Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:130208
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by lists.php.net (Postfix) with ESMTPS id 26F0B1A00BC
	for <internals@lists.php.net>; Sun,  1 Mar 2026 13:04:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1772370302; bh=Y6bD5oHCxaoknRqT0Jixoeo7a7dvGOHxQbrNucIpub4=;
	h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
	b=nJtvBRGgFO0fGOkjcb2LgmqEqs9lbf1m/0fkpyqKO8R/S0WSFJqGaA3tHXDJz46yi
	 2LSnkjMOwjB1nw/GRgNPKjriXTWY/YIB3Gb/uKfSL/TbOcUMGP+AsSk2ol4+5fRLxf
	 FFzJrh6/h3fxeTc0k+RszVS6qMrukoW5p2B7628/b3wGdvfj9kKJ1RT3vPOGWWCQzK
	 st9OJxcfGwRjzt3OcIEkgaaEuoxGk5lL67qOtazDc6XIag8qdwjaqqY+6z0X/cDvkv
	 xTl86xkpqng0FkNjH29/Zy1ptWTufgyf+XH+fkwi0YXpX7qAq3JtTX0W6OTvEplyEf
	 h547Rgq7Tj6dQ==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 14FEE180684
	for <internals@lists.php.net>; Sun,  1 Mar 2026 13:05:02 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=4.0.1
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun,  1 Mar 2026 13:05:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1772370295;
	bh=V1fyjaZ1kpAcuZRhGXcgH/KX25TFZtvHHvDAt8EE3AA=;
	h=MIME-Version:Date:From:To:Cc:Subject:In-Reply-To:References:
	 Message-ID:Content-Type:from:to:cc:subject:message-id;
	b=lwaFuXde9QctO/+tI4vg3x52ScCOb3OhYvYFugPYNS6ZXlLrpbuhp1GfrMOXu1Z+R
	 wqfY2rzxLFxennqKUuS4w/DFLlA+J1flqN5/53fjxScmXJ0XhcgJwmziM1MbAvR+ZJ
	 4wapb7BWZRfAv3+MIg2zSuUI17xisOdrFkyy6/kgkBGq+1VXj//IEaSk51w2//cg0K
	 ZoZwkULmp8fsH3q+FbYVXk5Vw4ddY9O3bqogmIqKNp8aejqlnp33o8Hs+hJAKuBCka
	 3wejOzrZFl94E66gk4PfoE7h1x3xzYsgt5LYqZ08PQPcZjNKR2amRebav/pueG3Owf
	 vAg1rjIDIgRGQ==
Precedence: list
list-help: <mailto:internals+help@lists.php.net>
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: <internals.lists.php.net>
x-ms-reactions: disallow
MIME-Version: 1.0
Date: Sun, 01 Mar 2026 14:04:55 +0100
To: Jakub Zelenka <bukka@php.net>
Cc: PHP internals list <internals@lists.php.net>
Subject: Re: [PHP-DEV] [RFC] TLS Session Resumption Support for Streams
In-Reply-To: <CAEKnhAFndXvd=YKFx5aN8yH=kw2NJ5NW_+mOX8OxUYfOYOpapw@mail.gmail.com>
References: <CAEKnhAG1KW-D+THEpm+C-e5caCNRPVhx61zLkZGjn_WaLcjRTA@mail.gmail.com>
 <2d741c45-9c92-4404-a0d5-02bf26a557b1@bastelstu.be>
 <CAEKnhAFndXvd=YKFx5aN8yH=kw2NJ5NW_+mOX8OxUYfOYOpapw@mail.gmail.com>
Message-ID: <cfbcf25d43c6235688c25792a9857c4b@bastelstu.be>
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=C3=BCsterhus?=)

Hi

Am 2026-02-13 20:22, schrieb Jakub Zelenka:
> So this changed a bit as only OpenSSLSession instance can be passed in. 
> So
> passing invalid and mallformed instance is not possible (TypeError is
> thrown if different type is passed in). But if it's expired, it should 
> just
> result in warning and full handshake. This should be later covered as 
> part
> of new stream error handling as non terminating error (stored error in
> exception mode).

Having a E_WARNING there still feels odd, but I can't comment on how 
error handling for streams or OpenSSL currently works. So I trust you 
there that this will consistently be fixed with a follow-up RFC :-)

For OpenSSLSession::import() and ::export() however, the RFC mentions 
\Exception being thrown on failure. According to the “Throwable” policy 
(https://github.com/php/policies/blob/main/coding-standards-and-naming.rst#throwables), 
this should be an extension-specific Exception. Since the hierarchy to 
use is clearly specified in the policy, adding:

     class \Openssl\OpensslException extends \Exception { }
     class \Openssl\OpensslError extends \Error { }

can be done without an RFC.

Then the ::import() function can use `class 
\Openssl\InvalidResumptionDataException extends 
\Openssl\OpensslExceptoin { }` or similar and for ::export() just using 
`OpensslException` directly is probably okay.

For the OpenSSLSession class, I leave it up to you whether it makes 
sense to also move it into the `Openssl` namespace or not (as 
Openssl\Session). The policy leaves some freedom here, since it's not 
directly related to any of the existing classes:

https://github.com/php/policies/blob/main/coding-standards-and-naming.rst#existing-non-namespaced-symbols-and-consistency

Other than the exception hierarchy, I don't have further remarks. The 
proposal makes sense to me and I'm looking forward to it.

Best regards
Tim Düsterhus