Skip to content

Instantly share code, notes, and snippets.

@yohgaki
Created November 20, 2011 01:35
Show Gist options
  • Save yohgaki/1379668 to your computer and use it in GitHub Desktop.
Save yohgaki/1379668 to your computer and use it in GitHub Desktop.
PHP master: Strict session patch
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 621c4e1..a21e0ca 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -61,40 +61,9 @@ typedef struct {
} ps_files;
ps_module ps_mod_files = {
- PS_MOD(files)
+ PS_MOD_SID(files)
};
-/* If you change the logic here, please also update the error message in
- * ps_files_open() appropriately */
-static int ps_files_valid_key(const char *key)
-{
- size_t len;
- const char *p;
- char c;
- int ret = 1;
-
- for (p = key; (c = *p); p++) {
- /* valid characters are a..z,A..Z,0..9 */
- if (!((c >= 'a' && c <= 'z')
- || (c >= 'A' && c <= 'Z')
- || (c >= '0' && c <= '9')
- || c == ','
- || c == '-')) {
- ret = 0;
- break;
- }
- }
-
- len = p - key;
-
- /* Somewhat arbitrary length limit here, but should be way more than
- anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
- if (len == 0 || len > 128) {
- ret = 0;
- }
-
- return ret;
-}
static char *ps_files_path_create(char *buf, size_t buflen, ps_files *data, const char *key)
{
@@ -155,11 +124,12 @@ static void ps_files_open(ps_files *data, const char *key TSRMLS_DC)
ps_files_close(data);
- if (!ps_files_valid_key(key)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
+ if (php_session_validate_key(key) == FAILURE) {
PS(invalid_session_id) = 1;
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
return;
}
+
if (!ps_files_path_create(buf, sizeof(buf), data, key)) {
return;
}
@@ -253,6 +223,51 @@ static int ps_files_cleanup_dir(const char *dirname, int maxlifetime TSRMLS_DC)
return (nrdels);
}
+static int ps_files_validate_sid(ps_files *data, char *key TSRMLS_DC)
+{
+ char buf[MAXPATHLEN];
+ int fd;
+
+ if (php_session_validate_key(key) == FAILURE) {
+ PS(invalid_session_id) = 1;
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
+ return FAILURE;
+ }
+
+ if (!ps_files_path_create(buf, sizeof(buf), data, key)) {
+ PS(invalid_session_id) = 1;
+ return FAILURE;
+ }
+
+ fd = VCWD_OPEN_MODE(buf, O_RDWR | O_BINARY, data->filemode);
+
+ if (fd != -1) {
+ close(fd);
+ return SUCCESS;
+ }
+
+ PS(invalid_session_id) = 1;
+ return FAILURE;
+}
+
+static int ps_files_check_collision(ps_files *data, char *key TSRMLS_DC)
+{
+ char buf[MAXPATHLEN];
+ struct stat sbuf;
+
+ if (!ps_files_path_create(buf, sizeof(buf), data, key)) {
+ PS(invalid_session_id) = 1;
+ return FAILURE;
+ }
+
+ if (!VCWD_STAT(buf, &sbuf)) {
+ PS(invalid_session_id) = 1;
+ return FAILURE;
+ }
+ return SUCCESS;
+}
+
+
#define PS_FILES_DATA ps_files *data = PS_GET_MOD_DATA()
PS_OPEN_FUNC(files)
@@ -263,6 +278,7 @@ PS_OPEN_FUNC(files)
int argc = 0;
size_t dirdepth = 0;
int filemode = 0600;
+ int cnt = 0;
if (*save_path == '\0') {
/* if save path is an empty string, determine the temporary dir */
@@ -316,6 +332,29 @@ PS_OPEN_FUNC(files)
}
PS_SET_MOD_DATA(data);
+ /* If there is an ID and strict mode, verify it */
+ if (PS(id) && PS(use_strict_mode)
+ && ps_files_validate_sid(data, PS(id) TSRMLS_CC) == FAILURE) {
+ efree(PS(id));
+ PS(id) = NULL;
+ }
+
+ /* If there is no ID, use session module to create one */
+ while(!PS(id)) {
