Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:55630
Return-Path: <christian.stocker@liip.ch>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 54282 invoked from network); 26 Sep 2011 17:59:48 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Sep 2011 17:59:48 -0000
Authentication-Results: pb1.pair.com smtp.mail=christian.stocker@liip.ch; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=christian.stocker@liip.ch; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain liip.ch designates 207.126.144.127 as permitted sender)
X-PHP-List-Original-Sender: christian.stocker@liip.ch
X-Host-Fingerprint: 207.126.144.127 eu1sys200aog109.obsmtp.com Linux 2.5 (sometimes 2.4) (4)
Received: from [207.126.144.127] ([207.126.144.127:40910] helo=eu1sys200aog109.obsmtp.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8D/A6-02759-19DB08E4 for <internals@lists.php.net>; Mon, 26 Sep 2011 13:59:46 -0400
Received: from mail-wy0-f180.google.com ([74.125.82.180]) (using TLSv1) by eu1sys200aob109.postini.com ([207.126.147.11]) with SMTP
	ID DSNKToC9jTB72hNeTwBH63Z7cL7dGRx+/5wp@postini.com; Mon, 26 Sep 2011 17:59:46 UTC
Received: by mail-wy0-f180.google.com with SMTP id 11so6475685wyh.39
        for <internals@lists.php.net>; Mon, 26 Sep 2011 10:59:41 -0700 (PDT)
Received: by 10.216.137.232 with SMTP id y82mr9063879wei.104.1317059981654;
        Mon, 26 Sep 2011 10:59:41 -0700 (PDT)
Received: from air11.local (84-72-44-234.dclient.hispeed.ch. [84.72.44.234])
        by mx.google.com with ESMTPS id en20sm32035043wbb.20.2011.09.26.10.59.39
        (version=TLSv1/SSLv3 cipher=OTHER);
        Mon, 26 Sep 2011 10:59:40 -0700 (PDT)
Message-ID: <4E80BD8A.5070606@liip.ch>
Date: Mon, 26 Sep 2011 19:59:38 +0200
Organization: Liip AG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: PHPdev <internals@lists.php.net>
X-Enigmail-Version: 1.3.2
OpenPGP: id=0748D5FE;
	url=http://gpg-keyserver.de/pks/lookup?op=get&search=0xC2BAFBC30748D5FE
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Question about ABI compatibility for an ext/xsl patch and an API
 question for the implementation
From: christian.stocker@liip.ch (Christian Stocker)

Hi

Some weeks ago I wrote a patch to disable writing from within XSLT
templates. That patch is now in 5.4 but wasn't accepted in PHP 5.3 since
it changed a struct in the header file.

I have now I new patch which doesn't need that changing in the struct,
but I need a new .h file from libxslt.

https://gist.github.com/3d3d3c3418236f748118 (unfinished patch, just a
proof of concept, but the basics are there)

Can anybody tell me, if that still breaks binary compatibility for
extensions or if that would be ok?

Then a more general question:

There are now 2 ways to enable write access again (in 5.4). Via an
additional optional parameter to the transform methods (this works with
the patch above in 5.3 also) or via the new 5.4 only method
->setSecurityPrefs(). The former is from a clean API point of view not
nice, adding more and more optional parameters to methods is the ticket
to hell usually. But I can't come up with a better solution for 5.3
without breaking the ABI. And since it's somehow a security issue, I
would sleep better a lot, if we have a proper patch for 5.3 as well.

To keep BC, I can't just delete the optional parameter again for 5.4,
that would make portable code a pain. OTOH, the way I did it know, it
breaks BC with PHP < 5.3.9, if you want to enable write access in xslt
templates in PHP 5.3.9+. If you don't need that, which is maybe 99.9% of
all cases, BC is kept for since PHP 5.0 until much after PHP 5.4 :)

So there are 3 options

1) leave it like it is currently. No write protection in 5.3, only in 5.4
2) Have 2 ways to enable write access from 5.3.9+ and 5.4.
3) Remove the ->setSecurityPrefs() in 5.4, so there's only one way to
enable write access again, but it's the nasty one from a clean API POV.

For 2) and 3), code with those new options won't work anymore in 5.3.8-
(but you can check it in PHP user land and treat it differently), but
you get write protection automatically

Again, all this will only affect a very small fraction of users, those
who legitimately wrote files from within XSLT.

Any opinions? Me personally would like to have it in PHP 5.3 (or at
least offer a proper patch).

chregu