php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-31 20:53:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,390 Commits 547 Branches 1,481 Tags
f1a0b7d690a2e89e27ccf58c19fc64fb446015b9
Commit Graph

510 Commits

Author SHA1 Message Date
Remi Collet
fb4a6dc0f1 FPM: add test for CVE-2016-5385 2016-07-22 09:35:09 +02:00
gooh
fb49f137ec Fix #72575: using --allow-to-run-as-root should ignore missing user 
directive

Trying to start PHP-FPM with the --allow-to-run-as-root flag will not
work when the user directive is not given in the FPM worker pool
configuration. Parsing the config will fail. Consequently, FPM cannot
start.

The check is in place to prevent FPM from getting started with root
privileges by accident. Prior to #61295 the check would also prevent
any non-root user to start PHP-FPM without a user directive present.

This patch adds an additional check to the config parser, checking for
the --allow-to-run-as-root flag to be present. If so, parsing will no
longer abort for root users even if the user directive is missing.

I will also update the PHP docs since they still state the user
directive is a mandatory setting which it is not since #61295.
 2016-07-12 10:36:17 +02:00
Julien Pauli
2552cf248d Remove needless zeroing of anonymously mmap'd memory 2016-07-11 14:58:12 +02:00
Michael McConville
9dd5d96332 Remove needless zeroing of anonymously mmap'd memory 
All existing systems zero anonymously mmapped memory, and if I
understand correctly POSIX will be specifying this soon. Many projects
already rely on it, so no reasonable system would return memory of
unspecified value.
 2016-07-11 14:56:17 +02:00
Ferenc Kovacs
3a16f511d9 mark frequent intermittent fpm test with XFAIL 2016-04-18 09:04:27 +02:00
Lior Kaplan
6772fbff62 Align spacing in make install messages 2016-02-08 20:27:19 +02:00
Remi Collet
07d2dcdf09 Fixed Bug #62172 FPM not working with Apache httpd 2.4 balancer/fcgi setup 
Only needed with Apache version < 2.4.12 (ex RHEL-7)
 2016-01-29 10:20:42 +01:00
Stanislav Malyshev
13750cb0a1 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update NEWS
  Improve fix for bug #70976
  Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)
  Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
  Fixed #70728
  Fixed bug #70755: fpm_log.c memory leak and buffer overflow
  Fix bug #70976: fix boundary check on gdImageRotateInterpolated
  typofix
 2016-01-05 19:38:29 -08:00
Lior Kaplan
53fb2f1e5c Happy new year (Update copyright to 2016) 2016-01-03 01:44:37 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Julien Pauli
ea12ff149c Added support for HTTP 451 2015-12-23 11:31:18 +01:00
Stanislav Malyshev
be19dbcb84 Fixed bug #70755: fpm_log.c memory leak and buffer overflow 2015-12-08 00:10:07 -08:00
Lior Kaplan
d6b78a3511 Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions) 2015-11-23 18:40:47 +02:00
Xinchen Hui
1f077cc4f4 Merge branch 'PHP-5.5' into PHP-5.6 2015-05-26 16:24:39 +08:00
Xinchen Hui
76a290d0be Fixed C89 2015-05-26 16:24:18 +08:00
Antony Dovgal
1d94cd4bfa Merge branch 'pull-request/995' into PHP-5.5 
* pull-request/995:
  fix bug #68822 (request time is reset too early)
 2015-02-16 15:20:39 +03:00
Antony Dovgal
c4664d1731 Merge branch 'pull-request/995' into PHP-5.6 
* pull-request/995:
  fix bug #68822 (request time is reset too early)
 2015-02-16 15:15:11 +03:00
redfoxli
3664345aba fix bug #68822 (request time is reset too early) 
this caused wrong time in the logs
 2015-02-16 15:10:09 +03:00
Xinchen Hui
b881de9937 Merge branch 'PHP-5.5' into PHP-5.6 2015-01-27 22:25:45 +08:00
Xinchen Hui
4c5995b172 fcgi_write in fpm returns ssizt_t, but it returns int in cgi 2015-01-27 22:25:38 +08:00
Xinchen Hui
6336fa18c4 Merge branch 'PHP-5.5' into PHP-5.6 2015-01-27 22:13:04 +08:00
Xinchen Hui
8c2d91761a Also Fixed #68571 in CGI SAPI, and some cleanup 2015-01-27 22:11:23 +08:00
Xinchen Hui
6c87372199 Merge branch 'fixbug68571tophp5.5' of https://github.com/redfoxli/php-src into PHP-5.5 2015-01-27 22:04:23 +08:00
Rasmus Lerdorf
e242f871df Slightly modify and merge PR#105 from @MegaManSec 2015-01-21 11:40:27 -08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Remi Collet
0ba32e5cf9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  cleanup old unused typedef
 2015-01-06 11:06:53 +01:00
Remi Collet
8404f8ac2a cleanup old unused typedef 2015-01-06 11:06:25 +01:00
Remi Collet
eb1a1d5feb Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  Fix bug #68751 listen.allowed_clients is broken
 2015-01-05 17:35:14 +01:00
Remi Collet
1b6d076244 Fix bug #68751 listen.allowed_clients is broken 2015-01-05 17:33:57 +01:00
Remi Collet
505adabf25 fix typo 2014-12-14 09:22:59 +01:00
redfoxli
7953d830ab follow C89 format 2014-12-10 21:58:57 +08:00
Remi Collet
744ada7d9d Fix bug #68526 Implement POSIX Access Control List for UDS 
- add --with-fpm-acl build option which allow to manage ACL
on Unix Domain Socket
- add listen.acl_users pool option
- add listen.acl_groups pool option