+ PS(id) = PS(mod)->s_create_sid((void **)&data, NULL TSRMLS_CC);
+ if (cnt++ > 3) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create session ID more than twice. Check your save_path.");
+ return FAILURE;
+ }
+ if (!PS(id) || ps_files_check_collision(data, PS(id) TSRMLS_CC) == FAILURE) {
+ continue;
+ }
+ PS(invalid_session_id) = 0;
+ if (PS(use_cookies)) {
+ PS(send_cookie) = 1;
+ }
+ }
+
return SUCCESS;
}
@@ -342,7 +381,7 @@ PS_READ_FUNC(files)
struct stat sbuf;
PS_FILES_DATA;
- ps_files_open(data, key TSRMLS_CC);
+ ps_files_open(data, PS(id) TSRMLS_CC);
if (data->fd < 0) {
return FAILURE;
}
@@ -454,6 +493,24 @@ PS_GC_FUNC(files)
return SUCCESS;
}
+PS_CREATE_SID_FUNC(files)
+{
+ char *sid;
+ PS_FILES_DATA;
+
+ sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+
+ if (!sid) {
+ int newlen, old_hash;
+ old_hash = PS(hash_func);
+ PS(hash_func) = PS_HASH_FUNC_SHA1; /* use SHA1 so that it never fails */
+ PS(id) = php_session_create_id((void **)&data, &newlen TSRMLS_CC);
+ PS(hash_func) = old_hash;
+ }
+ return sid;
+}
+
+
/*
* Local variables:
* tab-width: 4
diff --git a/ext/session/mod_files.h b/ext/session/mod_files.h
index 43ac47f..3cdcad4 100644
--- a/ext/session/mod_files.h
+++ b/ext/session/mod_files.h
@@ -24,6 +24,6 @@
extern ps_module ps_mod_files;
#define ps_files_ptr &ps_mod_files
-PS_FUNCS(files);
+PS_FUNCS_SID(files);
#endif
diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c
index b99dd82..cfa9a3b 100644
--- a/ext/session/mod_mm.c
+++ b/ext/session/mod_mm.c
@@ -124,7 +124,7 @@ static ps_sd *ps_sd_new(ps_mm *data, const char *key)
if (!sd) {
TSRMLS_FETCH();
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "mm_malloc failed, avail %d, err %s", mm_available(data->mm), mm_error());
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "mm_malloc failed, avail %ld, err %s", mm_available(data->mm), mm_error());
return NULL;
}
@@ -208,8 +208,38 @@ static ps_sd *ps_sd_lookup(ps_mm *data, const char *key, int rw)
return ret;
}
+static int ps_mm_validate_sid(ps_mm *data, const char *key)
+{
+ ps_sd *sd;
+
+ if (php_session_validate_key(key) == FAILURE) {
+ PS(invalid_session_id) = 1;
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
+ return FAILURE;
+ }
+
+ sd = ps_sd_lookup(data, key, 0);
+ if (sd) {
+ return FAILURE;
+ }
+ PS(invalid_session_id) = 1;
+ return SUCCESS;
+}
+
+static int ps_mm_check_collision(ps_mm *data, const char *key)
+{
+ ps_sd *sd;
+
+ sd = ps_sd_lookup(data, key, 0);
+ if (sd) {
+ PS(invalid_session_id) = 1;
+ return FAILURE;
+ }
+ return SUCCESS;
+}
+
ps_module ps_mod_mm = {
- PS_MOD(mm)
+ PS_MOD_SID(mm)
};
#define PS_MM_DATA ps_mm *data = PS_GET_MOD_DATA()
@@ -257,6 +287,7 @@ static void ps_mm_destroy(ps_mm *data)
free(data);
}
+
PHP_MINIT_FUNCTION(ps_mm)
{
int save_path_len = strlen(PS(save_path));
@@ -314,6 +345,9 @@ PHP_MSHUTDOWN_FUNCTION(ps_mm)
PS_OPEN_FUNC(mm)
{
+ int cnt = 0;
+ PS_MM_DATA;
+
ps_mm_debug(("open: ps_mm_instance=%p\n", ps_mm_instance));
if (!ps_mm_instance) {
@@ -321,6 +355,29 @@ PS_OPEN_FUNC(mm)
}
PS_SET_MOD_DATA(ps_mm_instance);
+ /* If there is an ID and strict mode, verify it */
+ if (PS(id) && PS(use_strict_mode)
+ && ps_mm_validate_sid(data, PS(id) TSRMLS_CC) == FAILURE) {
+ efree(PS(id));
+ PS(id) = NULL;
+ }
+
+ /* If there is no ID, use session module to create one */
+ while(!PS(id)) {
+ PS(id) = PS(mod)->s_create_sid((void **)&data, NULL TSRMLS_CC);
