Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:74406
Return-Path: <nicolai.scheer@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 75961 invoked from network); 21 May 2014 10:20:46 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 21 May 2014 10:20:46 -0000
Authentication-Results: pb1.pair.com smtp.mail=nicolai.scheer@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=nicolai.scheer@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.44 as permitted sender)
X-PHP-List-Original-Sender: nicolai.scheer@gmail.com
X-Host-Fingerprint: 209.85.213.44 mail-yh0-f44.google.com  
Received: from [209.85.213.44] ([209.85.213.44:52892] helo=mail-yh0-f44.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 89/17-24198-DFD7C735 for <internals@lists.php.net>; Wed, 21 May 2014 06:20:46 -0400
Received: by mail-yh0-f44.google.com with SMTP id b6so1465031yha.3
        for <internals@lists.php.net>; Wed, 21 May 2014 03:20:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=+ZFYEDpbNawG71fO2uXm/9y0gmQspdQZ+w2wSCdg6Ts=;
        b=eh3V3CmSd1wLykCWyeTJMDCYpn4ofZwnx7KEIgMYhsUNElAYpVm7tvafQ3tTj8KVhq
         iN49gVtCnE5z/Qxd6MpPTK4kJtEnfEIn17ln2++2DiFdDaCHnMcGUfNpVcniknmAtMs4
         ksHZMKU+dWurS7Pn5GuhZtciQlZ6ACm6l7Q/6uvaTHJB1Zup4ZVSKnd+KCc9Cs0Ue83J
         GDYtLBPDb7+Ovxc+eAKo4ALuq563QeXFanQGwCMnbGsrdbQBVzWwI5MSuyQzuXroYK0V
         Q7C0Kyl7B3V/S70zw8AMGQxsBZdo3v874JF0Pfz5pxMPOXGfKcEb9CUPTp34Y4NQcitu
         MWZw==
MIME-Version: 1.0
X-Received: by 10.236.15.102 with SMTP id e66mr73585514yhe.69.1400667643112;
 Wed, 21 May 2014 03:20:43 -0700 (PDT)
Received: by 10.170.88.215 with HTTP; Wed, 21 May 2014 03:20:43 -0700 (PDT)
Date: Wed, 21 May 2014 12:20:43 +0200
Message-ID: <CAOg_pRQxKsJPgFaZ6_y7Rf1i4Bfkbx+FhCxuBtE9PWu58uOfOQ@mail.gmail.com>
To: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e0122a3d450ef6804f9e6599d
Subject: encode php scripts with opcache compatibility
From: nicolai.scheer@gmail.com (Nicolai Scheer)

--089e0122a3d450ef6804f9e6599d
Content-Type: text/plain; charset=UTF-8

Hi all,

I'm currently facing the situation, that I need to protect my php sources
and retain opcache compatibility.

I know there are quite a few commercial tools for "encoding" and protecting
php sources, but none of them seems to work in conjunction with php's
opcache extension.

Most products see this as part of their protection scheme.

Basically it would be ok to just dump the _zend_op_array struct (defined in
zend_compile.h) to a file and make the zend engine able to load it again.
Once it is loaded, it could be server from opcache.

Unfortunately bcompiler is not (yet?) compatible with php 5.5.x, and
digging through the source it seems to be not an easy task to serialize the
opcode array (seems as if the code is borrowed from apc).

I also had a look at blenc, which just overrides the compile_function to
read an encrypted source file and then compile the resulting string. This
might be a first solution, though I'd rather deliver opcodes to the
client's server than just an encrypted script. Sadly blenc just crashes php
when it tries to serve an encrypted script from opcache and I could not
figure out yet, what's wrong there (tested on windows and linux using php
5.5.12).

Is there any solution for my situation?
Are there any plans to add the "serialize opcode to string, dump string to
file and load it again"-functionality to php?
How easy would it be to add this functionality?

Maybe there are already functions I don't know about to ease this process ?

Any hint is greatly appreciated!

Greetings

Nico

--089e0122a3d450ef6804f9e6599d--