Skip to content

Instantly share code, notes, and snippets.

Yasuo Ohgaki yohgaki

Block or report user

Report or block yohgaki

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View 0001-Rework-scram_channel_binding-to-protect-from-downgra.patch
From 5bf51e7bdcfaf2d6e8af5132bb7884bc307f440b Mon Sep 17 00:00:00 2001
From: Michael Paquier <michael@paquier.xyz>
Date: Tue, 22 May 2018 17:03:48 +0900
Subject: [PATCH] Rework scram_channel_binding to protect from downgrade
attacks
When a client attempts to connect to a PostgreSQL cluster, it may be
possible that it requested channel binding with SCRAM authentication,
but that the server tricks the clister and forcibly downgrades the
authentication request. For example, a v10 cluster supports SCRAM but
@yohgaki
yohgaki / Dockerfile
Created Jan 22, 2018
Simpel Dockerfile for Alpine + DJBDNS (tinydns and axfrdns. No dnscache.)
View Dockerfile
FROM alpine
MAINTAINER Yasuo Ohgaki version: 0.1
RUN \
apk update; \
apk add gcc g++ make curl openssh-client rsync perl-net-dns
RUN \
mkdir /package; \
cd /package/; \
@yohgaki
yohgaki / hash_hkdf.xml.diff
Last active Jun 8, 2017
hash_hkdf() manual improvement
View hash_hkdf.xml.diff
Index: en/reference/hash/functions/hash-hkdf.xml
===================================================================
--- en/reference/hash/functions/hash-hkdf.xml (リビジョン 342317)
+++ en/reference/hash/functions/hash-hkdf.xml (作業コピー)
@@ -3,7 +3,7 @@
<refentry xml:id="function.hash-hkdf" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<refnamediv>
<refname>hash_hkdf</refname>
- <refpurpose>Generate a HKDF key derivation of a supplied key input</refpurpose>
+ <refpurpose>Derive secure new key from existing key by using HKDF</refpurpose>
@yohgaki
yohgaki / user_serializer.php
Last active Sep 23, 2018
How to implement user defined serializer by PHP 7.1 or less
View user_serializer.php
<?php
// This code is to explain why current API is not good for user defined serializer.
// https://wiki.php.net/rfc/user_defined_session_serializer
ob_start();
ini_set('session.serialize_handler', 'php_serialize');
ini_set('session.save_handler', 'files');
ini_set('session.save_path', '/tmp');
ini_set('session.use_strict_mode', 0);
@yohgaki
yohgaki / session_serializer.patch
Created Nov 4, 2016
Check delimiter and marker chars always, and remove legacy PS_ENCODE_LOOP macro.
View session_serializer.patch
diff --git a/ext/session/session.c b/ext/session/session.c
index b2d0236..4b30b96 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -890,19 +890,31 @@ PS_SERIALIZER_ENCODE_FUNC(php_binary) /* {{{ */
smart_str buf = {0};
php_serialize_data_t var_hash;
PS_ENCODE_VARS;
+ HashTable *_ht;
+ int key_type;
@yohgaki
yohgaki / head.c.patch
Last active Oct 21, 2016
Allow something like setcookie('A', 'B', ['expires'=>time()+999, 'httponly'=>1]);
View head.c.patch
diff --git a/ext/standard/head.c b/ext/standard/head.c
index eac9159..4842cb7d 100644
--- a/ext/standard/head.c
+++ b/ext/standard/head.c
@@ -181,6 +181,74 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
return result;
}
+enum cookie_set_opts {
+ COOKIE_SET_EXPIRES = 0,
View bug72997.php
<?php
ob_start();
ini_set('session.use_cookies', 1);
ini_set('session.save_handler', 'files');
session_name('BUG');
session_start();
@yohgaki
yohgaki / mb_convert_variables.patch
Created Oct 16, 2016
Fix circular reference issues in mb_convert_variables()
View mb_convert_variables.patch
diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c
index d6d7cfc..b35a409 100644
--- a/ext/mbstring/mbstring.c
+++ b/ext/mbstring/mbstring.c
@@ -3856,24 +3856,112 @@ PHP_FUNCTION(mb_convert_kana)
}
/* }}} */
-#define PHP_MBSTR_STACK_BLOCK_SIZE 32
+
View uniqid.patch
diff --git a/ext/standard/uniqid.c b/ext/standard/uniqid.c
index f429e6d..975e65b 100644
--- a/ext/standard/uniqid.c
+++ b/ext/standard/uniqid.c
@@ -36,8 +36,11 @@
#endif
#include "php_lcg.h"
+#include "php_random.h"
#include "uniqid.h"
View master-rfc-session-without-hashing.patch
diff --git a/UPGRADING b/UPGRADING
index 5400a2e..56221f4 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -71,6 +71,25 @@ PHP 7.1 UPGRADE NOTES
- OpenSSL:
. Dropped sslv2 stream.
+- Session:
+ . Session ID is generated from CSPNG directly. As a result, Session ID length
You can’t perform that action at this time.