+ if (cnt++ > 3) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create session ID more than twice. Check your save_path.");
+ return FAILURE;
+ }
+ if (!PS(id) || ps_mm_check_collision(data, PS(id) TSRMLS_CC) == FAILURE) {
+ continue;
+ }
+ PS(invalid_session_id) = 0;
+ if (PS(use_cookies)) {
+ PS(send_cookie) = 1;
+ }
+ }
+
return SUCCESS;
}
@@ -442,6 +499,24 @@ PS_GC_FUNC(mm)
return SUCCESS;
}
+PS_CREATE_SID_FUNC(mm)
+{
+ char *sid;
+ PS_MM_DATA;
+
+ sid = php_session_create_id((void **)&data, newlen);
+
+ if (!sid) {
+ int newlen, old_hash;
+ old_hash = PS(hash_func);
+ PS(hash_func) = PS_HASH_FUNC_SHA1; /* use SHA1 so that it never fails */
+ PS(id) = php_session_create_id((void **)&data, &newlen TSRMLS_CC);
+ PS(hash_func) = old_hash;
+ }
+
+ return sid;
+}
+
#endif
/*
diff --git a/ext/session/mod_mm.h b/ext/session/mod_mm.h
index adec504..98f7d09 100644
--- a/ext/session/mod_mm.h
+++ b/ext/session/mod_mm.h
@@ -31,7 +31,7 @@ PHP_MSHUTDOWN_FUNCTION(ps_mm);
extern ps_module ps_mod_mm;
#define ps_mm_ptr &ps_mod_mm
-PS_FUNCS(mm);
+PS_FUNCS_SID(mm);
#endif
#endif
diff --git a/ext/session/mod_user.c b/ext/session/mod_user.c
index 2ff5302..eb14bb5 100644
--- a/ext/session/mod_user.c
+++ b/ext/session/mod_user.c
@@ -79,6 +79,7 @@ static zval *ps_call_handler(zval *func, int argc, zval **argv TSRMLS_DC)
PS_OPEN_FUNC(user)
{
zval *args[2];
+ int cnt = 0;
STDVARS;
if (PSF(open) == NULL) {
@@ -94,6 +95,25 @@ PS_OPEN_FUNC(user)
retval = ps_call_handler(PSF(open), 2, args TSRMLS_CC);
PS(mod_user_implemented) = 1;
+ /* If there is no SID, use session module to create one.
+ * mod_user do not validate SID, nor check SID collision.
+ * Users are responsible to do that.
+ */
+ while(!PS(id)) {
+ PS(id) = php_session_create_id((void **)mod_data, NULL TSRMLS_CC);
+ if (cnt++ > 3) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create session ID more than twice. Check your save_path.");
+ return FAILURE;
+ }
+ PS(invalid_session_id) = 0;
+ }
+
+ if (PS(use_strict_mode) && php_session_validate_key(PS(id)) == FAILURE) {
+ PS(invalid_session_id) = 1;
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
+ return FAILURE;
+ }
+
FINISH;
}
@@ -117,7 +137,7 @@ PS_READ_FUNC(user)
zval *args[1];
STDVARS;
- SESS_ZVAL_STRING((char*)key, args[0]);
+ SESS_ZVAL_STRING(PS(id), args[0]);
retval = ps_call_handler(PSF(read), 1, args TSRMLS_CC);
diff --git a/ext/session/mod_user.h b/ext/session/mod_user.h
index ea1980a..a25fa6d 100644
--- a/ext/session/mod_user.h
+++ b/ext/session/mod_user.h
@@ -24,6 +24,6 @@
extern ps_module ps_mod_user;
#define ps_user_ptr &ps_mod_user
-PS_FUNCS(user);
+PS_FUNCS_SID(user);
#endif
diff --git a/ext/session/mod_user_class.c b/ext/session/mod_user_class.c
index 70d2f40..3a5daee 100644
--- a/ext/session/mod_user_class.c
+++ b/ext/session/mod_user_class.c
@@ -39,7 +39,7 @@
PHP_METHOD(SessionHandler, open)
{
char *save_path = NULL, *session_name = NULL;
- int save_path_len, session_name_len;
+ int save_path_len, session_name_len, cnt = 0;
PS_SANITY_CHECK;
@@ -49,6 +49,25 @@ PHP_METHOD(SessionHandler, open)
PS(mod_user_is_open) = 1;
RETVAL_BOOL(SUCCESS == PS(default_mod)->s_open(&PS(mod_data), save_path, session_name TSRMLS_CC));
+
+ /* If there is no SID, use session module to create one.
+ * mod_user do not validate SID, nor check SID collision.
+ * Users are responsible to do that.
