Added constants: SCM_RIGHTS, SCM_CREDENTIALS and SO_PASSCRED.
The function socket_cmsg_space() was modified to support message types with
variable size. Its new signature is:
int socket_cmsg_space(int $level, int $type, int $n)
where $n is the number of repetable elements that the message is composed of.
This introduces two new functions:
int socket_recvmsg(resource $socket, array &$msghdr, int $flags)
int socket_sendmsg(resource $socket, array $msghdr, int $flags)
The arrays representing struct msghdr follow the native counterpart
closely: structs are mapped to arrays, fields to array elements whose
key is the name of the field without the prefix (e.g. "name" instead
of "msg_name") and array are mapped to sequential numeric PHP arrays.
Right now the only type of ancillary data supported is fot the
level/type pair IPPROTO_IPV6/IPV6_PKTINFO.
I also refactored out the name resolution functions and made
sockets_strerror() a global function.
* PHP-5.4:
Fix wrong blocking state being set
Fix tests (Windows)
Remove a Windows only warning
Move & improve PHP_SOCKET_ERROR def
Move some declarations to sockets.c
Fix overbroad skipif include
* sockets_54_improv:
Fix wrong blocking state being set
Fix tests (Windows)
Remove a Windows only warning
Move & improve PHP_SOCKET_ERROR def
Move some declarations to sockets.c
Fix overbroad skipif include
This also reverses the destruction order of the pushed arguments to
align with how it is done everywhere else.
I'm not exactly sure whether this is the right way to fix it, but it
seems to work fine.
fdset management using bit operator is broken on non-x86 arch
and cause built-in server the enter an infinite loop of "select"
and never handle any request.
Rule of thumb: Always implement the object clone handler rather
than the object storage clone handler. Actually I think we should
drop the latter. It's nearly never usable.
The CRIME attack vector exploits TLS compression. This patch adds a stream context option
allowing servers to disable TLS compression for versions of OpenSSL >= 1.0.0 (which first
introduced the SSL_OP_NO_COMPRESSION option). A summary rundown of the CRIME attack can
be found at https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
Thanks to @DaveRandom for pointing out the relevant section of code.
If a generator is destroyed in a finally block it will resume the generator to run that finally
block before freeing the generator. This was done in the object storage free handler.
Running user code in the free handler isn't safe though because the free handlers may be run
during request shutdown, already after several key components have been shut down.
This is avoided by doing the finally handling in the dtor handler. These handlers are run at the
start of the shutdown sequence.