Keep old behavior (chmod) if option not used or not supported.
 2014-12-10 08:15:21 +01:00
redfoxli
d0a58695d0 fix-bug-68571-to-php5.5 2014-12-09 19:42:55 +08:00
Remi Collet
cb1a297bf4 XFAIL as catch_workers_output = yes seems not reliable 2014-12-01 07:28:49 +01:00
Remi Collet
e1d4ac426c Move chown to fpm_unix_set_socket_premissions() 
For consistency, with fpm_unix_resolve_socket_premissions.
Compute + Use in the same source file.
To make easier future enhancement.

Also check chdir output to fix a build warning.
 2014-11-29 16:49:08 +01:00
Veres Lajos
4dc994571d typo fixes - https://github.com/vlajos/misspell_fixer 
Conflicts:
	ext/ftp/ftp.h
	ext/pcre/pcrelib/pcre_printint.c
	ext/pcre/pcrelib/sljit/sljitLir.c
	ext/pcre/pcrelib/sljit/sljitLir.h
	ext/pcre/pcrelib/sljit/sljitNativeARM_32.c
	ext/pcre/pcrelib/sljit/sljitNativeTILEGX_64.c
	ext/pgsql/pgsql.c
	ext/phar/func_interceptors.c
	ext/soap/soap.c
	ext/standard/image.c
 2014-11-23 14:33:43 -08:00
Remi Collet
c50ee655ea Fixed Bug #68478 acess_log don't use prefix 
Calling fpm_conf_process_all_pools before fpm_log_open
allow to use fpm_evaluate_full_path and so to honor
global prefix or pool prefix for access.log
 2014-11-22 10:35:51 +01:00
Remi Collet
3a3f67f79b minor typo in test 2014-11-22 10:29:51 +01:00
Remi Collet
fd5c421a00 add test for global / pool prefix and bug #68478 2014-11-22 10:29:05 +01:00
Remi Collet
b924af8db9 Fixed Bug #68478 acess_log don't use prefix 
Calling fpm_conf_process_all_pools before fpm_log_open
allow to use fpm_evaluate_full_path and so to honor
global prefix or pool prefix for access.log
 2014-11-22 10:25:53 +01:00
Remi Collet
1e14f805f9 add test for fastcgi_finish_request() 2014-11-21 11:28:20 +01:00
Remi Collet
5be75da202 Fix bug #68463 listen.allowed_clients can silently result in no allowed access 
Add a "There are no allowed addresses for this pool"
 2014-11-21 07:55:13 +01:00
Remi Collet
c4ca220467 Raise a warning when listen = hostname used and is resolved as multiple addresses 
Using getaddrinfo is perhaps not a good idea... if we are not able
to listen on multiple addresses...

At least this message should help to diagnose problem, ex
... Found address for localhost, socket opened on ::1
... Found multiple addresses for localhost, 127.0.0.1 ignored
 2014-11-21 07:54:51 +01:00
David Zuelke
9e8d4a1b06 move zlog_set_level() again 
from fpm_unix_init_main() to fpm_conf_post_process() this time (see #894),
because otherwise nothing in fpm_conf_init_main() obeys log levels
 2014-11-21 07:49:08 +01:00
David Zuelke
8beb153460 Change pm.start_servers default warning to notice 
Unlike other settings, this has a perfectly reasonable default, calculated using
a dynamic formula. If the default was hardcoded to "2" or something, then it
would make sense to have a warning, since that could potentially be bad, but for
a dynamically calculated value based on other mandatory settings, a notice ought
to be enough.
 2014-11-21 07:47:04 +01:00
Remi Collet
5234c2941f add test for #68391 2014-11-21 07:36:34 +01:00
Remi Collet
61f6cd0da5 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  NEWS
  Fixed bug #68391 Returns the pool config files in order
 2014-11-21 07:35:10 +01:00
Florian MARGAINE
29d2c13809 Fixed bug #68391 Returns the pool config files in order 
Fixes https://bugs.php.net/bug.php?id=68391
 2014-11-21 07:33:15 +01:00
Remi Collet
6e1e113b91 adapt test for error message introduce in fix for #68463 2014-11-20 15:15:54 +01:00