+ */
+ while(!PS(id)) {
+ PS(id) = php_session_create_id(&PS(mod_data), NULL TSRMLS_CC);
+ if (cnt++ > 3) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create session ID more than twice. Check your save_path.");
+ return;
+ }
+ PS(invalid_session_id) = 0;
+ }
+
+ if (PS(use_strict_mode) && php_session_validate_key(PS(id)) == FAILURE) {
+ PS(invalid_session_id) = 1;
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
+ return;
+ }
}
/* }}} */
@@ -80,7 +99,7 @@ PHP_METHOD(SessionHandler, read)
return;
}
- if (PS(default_mod)->s_read(&PS(mod_data), key, &val, &val_len TSRMLS_CC) == FAILURE) {
+ if (PS(default_mod)->s_read(&PS(mod_data), PS(id), &val, &val_len TSRMLS_CC) == FAILURE) {
RETVAL_FALSE;
return;
}
diff --git a/ext/session/php_session.h b/ext/session/php_session.h
index ba0195b..c2398e6 100644
--- a/ext/session/php_session.h
+++ b/ext/session/php_session.h
@@ -39,6 +39,8 @@
/* default create id function */
PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS);
+/* default session id validation function */
+PHPAPI int php_session_validate_key(const char *key);
typedef struct ps_module_struct {
const char *s_name;
@@ -75,7 +77,7 @@ typedef struct ps_module_struct {
#x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \
ps_delete_##x, ps_gc_##x, php_session_create_id
-/* SID enabled module handler definitions */
+/* SID creation enabled module handler definitions */
#define PS_FUNCS_SID(x) \
PS_OPEN_FUNC(x); \
PS_CLOSE_FUNC(x); \
@@ -89,6 +91,12 @@ typedef struct ps_module_struct {
#x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \
ps_delete_##x, ps_gc_##x, ps_create_sid_##x
+enum {
+ PS_HASH_FUNC_MD5,
+ PS_HASH_FUNC_SHA1,
+ PS_HASH_FUNC_OTHER
+};
+
typedef enum {
php_session_disabled,
php_session_none,
@@ -174,6 +182,8 @@ typedef struct _php_ps_globals {
smart_str rfc1867_name; /* session.upload_progress.name */
long rfc1867_freq; /* session.upload_progress.freq */
double rfc1867_min_freq; /* session.upload_progress.min_freq */
+
+ zend_bool use_strict_mode; /* whether or not PHP accepts unknown session ids */
} php_ps_globals;
typedef php_ps_globals zend_ps_globals;
diff --git a/ext/session/session.c b/ext/session/session.c
index 7a8199d..78b46d8 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -231,12 +231,6 @@ static void php_session_decode(const char *val, int vallen TSRMLS_DC) /* {{{ */
static char hexconvtab[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,-";
-enum {
- PS_HASH_FUNC_MD5,
- PS_HASH_FUNC_SHA1,
- PS_HASH_FUNC_OTHER
-};
-
/* returns a pointer to the byte after the last valid character in out */
static char *bin_to_readable(char *in, size_t inlen, char *out, char nbits) /* {{{ */
{
@@ -425,6 +419,41 @@ PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */
}
/* }}} */
+/* Default char validation function allowed by ps_modules.
+ * If you change the logic here, please also update the error message in
+ * ps_modules appropriately */
+PHPAPI int php_session_validate_key(const char *key) /* {{{ */
+{
+ size_t len;
+ const char *p;
+ char c;
+ int ret = SUCCESS;
+
+ for (p = key; (c = *p); p++) {
+ /* valid characters are a..z,A..Z,0..9 */
+ if (!((c >= 'a' && c <= 'z')
+ || (c >= 'A' && c <= 'Z')
+ || (c >= '0' && c <= '9')
+ || c == ','
+ || c == '-')) {
+ ret = FAILURE;
+ break;
+ }
+ }
+
+ len = p - key;
+
+ /* Somewhat arbitrary length limit here, but should be way more than
+ anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
+ if (len == 0 || len > 128) {
+ ret = FAILURE;
+ }
+
+ return ret;
+}
+/* }}} */
+
+
static void php_session_initialize(TSRMLS_D) /* {{{ */
{
char *val;
@@ -447,9 +476,12 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */
return;
}
- /* If there is no ID, use session module to create one */
+ /* If there is no ID, use session module to create one.
+ * This code must exist for third party PS module compatibility.
+ * Third party PS modules should validate PS(id) in open function
+ * to prevent session adoption and collision.
