Ted Phillips schrieb am Do., 7. Juli 2016, 21:37:
> Right, so I think the only issue would be when we hide the path to {main}
> and anything relative to that. The trade-off would be that the developer
> will need to be familiar with his/her own directory structure. After
> thinking about it some
>
> > I think we need to drop the concerns about exposing "RNG state".
> >
> > If these are weak RNGs on your system, YOUR SYSTEM is broken.
>
> Telling people that their system is broken isn't going to be
> comforting to the people it happens to.
>
Sure, but it's the right way. Just like random_b
Hi Dan,
On Fri, Jul 8, 2016 at 5:33 AM, Dan Ackroyd wrote:
>> I think we need to drop the concerns about exposing "RNG state".
>>
>> If these are weak RNGs on your system, YOUR SYSTEM is broken.
>
> Telling people that their system is broken isn't going to be
> comforting to the people it happens
Hi Derick,
On Thu, Jul 7, 2016 at 9:29 PM, Derick Rethans wrote:
>> Hi all,
>>
>> Currently session module uses obsolete MD5 for session ID. With
>> CSPRNG, hashing is redundant and needless. It adds hash module
>> dependency and inefficient (There is no reason to use hash for CSPRNG
>> generated
Hi Leigh,
On Thu, Jul 7, 2016 at 5:25 PM, Leigh wrote:
> On 6 July 2016 at 22:30, Yasuo Ohgaki wrote:
>> php_session_create_id() may return NULL. It's an usual error. Session
>> module supports session ID creation save handler which may return
>> anything valid for the type.
>>
>> Session module
Hello everyone,
PHP 5.6.24 RC1 was just released and can be downloaded from:
http://downloads.php.net/~tyrael/
The Windows binaries are available at http://windows.php.net/qa/
This release contains a number of bugfixes.
For the list of bugfixes that you can target in your
testing, please refer
> I think we need to drop the concerns about exposing "RNG state".
>
> If these are weak RNGs on your system, YOUR SYSTEM is broken.
Telling people that their system is broken isn't going to be
comforting to the people it happens to.
There are always bugs in software and hardware. At some point i
Right, so I think the only issue would be when we hide the path to {main} and
anything relative to that. The trade-off would be that the developer will need
to be familiar with his/her own directory structure. After thinking about it
some more, there is the possibility that there are multiple sc
On Thu, Jul 7, 2016 at 8:09 PM, Levi Morrison wrote:
> On Thu, Jul 7, 2016 at 8:48 AM, Christoph Becker
> wrote:
> > On 06.07.2016 at 11:23, Rowan Collins wrote:
> >
> >> On 05/07/2016 22:06, Levi Morrison wrote:
> >>
> >>> It would have been great if people actually contributed to the
> >>> dis
On Thu, Jul 7, 2016 at 8:48 AM, Christoph Becker wrote:
> On 06.07.2016 at 11:23, Rowan Collins wrote:
>
>> On 05/07/2016 22:06, Levi Morrison wrote:
>>
>>> It would have been great if people actually contributed to the
>>> discussion before voting phase, but such is life.
>>
>> Yes, for my part,
Hi,
The third alpha for 7.1.0 was just released and can be downloaded from:
https://downloads.php.net/~krakjoe/
The Windows binaries are available at
http://windows.php.net/qa/
Please test it carefully, and report any bugs in the bug system.
Beta 1 will be tagged on Tuesday July 19th — at whi
Hi!
The RFC for enhancing pcntl_signal with additional calling context[1] is
now in voting phase. Voting open now through July 14.
Implementation PR[2] available for review.
Thanks!
[1]: https://wiki.php.net/rfc/additional-context-in-pcntl-signal-handler
[2]: https://github.com/php/php-src/
Afternoon,
The last alpha is going out today. There will be two weeks before the
first beta, which is feature freeze.
