Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:125861 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by qa.php.net (Postfix) with ESMTPS id F33901A00BD for ; Fri, 25 Oct 2024 07:34:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1729841825; bh=zuJODF4VM4cyQ2KqWgHOCxmGGlLnxYPY1Z7njVw2Tm8=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=YwgHN47YzcCFOgOnuF2xm4zHXoW5XS3B4DxKQ1XlJoCzqP1pv7/hqz+9d6uHciCTp IlikXrBD6IfvNEL74W11ynypryHDvMAB3Pyt1AeTgqOGkBJYWlRn2UwDkh/Z3VuKme FVMcRHzjyPhB5/yYEZjv4XWUxE+VgtO8YLaAnBRPSrjo6/QqSQItvILv30b8yf4/sg kmY4U4Hb5RttSg4MU0iT2bXne6L7vBEioAk5KJkyZMVWUWogg9u5SaFzgCSUYJOaLX w8aM2Cde25ptLYr+u9vFJ0PC8yCX0q2T4TkWeDxfiKWltU61MqVP1zOvnVFamyjyy7 9q4kPb9oXs/oA== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id BFC661801D7 for ; Fri, 25 Oct 2024 07:37:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=4.0.0 X-Spam-Virus: No X-Envelope-From: Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 25 Oct 2024 07:37:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be; s=mail20171119; t=1729841676; bh=AGBnq5NpuuKo6mUscFEP+3tC6SaFlOMHlGg5xjEzjm4=; h=MIME-Version:Date:From:To:Cc:Subject:In-Reply-To:References: Message-ID:Content-Type:from:to:cc:subject:message-id; b=WJA15lsDHM0pEwl+slTciNrWkfu4+mmMLrKB8tHbDx5EEvbZ8/+Igj1lF6+qBcSLE L+YcaZknwvxF5ZZxSEOKgu7X0d4jZuUV+qNOvZEWASpAH7lpMPhbMrx9IoyfgOrp6G UaIztB79zVaAEKSkqWWTsk8+DqCq+bnTRY6WzbQ8573MLA08wzAgXDduZlwtVAZiMS aFoTDwxavuGZ3IywysWN953aUi51e1hqzqq2YYwgySntW2VZC++VVUKzFiYVQvyx3I 2boBCuG/VVMdlK4ZvRHsuq8207yetmGzDVOsfCz9XTAS0znCCwf5Rhoz7WU0U3HQKw I5G2CQnx9Oeuw== Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net x-ms-reactions: disallow MIME-Version: 1.0 Date: Fri, 25 Oct 2024 09:34:35 +0200 To: erictnorris@gmail.com Cc: PHP internals Subject: Re: [PHP-DEV] [VOTE] Add persistent curl share handles In-Reply-To: References: Message-ID: <6e533102b9a2e9c8f6a2183440b2601a@bastelstu.be> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=C3=BCsterhus?=) Hi Am 2024-10-24 20:20, schrieb Eric Norris: > I have opened the vote for "Add persistent curl share handles": > https://wiki.php.net/rfc/curl_share_persistence Apologies, I wanted to chime in before the vote started, but I was too busy. Nevertheless I want to share my reasons for voting "no" on this RFC: Persistent handles / resources / objects violate PHP’s shared-nothing request model, which is one fundamental part of how PHP works from my mental model. That's why I generally believe that persisting data across requests is generally unsafe, especially when used with stateful connections like a database connection. HTTP is generally stateless and I generally trust curl to do the right thing, which makes this somewhat safer, nevertheless the RFC would still be exposing a configurable (and thus stateful) object to an unknown number of future requests. I'm especially concerned, because the documentation for `curl_share_init()` uses `CURL_LOCK_DATA_COOKIE` as the example. I would also assume that sharing a cookie jar amongst several requests is the primary use case for leveraging a curl share handle, given that curl already performs in-request connection reuse when reusing a single CurlHandle or when performing requests with a CurlMultiHandle. Accidentally sharing a cookie jar for unrelated requests due to a badly chosen `$persistent_id` sounds like a vulnerability to is bound to happen to someone. Your RFC then lists "DNS lookups" as one of the possible things that would be sped up. Caching DNS lookups is already a solved problem: Install a caching resolver on your server. These commonly come with features such as pre-fetching, ensuring that commonly-performed lookups will stay cached at all times. As for sharing a TLS or HTTP connection, this might or might not lead to vulnerabilities similarly to cookie sharing, when TLS client certificates are used for authentication. Lastly there does not appear to be a way to close a persistent share handle either implicitly or explicitly, making it hard to reset the share handle to a well-defined state / to know what state the share handle is in. Also badly chosen `$persistent_id`s might result in a large number of handles accumulating, without any kind of garbage collection. For the existing persistent handles (e.g. for database connections), the ID is chosen by PHP itself, ensuring a somewhat predictable behavior. All in all, this RFC sounds like a foot-gun just waiting to go off and the RFC text is little more than a stub which does not inspire confidence that all the possible consequences have been fully thought-through. After all the pros and cons would also need to be documented in PHP’s documentation and the RFC text would be a good source for the documentation team. Best regards Tim Düsterhus