Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:38535
Return-Path: <steph@phparch.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 40166 invoked from network); 23 Jun 2008 11:08:03 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 23 Jun 2008 11:08:03 -0000
Authentication-Results: pb1.pair.com smtp.mail=steph@phparch.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=steph@phparch.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain phparch.com from 64.99.136.171 cause and error)
X-PHP-List-Original-Sender: steph@phparch.com
X-Host-Fingerprint: 64.99.136.171 smtprelay-virgin0171.hostedemail.com Linux 2.5 (sometimes 2.4) (4)
Received: from [64.99.136.171] ([64.99.136.171:52960] helo=smtprelay-virgin.hostedemail.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 82/78-23032-2148F584 for <internals@lists.php.net>; Mon, 23 Jun 2008 07:08:02 -0400
Received: from filter.hostedemail.com (ff-bigip1 [10.5.19.254])
	by smtprelay08.hostedemail.com (Postfix) with SMTP id DCA4795CD5;
	Mon, 23 Jun 2008 11:07:59 +0000 (UTC)
X-SpamScore: 1
Received: from foxbox (host86-143-244-1.range86-143.btcentralplus.com [86.143.244.1])
	(Authenticated sender: steph.fox)
	by omf12.hostedemail.com (Postfix) with ESMTP;
	Mon, 23 Jun 2008 11:07:58 +0000 (UTC)
Message-ID: <001701c8d521$97a83740$4401a8c0@foxbox>
Reply-To: "Steph Fox" <steph@phparch.com>
To: "Marcus Boerger" <mail@marcus-boerger.de>,
	<greg@chiaraquartet.net>
Cc: "internals" <internals@lists.php.net>
References: <20080622215109.PNGU6859.atlmtaow02.cingularme.com@COM>
Date: Mon, 23 Jun 2008 12:09:20 +0100
Organization: php|architect
MIME-Version: 1.0
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-session-marker: 73746570682E666F78
X-Spam-Summary: 2,0,0,dcba7bda6b3d7095,8726dcf7f06c1a64,steph@phparch.com,,RULES_HIT:355:379:539:540:541:542:543:567:599:600:800:945:960:973:980:988:989:1155:1156:1260:1277:1311:1313:1314:1345:1437:1515:1516:1518:1534:1543:1587:1593:1594:1711:1730:1747:1766:1792:2073:2075:2078:2393:2551:2553:2559:2562:2828:3027:3355:3636:3865:3866:3867:3868:3869:3870:3871:3872:3873:3874:4184:4250:4362:5007:6119:6261:7576:7875:7903:8603,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:none,DNSBL:none
Subject: Re: OpenSSL and Phar
From: steph@phparch.com ("Steph Fox")


Hi, Greg,

OK, you've missed my point too, so let's start over from scratch. Please 
read carefully.

I am working under Windows, a little-known operating system which as yet has 
no way of offering openssl support in ext/phar. My task is to make that 
work.

If I set it up in the usual way, this configuration works as expected:

--enable-phar --with-openssl

It works by defining PHAR_HAVE_OPENSSL, which switches everything on. That 
triggers a dependency on the openssl libraries, but it's hidden because the 
openssl extension shares that dependency.

If PHAR_HAVE_OPENSSL is not defined, phar relies on openssl extension calls. 
(I haven't yet investigated what happens to those when the user has no 
ext/openssl support at all.) Using something like PHAR_HAVE_OPENSSL_EXT to 
define that relationship can't work because there is no correlation between 
shared extensions that might be loaded by users and the original configure 
line for a given PHP build. We can only know whether or not the openssl 
extension was _built_ at the same time as phar.

These configurations can only work if we give phar an **explicit** 
dependency on the openssl libs:

--enable-phar=shared --with-openssl
--enable-phar --with-openssl=shared
--enable-phar=shared --with-openssl=shared

The question is whether that dependency should be triggered by an explicit 
configuration option, instead of implicitly by the coincidence of 
having --with-openssl in the configure line. I personally feel that we 
should, and suggest we use --enable-phar-ssl[=shared] for this.

Thanks,

- Steph



----- Original Message ----- 
From: <greg@chiaraquartet.net>
To: "Steph Fox" <steph@phparch.com>; "Marcus Boerger" 
<mail@marcus-boerger.de>
Cc: "internals" <internals@lists.php.net>
Sent: Sunday, June 22, 2008 9:50 PM
Subject: Re: OpenSSL and Phar



Hi,

Steph, look more closely, the libraries are only used if openssl is built 
statically.  Otherwise, phar directly calls openssl_verify or openssl_sign.

Greg

-----Original Message-----

From:  "Steph Fox" <steph@phparch.com>
Subj:  OpenSSL and Phar
Date:  Sun Jun 22, 2008 4:32 pm
Size:  701 bytes
To:  "Greg Beaver" <greg@chiaraquartet.net>,"Marcus Boerger" 
<mail@marcus-boerger.de>
cc:  "internals" <internals@lists.php.net>


Hi Greg, all,

It seems we don't use the openssl extension API at all in ext/phar, just the
actual OpenSSL headers and libs. That means Phar with OpenSSL support can be
both built and run without ext/openssl being built at all, but requires
third-party libs (under Windows at least - ssleay32.dll and libeay32.dll) in
the same way that ext/openssl does.

I'm wondering if we shouldn't have a separate configuration option for
this - something like --enable-phar-ssl - rather than testing
for --with-openssl in the config line.

The chief advantage of this approach is that it doesn't matter whether
phar-ssl is built as shared or not, since the dependency is outside PHP.

Thoughts?

- Steph