+ */
if (!PS(id)) {
-new_session:
PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
if (PS(use_cookies)) {
PS(send_cookie) = 1;
@@ -462,16 +494,13 @@ new_session:
* it could prove usefull for those sites which wish to have "default"
* session information. */
php_session_track_init(TSRMLS_C);
- PS(invalid_session_id) = 0;
if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == SUCCESS) {
php_session_decode(val, vallen TSRMLS_CC);
efree(val);
- } else if (PS(invalid_session_id)) { /* address instances where the session read fails due to an invalid id */
- PS(invalid_session_id) = 0;
- efree(PS(id));
- PS(id) = NULL;
- goto new_session;
}
+ /* We should not address read failure here, since it may cause infinate
+ * loop by db/storage/network/etc errors depending on save handler's implementation.
+ */
}
/* }}} */
@@ -720,6 +749,7 @@ PHP_INI_BEGIN()
STD_PHP_INI_BOOLEAN("session.cookie_httponly", "", PHP_INI_ALL, OnUpdateBool, cookie_httponly, php_ps_globals, ps_globals)
STD_PHP_INI_BOOLEAN("session.use_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_cookies, php_ps_globals, ps_globals)
STD_PHP_INI_BOOLEAN("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_only_cookies, php_ps_globals, ps_globals)
+ STD_PHP_INI_BOOLEAN("session.use_strict_mode", "1", PHP_INI_ALL, OnUpdateBool, use_strict_mode, php_ps_globals, ps_globals)
STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateString, extern_referer_chk, php_ps_globals, ps_globals)
#if HAVE_DEV_URANDOM
STD_PHP_INI_ENTRY("session.entropy_file", "/dev/urandom", PHP_INI_ALL, OnUpdateString, entropy_file, php_ps_globals, ps_globals)
@@ -1720,9 +1750,9 @@ static PHP_FUNCTION(session_save_path)
static PHP_FUNCTION(session_id)
{
char *name = NULL;
- int name_len;
+ int name_len, argc = ZEND_NUM_ARGS();
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &name, &name_len) == FAILURE) {
+ if (zend_parse_parameters(argc TSRMLS_CC, "|s", &name, &name_len) == FAILURE) {
return;
}
@@ -1733,10 +1763,14 @@ static PHP_FUNCTION(session_id)
}
if (name) {
- if (PS(id)) {
- efree(PS(id));
+ if (PS(use_strict_mode) && argc) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot set session ID when session.use_strict_mode is enabled");
+ } else {
+ if (PS(id)) {
+ efree(PS(id));
+ }
+ PS(id) = estrndup(name, name_len);
}
- PS(id) = estrndup(name, name_len);
}
}
/* }}} */
diff --git a/ext/session/tests/003.phpt b/ext/session/tests/003.phpt
index 03c3b95..8725f06 100644
--- a/ext/session/tests/003.phpt
+++ b/ext/session/tests/003.phpt
@@ -4,6 +4,7 @@ session object deserialization
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/004.phpt b/ext/session/tests/004.phpt
index aeb2c8b..4547c65 100644
--- a/ext/session/tests/004.phpt
+++ b/ext/session/tests/004.phpt
@@ -4,6 +4,7 @@ session_set_save_handler test
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/005.phpt b/ext/session/tests/005.phpt
index a970e6b..796d9c3 100644
--- a/ext/session/tests/005.phpt
+++ b/ext/session/tests/005.phpt
@@ -4,6 +4,7 @@ custom save handler, multiple session_start()s, complex data structure test.
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/006.phpt b/ext/session/tests/006.phpt
index 03fca10..dba6894 100644
--- a/ext/session/tests/006.phpt
+++ b/ext/session/tests/006.phpt
@@ -4,6 +4,7 @@ correct instantiation of references between variables in sessions
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/009.phpt b/ext/session/tests/009.phpt
index d73bc23..6d8d11c 100644
--- a/ext/session/tests/009.phpt
+++ b/ext/session/tests/009.phpt
@@ -4,6 +4,7 @@ unset($_SESSION["name"]); test
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/012.phpt b/ext/session/tests/012.phpt
index 8708011..c555d2c 100644
--- a/ext/session/tests/012.phpt
+++ b/ext/session/tests/012.phpt
@@ -4,6 +4,7 @@ registering $_SESSION should not segfault
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/013.phpt b/ext/session/tests/013.phpt
index 8d0f284..32909eb 100644
--- a/ext/session/tests/013.phpt
+++ b/ext/session/tests/013.phpt
@@ -4,6 +4,7 @@ redefining SID should not cause warnings
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/014.phpt b/ext/session/tests/014.phpt
index 73bc28e..cbf22b1 100644
--- a/ext/session/tests/014.phpt
+++ b/ext/session/tests/014.phpt
