Skip to content

Instantly share code, notes, and snippets.

Avatar

Yasuo Ohgaki yohgaki

View GitHub Profile
View 0001-Rework-scram_channel_binding-to-protect-from-downgra.patch
From 5bf51e7bdcfaf2d6e8af5132bb7884bc307f440b Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Tue, 22 May 2018 17:03:48 +0900
Subject: [PATCH] Rework scram_channel_binding to protect from downgrade
attacks
When a client attempts to connect to a PostgreSQL cluster, it may be
possible that it requested channel binding with SCRAM authentication,
but that the server tricks the clister and forcibly downgrades the
authentication request. For example, a v10 cluster supports SCRAM but
@yohgaki
yohgaki / Dockerfile
Created Jan 22, 2018
Simpel Dockerfile for Alpine + DJBDNS (tinydns and axfrdns. No dnscache.)
View Dockerfile
FROM alpine
MAINTAINER Yasuo Ohgaki version: 0.1
RUN \
apk update; \
apk add gcc g++ make curl openssh-client rsync perl-net-dns
RUN \
mkdir /package; \
cd /package/; \
@yohgaki
yohgaki / hash_hkdf.xml.diff
Last active Jun 8, 2017
hash_hkdf() manual improvement
View hash_hkdf.xml.diff
Index: en/reference/hash/functions/hash-hkdf.xml
===================================================================
--- en/reference/hash/functions/hash-hkdf.xml (リビジョン 342317)
+++ en/reference/hash/functions/hash-hkdf.xml (作業コピー)
@@ -3,7 +3,7 @@
<refentry xml:id="function.hash-hkdf" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<refnamediv>
<refname>hash_hkdf</refname>
- <refpurpose>Generate a HKDF key derivation of a supplied key input</refpurpose>
+ <refpurpose>Derive secure new key from existing key by using HKDF</refpurpose>
@yohgaki
yohgaki / user_serializer.php
Last active Jan 30, 2020
How to implement user defined serializer by PHP 7.1 or less
View user_serializer.php
<?php
// This code is to explain why current API is not good for user defined serializer.
// https://wiki.php.net/rfc/user_defined_session_serializer
ob_start();
ini_set('session.serialize_handler', 'php_serialize');
ini_set('session.save_handler', 'files');
ini_set('session.save_path', '/tmp');
ini_set('session.use_strict_mode', 0);
@yohgaki
yohgaki / session_serializer.patch
Created Nov 4, 2016
Check delimiter and marker chars always, and remove legacy PS_ENCODE_LOOP macro.
View session_serializer.patch
diff --git a/ext/session/session.c b/ext/session/session.c
index b2d0236..4b30b96 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -890,19 +890,31 @@ PS_SERIALIZER_ENCODE_FUNC(php_binary) /* {{{ */
smart_str buf = {0};
php_serialize_data_t var_hash;
PS_ENCODE_VARS;
+ HashTable *_ht;
+ int key_type;
@yohgaki
yohgaki / head.c.patch
Last active Oct 21, 2016
Allow something like setcookie('A', 'B', ['expires'=>time()+999, 'httponly'=>1]);
View head.c.patch
diff --git a/ext/standard/head.c b/ext/standard/head.c
index eac9159..4842cb7d 100644
--- a/ext/standard/head.c
+++ b/ext/standard/head.c
@@ -181,6 +181,74 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
return result;
}
+enum cookie_set_opts {
+ COOKIE_SET_EXPIRES = 0,
View bug72997.php
<?php
ob_start();
ini_set('session.use_cookies', 1);
ini_set('session.save_handler', 'files');
session_name('BUG');
session_start();
@yohgaki
yohgaki / mb_convert_variables.patch
Created Oct 16, 2016
Fix circular reference issues in mb_convert_variables()
View mb_convert_variables.patch
diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c
index d6d7cfc..b35a409 100644
--- a/ext/mbstring/mbstring.c
+++ b/ext/mbstring/mbstring.c
@@ -3856,24 +3856,112 @@ PHP_FUNCTION(mb_convert_kana)
}
/* }}} */
-#define PHP_MBSTR_STACK_BLOCK_SIZE 32
+
View uniqid.patch
diff --git a/ext/standard/uniqid.c b/ext/standard/uniqid.c
index f429e6d..975e65b 100644
--- a/ext/standard/uniqid.c
+++ b/ext/standard/uniqid.c
@@ -36,8 +36,11 @@
#endif
#include "php_lcg.h"
+#include "php_random.h"
#include "uniqid.h"
View master-rfc-session-without-hashing.patch
diff --git a/UPGRADING b/UPGRADING
index 5400a2e..56221f4 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -71,6 +71,25 @@ PHP 7.1 UPGRADE NOTES
- OpenSSL:
. Dropped sslv2 stream.
+- Session:
+ . Session ID is generated from CSPNG directly. As a result, Session ID length