-; reattach to the shared memory (for Windows only). Explicitly enabled file
-; cache is required.
-;opcache.file_cache_fallback=1
-
-; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
-; This should improve performance, but requires appropriate OS configuration.
-;opcache.huge_code_pages=1
-
-; Validate cached file permissions.
-;opcache.validate_permission=0
-
-; Prevent name collisions in chroot'ed environment.
-;opcache.validate_root=0
-
-; If specified, it produces opcode dumps for debugging different stages of
-; optimizations.
-;opcache.opt_debug_level=0
-
-; Specifies a PHP script that is going to be compiled and executed at server
-; start-up.
-; http://php.net/opcache.preload
-;opcache.preload=
-
-; Preloading code as root is not allowed for security reasons. This directive
-; facilitates to let the preloading to be run as another user.
-; http://php.net/opcache.preload_user
-;opcache.preload_user=
-
-; Prevents caching files that are less than this number of seconds old. It
-; protects from caching of incompletely updated files. In case all file updates
-; on your site are atomic, you may increase performance by setting it to "0".
-;opcache.file_update_protection=2
-
-; Absolute path used to store shared lockfiles (for *nix only).
-;opcache.lockfile_path=/tmp
-
-[curl]
-; A default value for the CURLOPT_CAINFO option. This is required to be an
-; absolute path.
-;curl.cainfo =
-
 [openssl]
 ; The location of a Certificate Authority (CA) file on the local filesystem
 ; to use when verifying the identity of SSL/TLS peers. Most users should