@@ -5,6 +5,7 @@ a script should not be able to modify session.use_trans_sid
--INI--
session.use_trans_sid=0
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/015.phpt b/ext/session/tests/015.phpt
index 7d7b737..527b86b 100644
--- a/ext/session/tests/015.phpt
+++ b/ext/session/tests/015.phpt
@@ -6,6 +6,7 @@ use_trans_sid should not affect SID
session.use_trans_sid=1
session.use_cookies=0
session.use_only_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
arg_separator.output=&
session.name=PHPSESSID
diff --git a/ext/session/tests/018.phpt b/ext/session/tests/018.phpt
index def1f41..5ec132b 100644
--- a/ext/session/tests/018.phpt
+++ b/ext/session/tests/018.phpt
@@ -5,6 +5,7 @@ rewriter correctly handles attribute names which contain dashes
--INI--
session.use_cookies=0
session.use_only_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.use_trans_sid=1
session.name=PHPSESSID
diff --git a/ext/session/tests/019.phpt b/ext/session/tests/019.phpt
index 3ee8ccd..0f06add 100644
--- a/ext/session/tests/019.phpt
+++ b/ext/session/tests/019.phpt
@@ -4,6 +4,7 @@ serializing references test case using globals
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/020.phpt b/ext/session/tests/020.phpt
index f43bac5..7b18424 100644
--- a/ext/session/tests/020.phpt
+++ b/ext/session/tests/020.phpt
@@ -5,6 +5,7 @@ rewriter uses arg_seperator.output for modifying URLs
--INI--
session.use_cookies=0
session.use_only_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.use_trans_sid=1
arg_separator.output="&amp;"
diff --git a/ext/session/tests/021.phpt b/ext/session/tests/021.phpt
index 1ad3c5d..e199972 100644
--- a/ext/session/tests/021.phpt
+++ b/ext/session/tests/021.phpt
@@ -5,6 +5,7 @@ rewriter handles form and fieldset tags correctly
--INI--
session.use_cookies=0
session.use_only_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.use_trans_sid=1
url_rewriter.tags="a=href,area=href,frame=src,input=src,form=,fieldset="
diff --git a/ext/session/tests/023.phpt b/ext/session/tests/023.phpt
index 42b1e5b..592b4a8 100644
--- a/ext/session/tests/023.phpt
+++ b/ext/session/tests/023.phpt
@@ -4,6 +4,7 @@ session object deserialization
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/024.phpt b/ext/session/tests/024.phpt
index 2ad2606..2b273e2 100644
--- a/ext/session/tests/024.phpt
+++ b/ext/session/tests/024.phpt
@@ -4,6 +4,7 @@ session_set_save_handler test
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/025.phpt b/ext/session/tests/025.phpt
index 4fd095f..a9ad8fb 100644
--- a/ext/session/tests/025.phpt
+++ b/ext/session/tests/025.phpt
@@ -4,6 +4,7 @@ custom save handler, multiple session_start()s, complex data structure test.
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/026.phpt b/ext/session/tests/026.phpt
index 06c135d..44f0ae0 100644
--- a/ext/session/tests/026.phpt
+++ b/ext/session/tests/026.phpt
@@ -4,6 +4,7 @@ correct instantiation of references between variables in sessions
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/027.phpt b/ext/session/tests/027.phpt
index 600a992..6382852 100644
--- a/ext/session/tests/027.phpt
+++ b/ext/session/tests/027.phpt
@@ -4,6 +4,7 @@ unset($_SESSION["name"]); should work
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/030.phpt b/ext/session/tests/030.phpt
index 8d0f284..32909eb 100644
--- a/ext/session/tests/030.phpt
+++ b/ext/session/tests/030.phpt
@@ -4,6 +4,7 @@ redefining SID should not cause warnings
<?php include('skipif.inc'); ?>
--INI--
session.use_cookies=0
+session.use_strict_mode=0
session.cache_limiter=
session.serialize_handler=php
session.save_handler=files
diff --git a/ext/session/tests/bug41600.phpt b/ext/session/tests/bug41600.phpt
index 690347a..5380ee7 100644
--- a/ext/session/tests/bug41600.phpt
+++ b/ext/session/tests/bug41600.phpt
@@ -7,6 +7,7 @@ session.use_cookies=0
session.use_only_cookies=0
session.cache_limiter=
session.use_trans_sid=1
+session.use_strict_mode=0
arg_separator.output="&amp;"
session.name=PHPSESSID
session.serialize_handler=php
diff --git a/ext/session/tests/rfc1867.phpt b/ext/session/tests/rfc1867.phpt
index dc44e8b..fb0f506 100644
--- a/ext/session/tests/rfc1867.phpt
+++ b/ext/session/tests/rfc1867.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_cleanup.phpt b/ext/session/tests/rfc1867_cleanup.phpt