Cheers
Joe
On Thu, Jul 7, 2016 at 3:20 PM, David Walker wrote:
> On Thu, Jun 23, 2016 at 1:49 PM David Walker wrote:
>
>> On Thu, Jun 23, 2016 at 12:26 PM Dmitry Stogov w
On 7/7/16 6:39 AM, Leigh wrote:
As the discussion thread has been quiet for a while, moving this RFC to voting.
https://wiki.php.net/rfc/rng_fixes
https://github.com/php/php-src/pull/1986
Nice work.
The discussion persuaded me (Nikita mostly) that aliasing rand() to
mt_rand() is sensible. A
On 06.07.2016 at 11:23, Rowan Collins wrote:
> On 05/07/2016 22:06, Levi Morrison wrote:
>
>> It would have been great if people actually contributed to the
>> discussion before voting phase, but such is life.
>
> Yes, for my part, I apologise that I didn't pay any attention to this
> RFC previo
On Thu, Jun 23, 2016 at 1:49 PM David Walker wrote:
> On Thu, Jun 23, 2016 at 12:26 PM Dmitry Stogov wrote:
>
>> BTW: I'm not sure what pcntl_sigaction() could return as the "oldact"
>> argument..., so may be the original proposal is good enough.
>> --
>> *From:* Dmit
On Jul 7, 2016 7:53 PM, "Leigh" wrote:
>
> On 7 July 2016 at 13:39, Pierre Joye wrote:
> > Hi
> >
> > Looks good but missing an option to choose the default mode.
> >
> > I would choose BC as default at least for one release (7.1).
>
> It's been that way since 5.2.1, I think it's had enough rele
On 7 July 2016 at 13:39, Pierre Joye wrote:
> Hi
>
> Looks good but missing an option to choose the default mode.
>
> I would choose BC as default at least for one release (7.1).
It's been that way since 5.2.1, I think it's had enough releases already :)
--
PHP Internals - PHP Runtime Developm
Hi
Looks good but missing an option to choose the default mode.
I would choose BC as default at least for one release (7.1).
I tend to vote against fixing mt_rand because of that.
On Jul 7, 2016 5:39 PM, "Leigh" wrote:
> As the discussion thread has been quiet for a while, moving this RFC to
On Sat, 2 Jul 2016, Leigh wrote:
> Your patch updates session.use_strict_mode from 0 to 1. I actually don't
> know what this changes, but it's an undocumented change.
http://php.net/manual/en/session.configuration.php#ini.session.use-strict-mode
session.use_strict_mode specifies whether the modu
On Sat, 2 Jul 2016, Yasuo Ohgaki wrote:
> Hi all,
>
> Currently session module uses obsolete MD5 for session ID. With
> CSPRNG, hashing is redundant and needless. It adds hash module
> dependency and inefficient (There is no reason to use hash for CSPRNG
> generated bytes).
>
> This proposal cle
On 06.07.2016 at 23:30, Yasuo Ohgaki wrote:
>
> On Wed, Jul 6, 2016 at 9:10 PM, Christoph Becker wrote:
>>
>> Yes, I am aware that the patch uses php_random_bytes(), but what happens
>> when it fails, in which case php_session_create_id() returns null[1]?
>> Would it be impossible to use a session
Results for project PHP master, build date 2016-07-07 06:29:00+03:00
commit: 5e4a5cf
previous commit:210b6a2
revision date: 2016-07-07 11:53:08+10:00
environment:Haswell-EP
cpu:Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores,
stepping 2, LLC 45 MB
As the discussion thread has been quiet for a while, moving this RFC to voting.
https://wiki.php.net/rfc/rng_fixes
https://github.com/php/php-src/pull/1986
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Hi,
PHP 7.0.9 RC1 was just released and can be downloaded from:
https://downloads.php.net/~ab/
The Windows binaries are available at
http://windows.php.net/qa/
This release contains a number of bugfixes.
For the list of bugfixes that you can target in your testing, please refer
to the
On 6 July 2016 at 22:30, Yasuo Ohgaki wrote:
> php_session_create_id() may return NULL. It's an usual error. Session
> module supports session ID creation save handler which may return
> anything valid for the type.
>
> Session module tries to call php_session_create_id() several
> places/times. I
26 matches
Mail list logo
