Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:97924
Return-Path: <jakub.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 1972 invoked from network); 22 Jan 2017 19:33:05 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 22 Jan 2017 19:33:05 -0000
Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.176 as permitted sender)
X-PHP-List-Original-Sender: jakub.php@gmail.com
X-Host-Fingerprint: 209.85.213.176 mail-yb0-f176.google.com  
Received: from [209.85.213.176] ([209.85.213.176:34184] helo=mail-yb0-f176.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8C/89-00729-0F805885 for <internals@lists.php.net>; Sun, 22 Jan 2017 14:33:04 -0500
Received: by mail-yb0-f176.google.com with SMTP id j82so81636606ybg.1
        for <internals@lists.php.net>; Sun, 22 Jan 2017 11:33:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=rPihO85yUd/XZSM7pruxx3Aph4wF79rUfEIizmdc8jM=;
        b=lduhbSieR1yGNbyMr1/uIj/yntesjt2ePxJHPVE1TcbNoNPNY8MNLA5+QAwkij1woV
         w7/ezSmKbLPg/Vui3wNrZXwHPoUi8D9Rcq3nh8sh8m8vm5oFqw66jC6E0MgbueOYnZ9k
         vOkTEvk5jU8ysSOdLhb0CrsmSb7roLapVpQIGW9A/C6wWtW7rAY4X7yL/lZWun+l5KAp
         aBk79/4cNjc6Li7g2cz9lWvVO1wV9X/pdA/pjqP7D/sn0SAggeMrLJssxKshorBmoIf7
         j95/1Tz7w+b0doBCQFgCPRWfzcumb0r8Tr87qw/txZKl8h4y+doLMit8xXK3FzFEdEDJ
         3fCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=rPihO85yUd/XZSM7pruxx3Aph4wF79rUfEIizmdc8jM=;
        b=Zc0f7nLYhBC1Xj+yKaq3k1mRyjmzvi6/mHA+0fT+yq3ezKkUdDy9p03cOlgOTT2+cO
         1e6161o5YXVQcsnq0f0ewsKzRsWBNb0YVJpcz0KLBlfiucOwuQB4/BP7F5z3pWfP9uXv
         j9kTE5tQg9e0PEYOUg+M0XXTLagRhODmzzl3YkQszPJqP/yGreB/7C7CK+LC4800kI+t
         3fJHz9rq/c9xsA086JwDIZR5ujRo5/gIjdOFcWYHkqnSoqYz1D8bnGkH7e/yXcpoLlO4
         gCPmnj09d4kRiblTp3APBGbJ89Uhf9OGXTFVOH+J2Srb6VyukrgICkaQVdnLDN1dr8Yq
         sYbQ==
X-Gm-Message-State: AIkVDXLHxQGRPcldpi1vgcKTDCYgFoZ+9ObT4JNcRcCCbz6SR1AmH3IBPipek7vMZ2UpVxRRMCBVMC2fVhnpDg==
X-Received: by 10.37.42.80 with SMTP id q77mr17864087ybq.102.1485113581896;
 Sun, 22 Jan 2017 11:33:01 -0800 (PST)
MIME-Version: 1.0
Sender: jakub.php@gmail.com
Received: by 10.129.72.73 with HTTP; Sun, 22 Jan 2017 11:33:01 -0800 (PST)
In-Reply-To: <CACXBjuhUphs7uZwFCn+18_DLC=Dcyg_TTyJRS7dLFfjNmP5f2Q@mail.gmail.com>
References: <CACXBjuhUphs7uZwFCn+18_DLC=Dcyg_TTyJRS7dLFfjNmP5f2Q@mail.gmail.com>
Date: Sun, 22 Jan 2017 19:33:01 +0000
X-Google-Sender-Auth: lDoB2uIDiYDHRXeqAGyV8-5FGoY
Message-ID: <CAEKnhAHtXJp7UY49moWbJN+0VOeYaxCs_erf4=X4Od4yz4Mh3Q@mail.gmail.com>
To: Rasmus Lerdorf <rasmus@lerdorf.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a1144047e80098c0546b3f33f
Subject: Re: PHP 7.0 and openssl 1.1
From: bukka@php.net (Jakub Zelenka)

--001a1144047e80098c0546b3f33f
Content-Type: text/plain; charset=UTF-8

Hi Rasmus,

On Sun, Jan 22, 2017 at 1:28 AM, Rasmus Lerdorf <rasmus@lerdorf.com> wrote:

> Jakub, what do you think about back-porting the openssl-1.1 supporting
> changes to the PHP-7.0 branch? I think it is too early to have PHP-7.0 not
> compile on new Linux versions and right now it doesn't compile on any Linux
> that has openssl-1.1.
>
>
The thing is that the patch required quite a lot of changes and it was
based on the AEAD and OpenSSL error storing changes so the it changed quite
a lot of code. So all changes together makes some difference between 7.0
and 7.1:

[jakub@localhost 71]$ git diff --stat PHP-7.0 ext/openssl/*.[c,h]
 ext/openssl/openssl.c     | 1991 ...
 ext/openssl/php_openssl.h |   25 ...
 ext/openssl/xp_ssl.c      |  199 ...
 3 files changed, 1613 insertions(+), 602 deletions(-)

This shows just openssl ext source files but there are some other changes
for phar and some tweaks in tests.

For that reason I decided that it will be better to target just 7.1 to have
full QA cycle which was a good decision because I needed to fix few things
in beta and rc.

It means that the back-port would require some work to extract just the
porting bits and all test it. It might be slightly trickier as 7.0 still
support 0.9.8 which might complicate things a bit. Also there is still one
failing SNI tests that needs some looking and couple of things needs a look
as well so the port is still not 100% complete. In general I'm not so sure
if it's really worth it to invest too much time into back-porting it as I'm
not sure how many users would really appreciate it (meaning how many users
are not able to update to PHP 7.1 and need to use OpenSSL 1.1.). It might
be also quite a big patch for the point release but if RM is ok with that
and someone wants to spend that time on porting it, I can do the review.
Personally I have got some other stuff on my list (including finishing the
port in 7.1 and some other OpenSSL fixes) so won't probably have time for
anything else than review.

Cheers

Jakub

--001a1144047e80098c0546b3f33f--