index f70b395..c41a7d1 100644
--- a/ext/session/tests/rfc1867_cleanup.phpt
+++ b/ext/session/tests/rfc1867_cleanup.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=1
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_disabled.phpt b/ext/session/tests/rfc1867_disabled.phpt
index 4490055..751d590 100644
--- a/ext/session/tests/rfc1867_disabled.phpt
+++ b/ext/session/tests/rfc1867_disabled.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=0
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_disabled_2.phpt b/ext/session/tests/rfc1867_disabled_2.phpt
index e878f46..d83b1d9 100644
--- a/ext/session/tests/rfc1867_disabled_2.phpt
+++ b/ext/session/tests/rfc1867_disabled_2.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_inter.phpt b/ext/session/tests/rfc1867_inter.phpt
index 7686371..8e3c136 100644
--- a/ext/session/tests/rfc1867_inter.phpt
+++ b/ext/session/tests/rfc1867_inter.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_no_name.phpt b/ext/session/tests/rfc1867_no_name.phpt
index c1dda81..75928dd 100644
--- a/ext/session/tests/rfc1867_no_name.phpt
+++ b/ext/session/tests/rfc1867_no_name.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_sid_cookie.phpt b/ext/session/tests/rfc1867_sid_cookie.phpt
index 735a5ac..34256f1 100644
--- a/ext/session/tests/rfc1867_sid_cookie.phpt
+++ b/ext/session/tests/rfc1867_sid_cookie.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_sid_get.phpt b/ext/session/tests/rfc1867_sid_get.phpt
index cc5a793..fb48fd8 100644
--- a/ext/session/tests/rfc1867_sid_get.phpt
+++ b/ext/session/tests/rfc1867_sid_get.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_sid_get_2.phpt b/ext/session/tests/rfc1867_sid_get_2.phpt
index 1d22e59..a25d10c 100644
--- a/ext/session/tests/rfc1867_sid_get_2.phpt
+++ b/ext/session/tests/rfc1867_sid_get_2.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=0
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_sid_invalid.phpt b/ext/session/tests/rfc1867_sid_invalid.phpt
index b28a2e3..c39dd3c 100644
--- a/ext/session/tests/rfc1867_sid_invalid.phpt
+++ b/ext/session/tests/rfc1867_sid_invalid.phpt
@@ -9,8 +9,9 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=1
session.auto_start=0
-session.upload_progress.enabled=1
+session.upload_progress.enabled=0
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
session.upload_progress.name=PHP_SESSION_UPLOAD_PROGRESS
@@ -45,7 +46,6 @@ var_dump($_SESSION["upload_progress_" . basename(__FILE__)]);
session_destroy();
?>
--EXPECTF--
-Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
string(%d) "%s"
bool(true)
array(2) {
diff --git a/ext/session/tests/rfc1867_sid_only_cookie.phpt b/ext/session/tests/rfc1867_sid_only_cookie.phpt
index 9a01056..10620b8 100644
--- a/ext/session/tests/rfc1867_sid_only_cookie.phpt
+++ b/ext/session/tests/rfc1867_sid_only_cookie.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=1
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/rfc1867_sid_post.phpt b/ext/session/tests/rfc1867_sid_post.phpt
index 7c1eb2d..d35215e 100644
--- a/ext/session/tests/rfc1867_sid_post.phpt
+++ b/ext/session/tests/rfc1867_sid_post.phpt
@@ -9,6 +9,7 @@ session.save_path=
session.name=PHPSESSID
session.use_cookies=1
session.use_only_cookies=0
+session.use_strict_mode=0
session.upload_progress.enabled=1
session.upload_progress.cleanup=0
session.upload_progress.prefix=upload_progress_
diff --git a/ext/session/tests/session_commit_variation4.phpt b/ext/session/tests/session_commit_variation4.phpt
index 57f4253..69854a6 100644
--- a/ext/session/tests/session_commit_variation4.phpt
+++ b/ext/session/tests/session_commit_variation4.phpt
@@ -2,6 +2,8 @@
Test session_commit() function : variation
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/ext/session/tests/session_id_basic.phpt b/ext/session/tests/session_id_basic.phpt
index 5cb13c2..690e4ab 100644
--- a/ext/session/tests/session_id_basic.phpt
+++ b/ext/session/tests/session_id_basic.phpt
@@ -2,6 +2,8 @@
Test session_id() function : basic functionality
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/ext/session/tests/session_id_error.phpt b/ext/session/tests/session_id_error.phpt
index 6337cb9..dc731e7 100644
--- a/ext/session/tests/session_id_error.phpt
+++ b/ext/session/tests/session_id_error.phpt
@@ -2,6 +2,8 @@
