Hey Pierre,
--enable-phar-ssl and do (not tested but it gives the idea):
if (PHP_PHAR_SSL == "yes") {
ADD_EXTENSION_DEP("phar", "openssl", true);
} else {
....
Erm... no, you've definitely missed the point. ADD_EXTENSION_DEP() only
works in one of the four possible scenarios, and that one is when both phar
and openssl are built as static. It will break the build for all other
combinations.
There are two ways to get phar to build alongside openssl in the other three
scenarios: You can add an explicit dependency on the underlying OpenSSL
libs, or you can ignore the relationship completely. If you do the former,
the related functionality in phar does not actually require ext/openssl to
be loaded. If you do the latter, it does.
FWIW, I think having Phar built-in is actually a disadvantage when it
comes
to this kind of thing. ext/openssl isn't enabled by default and is only
available as shared to the vast majority of Windows users.
it is enabled by default
'enabled by default' usually implies 'built-in'.
and it is built shared as almost all
extensions. The rest is a matter of documenting it, like almost all
extensions, "please enable phar and openssl (if available) in your
php.ini".
We can sign and verify OpenSSL signatures without ext/openssl if we have the
library dependency. In other words, this (with the module checks in util.c
commented out) works fine:
$p = new Phar('sigtest.phar');
$p['a.txt'] = 'whatever';
$pkey = file_get_contents(dirname(__FILE__) . '/files/private.pem');
$p->setSignatureAlgorithm(Phar::OPENSSL, $pkey);
var_dump($p->getSignature());
output:
array(2) {
["hash"]=>
string(256)
"A408120F3D5EAD7FAFB891FD6D3DB8A35A68741A550009F685517BA05086C35919730B81DAC06408082E0363F7DC25B7F51AFA9D3B598ECBE42D961296A201EE4ECD343BB707CD3C7F8E788C812477343644516591470F885A712326058B8A46DA769DADA8CDBC30C4DF47DD0A13C0A9AEF9FE4E62300EBD79C53215B415999E"
["hash_type"]=>
string(7) "OpenSSL"
}
and so does this:
$p = new Phar(dirname(__FILE__) . '/files/openssl.phar');
$sig = $p->getSignature();
var_dump($sig);
output:
array(2) {
["hash"]=>
string(256)
"1614A127C7DEB5405D175FFB2D20031E5E78A1FB993D8A854862940F28D0BB3207E1722F424DC731131BFC082D4B8A2F7B053E1B4405400F4D6D6AA0BBF2E45B3028CC6C01C9C361DC1A4B65D3932B075CB33948AF0B147076EBA3B13010B27DC64D7DAD340B2E399CA7848BB59434C1BC55B5B062F134A6943202F8FF63BD7B"
["hash_type"]=>
string(7) "OpenSSL"
}
Currently my config.w32 for PECL looks like this:
ARG_ENABLE("phar", "enable phar support", "no");
ARG_ENABLE("phar-ssl", "enable phar with OpenSSL support", "no");
if (PHP_PHAR_SSL != "no") {
PHP_PHAR = PHP_PHAR_SSL;
PHP_PHAR_SHARED = PHP_PHAR_SSL_SHARED;
}
if (PHP_PHAR != "no") {
EXTENSION("phar", "dirstream.c func_interceptors.c phar.c phar_object.c
phar_path_check.c stream.c tar.c util.c zip.c");
if (PHP_PHAR_SHARED) {
ADD_FLAG("CFLAGS_PHAR", "/D COMPILE_DL_PHAR ");
}
if (PHP_PHAR_SSL != "no" || PHP_OPENSSL != "no") {
ADD_FLAG("LIBS_PHAR", "libeay32.lib ssleay32.lib");
AC_DEFINE('PHAR_HAVE_OPENSSL', 1);
}
ADD_EXTENSION_DEP('phar', 'spl', true);
}
The config.w32 for core needs more thought because phar is enabled
statically by default there. It might be that Greg's is the only solution in
that set-up (i.e. phar only has internal openssl support if ext/openssl is
also statically linked, and the only way to get openssl support in phar
otherwise is to load php_openssl.dll.)
- Steph
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
