Hi
Am 2026-02-13 20:22, schrieb Jakub Zelenka:
So this changed a bit as only OpenSSLSession instance can be passed in.
So
passing invalid and mallformed instance is not possible (TypeError is
thrown if different type is passed in). But if it's expired, it should
just
result in warning and full handshake. This should be later covered as
part
of new stream error handling as non terminating error (stored error in
exception mode).
Having a E_WARNING there still feels odd, but I can't comment on how
error handling for streams or OpenSSL currently works. So I trust you
there that this will consistently be fixed with a follow-up RFC :-)
For OpenSSLSession::import() and ::export() however, the RFC mentions
\Exception being thrown on failure. According to the “Throwable” policy
(https://github.com/php/policies/blob/main/coding-standards-and-naming.rst#throwables),
this should be an extension-specific Exception. Since the hierarchy to
use is clearly specified in the policy, adding:
class \Openssl\OpensslException extends \Exception { }
class \Openssl\OpensslError extends \Error { }
can be done without an RFC.
Then the ::import() function can use `class
\Openssl\InvalidResumptionDataException extends
\Openssl\OpensslExceptoin { }` or similar and for ::export() just using
`OpensslException` directly is probably okay.
For the OpenSSLSession class, I leave it up to you whether it makes
sense to also move it into the `Openssl` namespace or not (as
Openssl\Session). The policy leaves some freedom here, since it's not
directly related to any of the existing classes:
https://github.com/php/policies/blob/main/coding-standards-and-naming.rst#existing-non-namespaced-symbols-and-consistency
Other than the exception hierarchy, I don't have further remarks. The
proposal makes sense to me and I'm looking forward to it.
Best regards
Tim Düsterhus