Test session_id() function : error functionality
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/ext/session/tests/session_id_error2.phpt b/ext/session/tests/session_id_error2.phpt
index 05284e7..56b840c 100644
--- a/ext/session/tests/session_id_error2.phpt
+++ b/ext/session/tests/session_id_error2.phpt
@@ -2,6 +2,8 @@
Test session_id() function : error functionality
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/ext/session/tests/session_id_error3.phpt b/ext/session/tests/session_id_error3.phpt
index fc29138..9dc1658 100644
--- a/ext/session/tests/session_id_error3.phpt
+++ b/ext/session/tests/session_id_error3.phpt
@@ -2,6 +2,8 @@
Test session_id() function : error functionality
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/ext/session/tests/session_set_save_handler_basic.phpt b/ext/session/tests/session_set_save_handler_basic.phpt
index 3897ba9..ec7ef1a 100644
--- a/ext/session/tests/session_set_save_handler_basic.phpt
+++ b/ext/session/tests/session_set_save_handler_basic.phpt
@@ -1,6 +1,7 @@
--TEST--
Test session_set_save_handler() function : basic functionality
--INI--
+session.use_strict_mode=0
session.save_path=
session.name=PHPSESSID
--SKIPIF--
diff --git a/ext/session/tests/session_set_save_handler_class_012.phpt b/ext/session/tests/session_set_save_handler_class_012.phpt
index 706ef79..d9c4a39 100644
--- a/ext/session/tests/session_set_save_handler_class_012.phpt
+++ b/ext/session/tests/session_set_save_handler_class_012.phpt
@@ -1,12 +1,15 @@
--TEST--
Test session_set_save_handler() : incorrect arguments for existing handler open
--INI--
+session.use_strict_mode=1
session.save_handler=files
session.name=PHPSESSID
+session.gc_divisor=100000000
--SKIPIF--
<?php include('skipif.inc'); ?>
--FILE--
<?php
+/* When gc is invoked. This test fails. */
ob_start();
diff --git a/ext/session/tests/session_set_save_handler_closures.phpt b/ext/session/tests/session_set_save_handler_closures.phpt
index 21b2c68..b5254fb 100755
--- a/ext/session/tests/session_set_save_handler_closures.phpt
+++ b/ext/session/tests/session_set_save_handler_closures.phpt
@@ -1,6 +1,7 @@
--TEST--
Test session_set_save_handler() function : using closures as callbacks
--INI--
+session.use_strict_mode=0
session.save_path=
session.name=PHPSESSID
--SKIPIF--
diff --git a/ext/session/tests/session_set_save_handler_variation4.phpt b/ext/session/tests/session_set_save_handler_variation4.phpt
index 3485f23..1b453e8 100644
--- a/ext/session/tests/session_set_save_handler_variation4.phpt
+++ b/ext/session/tests/session_set_save_handler_variation4.phpt
@@ -3,6 +3,7 @@ Test session_set_save_handler() function : variation
--SKIPIF--
<?php include('skipif.inc'); ?>
--INI--
+session.use_strict_mode=0
session.gc_probability=1
session.gc_divisor=1
session.gc_maxlifetime=0
diff --git a/ext/session/tests/session_write_close_variation4.phpt b/ext/session/tests/session_write_close_variation4.phpt
index 249c155..9076dcf 100644
--- a/ext/session/tests/session_write_close_variation4.phpt
+++ b/ext/session/tests/session_write_close_variation4.phpt
@@ -2,6 +2,8 @@
Test session_write_close() function : variation
--SKIPIF--
<?php include('skipif.inc'); ?>
+--INI--
+session.use_strict_mode=0
--FILE--
<?php
diff --git a/php.ini-development b/php.ini-development
index f3b70f1..e0b5dc8 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1407,6 +1407,11 @@ session.use_cookies = 1
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1
+; This option forces new session ID when browser supplied uninitialized session
+; ID. By enabling this option, module prevents session fixation based on adoption.
+; http://php.net/session.use-strict-mode
+session.use_strict_mode = 1
+
; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID
diff --git a/php.ini-production b/php.ini-production
index c0937f9..f8ff629 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1407,6 +1407,11 @@ session.use_cookies = 1
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1
+; This option forces new session ID when browser supplied uninitialized session
+; ID. By enabling this option, module prevents session fixation based on adoption.
+; http://php.net/session.use-strict-mode
+session.use_strict_mode = 1
+
; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment