Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72821 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 67876 invoked from network); 26 Feb 2014 11:09:35 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 26 Feb 2014 11:09:35 -0000 Authentication-Results: pb1.pair.com smtp.mail=are.you.winning@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=are.you.winning@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.44 as permitted sender) X-PHP-List-Original-Sender: are.you.winning@gmail.com X-Host-Fingerprint: 209.85.216.44 mail-qa0-f44.google.com Received: from [209.85.216.44] ([209.85.216.44:55772] helo=mail-qa0-f44.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 21/10-01653-E6BCD035 for ; Wed, 26 Feb 2014 06:09:34 -0500 Received: by mail-qa0-f44.google.com with SMTP id f11so1958223qae.31 for ; Wed, 26 Feb 2014 03:09:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=+KAm9OQ/EzmWzBGJ8RJvs3/gtX0MxxbK1Cx0hoHSIc0=; b=QBt+N8/RR5lvafVasS5LSUY3Zi08owesvqi8mOvUfYyre8AyJJW+3vw+x94TUG7yOy 7wL8fY/gAu1tqu1WH4BKQNudhTmP5RDn1CVnDPpGa3oBhyoK9wMqIUbK6EGx5SJpvWEz O8gyJjPxAHhUdqJdI1ntXXZOwiVvvIm5ZbqmJRA2r0DPtWNcMJ4C89FnVFMpzN4HAQLK 2tBPUN43PqO07LanAJH/Hwg6S0QHgAO4c48vSRnMXZwwZbg0980vYK7gCVjnEkvTvmWh DhWK+7RZhDJqF36tdAj2QoQuMnGolsM7RSpVAzQZNXSzs9UlDxBUHLZuL7nbsp7nmJuT LU+Q== MIME-Version: 1.0 X-Received: by 10.140.102.242 with SMTP id w105mr6493712qge.74.1393412971846; Wed, 26 Feb 2014 03:09:31 -0800 (PST) Sender: are.you.winning@gmail.com Received: by 10.229.240.193 with HTTP; Wed, 26 Feb 2014 03:09:31 -0800 (PST) In-Reply-To: <54df89551690b2af245dba8088c7032b.squirrel@webmail.klapt.com> References: <54df89551690b2af245dba8088c7032b.squirrel@webmail.klapt.com> Date: Wed, 26 Feb 2014 11:09:31 +0000 X-Google-Sender-Auth: d8qLVnilEp2eYkafEl_v_ARN9cU Message-ID: To: Anatol Belski Cc: Chris Wright , "internals@lists.php.net" , Daniel Lowrey , Ferenc Kovacs , Pierre Joye , =?ISO-8859-1?Q?P=E1draic_Brady?= Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] Windows Peer Verification From: daverandom@php.net (Chris Wright) Hi Anatol It's interesting that you should have a problem here, both Daniel and I extensively "tested the tests" to ensure they would run and pass on both windows and *nix - although I never tested on mac because I don't have easy access to one (I'm not sure if Daniel did) but I assumed they would work nicely there since they worked on all the *nix flavours I tested. WHat OS are you running these on? The diff you show doesn't look like it would fix the problem as it seems to be waiting for eof on stdin in the worker, which shouldn't ever happen until the test is completed in the main process (the handle isn't closed until the main process code has finished executing, which if it uses a `wait()` will never happen if the worker executes successfully. I think it's likely that your machine is having difficulties launching the background process for some reason, I suggest you inspect the $cmd path generated in spawnWorkerProcess(). One thought that does occur is that it might be worth changing the sprintf pattern to "%s" "%s" %s - if you had any spaces in the path to the PHP binary then the unquoted command would probably fail to launch. On 26 February 2014 10:39, Anatol Belski wrote: > Hi Chris, > > On Wed, February 26, 2014 10:48, Chris Wright wrote: >> On 22 February 2014 00:31, Chris Wright wrote: >> >>> Following on from this thread and Daniel's excellent work on TLS >>> improvements, and liaising heavily with Daniel off-list, I have created a >>> PR [1] of some work I have done to get peer verification >>> working with Windows native certificate store. >>> >>> This is by far and away the most preferable option as it gives "out of >>> the box" support for peer verification by default on Windows, and does >>> not require any additional certificate bundles or configuration. It also >>> allows us to take advantage of trust updates rolled out via MS update >>> systems. >>> >>> The implementation is complete in that it supports all existing >>> features, although it needs a little polishing and some edge cases >>> covering before it can be merged. The only definite known issue at the >>> time of writing is that the method for fetching the CN from the >>> certificate incorrectly assumes that the returned data will always be >>> UTF-8 encoded, a solution for this is planned and will be implemented >>> in the next day or two. >>> >>> I am by no means an expert on the subject matter here in any respect, >>> so I encourage ruthless code review. >>> >>> Note that there are no new features here, it is simply looking to fill >>> in the gaps in the recent work by providing consistency on Windows. >>> >>> [1] https://github.com/php/php-src/pull/601 >>> >> >> This patch is now merged (thanks Daniel) and will be available in the >> next alpha. If anyone finds anything that doesn't behave as expected, >> please let me know. >> > > the tests with the removed pcntl dependencies do fail for me. I made a > small change here > > http://git.php.net/?p=php-src.git;a=commitdiff;h=56cbe043810ab773605aa6a6ca2eb362ea9a54e9 > > but still there are some with the similar diff > > TEST 43/79 > [C:\php-sdk\php56\vc11\x64\php-src\ext\openssl\tests\bug65538_001.phpt] > ========DIFF======== > 001+ Warning: file_get_contents(https://127.0.0.1:64321/): failed to open > stream: No connection could be made because the target machine actively > refused it. > 001- string(12) "Hello World!" > 002+ in > C:\php-sdk\php56\vc11\x64\php-src\ext\openssl\tests\ServerClientTestCase.inc(93) > : eval()'d code on line 8 > 003+ bool(false) > ========DONE======== > > Actually it's great to get rid of that pcntl dependency there, just we > should bring it inline. Working on the further fixes. > > Regards > > Anatol >