Hi, I wrote a *rough* patch to add new class entry "definition" for
grouping functions, consts and vars.
https://github.com/kuzuha/php-src/compare/feature;definition
As you know, defining a lot of constants makes php slower.
I think autoload is very nice solution to avoid that problem.
Aut
On 19 September 2013 17:41, Pierre Joye wrote:
> It does when you use curl's win32 SSL support. That makes my previous
> point wrong as we do not compile it with this option but openssl (for
> cross platform compatibility reasons). But as the curl's ca file works
> just fine, everything is good.
>
On Thu, Sep 19, 2013 at 5:38 PM, Adam Harvey wrote:
> On 19 September 2013 17:31, Pierre Joye wrote:
>> On Thu, Sep 19, 2013 at 2:41 PM, Adam Harvey wrote:
>>> As for the CA bundle side of things, I wonder if this is one of those
>>> rare times where an ini setting might make sense, as opposed t
On 19 September 2013 17:31, Pierre Joye wrote:
> On Thu, Sep 19, 2013 at 2:41 PM, Adam Harvey wrote:
>> As for the CA bundle side of things, I wonder if this is one of those
>> rare times where an ini setting might make sense, as opposed to actual
>> bundling — that would allow distros to point t
On Thu, Sep 19, 2013 at 2:41 PM, Adam Harvey wrote:
> On 19 September 2013 10:52, Daniel Lowrey wrote:
>>> *I consider this a bug* I understand that it's easier to code not verifying
>>> the
>>> peer, and the hostname may not be available when you are stacking ssl over
>>> a stream.
>>> But fil
On 19/09/13 23:41, Adam Harvey wrote:
As for the CA bundle side of things, I wonder if this is one of those
rare times where an ini setting might make sense, as opposed to actual
bundling — that would allow distros to point to their packaged bundles
without needing to patch php-src, and we could
> I think we should do this in 5.6.
+1 ... a renewed "emphasis on security" makes a good selling point when
answering the "why should I upgrade" questions. At the same time, targeting
the next minor version gives people ample time to plan/test/document
changes. Secure stream encryption settings by
On 19 September 2013 10:52, Daniel Lowrey wrote:
>> *I consider this a bug* I understand that it's easier to code not verifying
>> the
>> peer, and the hostname may not be available when you are stacking ssl over a
>> stream.
>> But file_get_contents("https://...";) is *precisely* the case that
> If a subjectAltName extension of type dNSName is present, that MUST
> be used as the identity. Otherwise, the (most specific) Common Name
> field in the Subject field of the certificate MUST be used. Although
> the use of the Common Name is existing practice, it is deprecated and
> Certification
Hi!
The PHP development team announces the immediate availability of PHP 5.5.4.
This release fixes several bugs against PHP 5.5.3.
All PHP users are encouraged to upgrade to this new version.
For source downloads of PHP 5.5.4 please visit our
downloads page:
http://www.php.net/downloads.php
Wi
-Original Message-
From: tjerk.meest...@gmail.com [mailto:tjerk.meest...@gmail.com] On Behalf
Of Tjerk Anne Meesters
Sent: Thursday, September 19, 2013 4:01 AM
> My point is that you need a reasonably up-to-date certs bundle to enable
verification by default.
Actually, you don't. There is
> Am 19.09.2013 um 11:10 schrieb "Leigh" :
>
> On 19 September 2013 03:20, William Bartlett
> wrote:
>> I would argue that LTR support is also inconsistent / not desired.
>>
>> If I wrote:
>>
>> $i = 0;
>> is_three($i = $i + 1, $i = $i + 1, $i = $i + 1);
>>
>> I would certainly expect is_three
2013/9/18 Ángel González :
> On 13/09/13 22:10, Lazy wrote:
>>
>> Hello internals,
>>
>> I'm trying to fix deadlock in an ancient php 5.2.17, php hangs on
>> internal libc lock.
>> From my understanding free is not safe to use in a signal handler, and
>> this seems to be the issue here.
>
> No, it
On Thu, Sep 19, 2013 at 09:58:59AM +0100, Chris Wright wrote:
> On Thu, Sep 19, 2013 at 2:07 AM, Tjerk Anne Meesters
> wrote:
> > To be practical, verifying certificates requires an up-to-date CA bundle
> > to be shipped with PHP; perhaps this is a simple thing to do, I'm not
> > sure.
>
> Unfort
On 19 September 2013 03:20, William Bartlett
wrote:
> I would argue that LTR support is also inconsistent / not desired.
>
> If I wrote:
>
> $i = 0;
> is_three($i = $i + 1, $i = $i + 1, $i = $i + 1);
>
> I would certainly expect is_three to return false, but I would also expect
> $i to contain thr
On Thu, Sep 19, 2013 at 2:02 PM, Pierre Joye wrote:
>
> On Sep 18, 2013 6:07 PM, "Tjerk Anne Meesters" wrote:
> >
> > On Thu, Sep 19, 2013 at 8:33 AM, Ángel González
> wrote:
> >
> > > On 16/09/13 15:58, Daniel Lowrey wrote:
> > >
> > >> More generally, PHP's stream encryption aspects are quite
On Thu, Sep 19, 2013 at 2:07 AM, Tjerk Anne Meesters
wrote:
> To be practical, verifying certificates requires an up-to-date CA bundle
> to be shipped with PHP; perhaps this is a simple thing to do, I'm not
> sure.
Unfortunately it isn't. It's easily possible to ship a current CA bundle
*at the p
17 matches
Mail list logo
