Add Windows support for caching_sha2_password by cmb69 · Pull Request #5129 · php/php-src

cmb69 · 2020-01-29T15:34:54Z

This requires OpenSSL to be linked to php*.dll. We also add an
alloca() based fallback for MSVC (and potentially other compilers),
which does not support variable length arrays.

This requires OpenSSL to be linked to php*.dll. We also add an `alloca()` based fallback for MSVC (and potentially other compilers), which does not support variable length arrays.

ext/mysqlnd/mysqlnd_auth.c

With changes to (hopefully) correctly fall back if OpenSSL support is missing. Furthermore the hard-coded dependency on ext/hash is no longer an issue, as this extension is required in master. This reverts commit 63072e9, reversing changes made to 4cbabb6.

nikic · 2020-01-29T16:03:35Z

LG from my side.

andreyhristov · 2020-01-29T16:04:01Z

LGTM

cmb69 · 2020-01-29T16:14:59Z

Thanks for reviewing! I'm not absolutely sure regarding the dependency on OpenSSL (libcrypto.dll).

KalleZ · 2020-01-29T17:20:19Z

@cmb69 perhaps we should look at a builtin ext/openssl, but I do wonder about the binary size increase if we are do that but it would make cases like these a lot easier (similar to how we did with ext/hash)

cmb69 · 2020-01-30T12:28:19Z

@KalleZ, that also has been suggested by @johannes (IIUC). However, that's certainly not an option for PHP 7.4, which this PR should have targeted. Retargeting now.

cmb69 · 2020-01-30T12:29:21Z

Closing and re-opening to trigger CI.

nikic · 2020-01-30T13:00:20Z

@cmb69 perhaps we should look at a builtin ext/openssl, but I do wonder about the binary size increase if we are do that but it would make cases like these a lot easier (similar to how we did with ext/hash)

That would add a hard dependency on openssl, which is definitely not an option. This only worked for ext/hash because it has no dependencies.

cmb69 · 2020-01-30T13:06:44Z

Ah, I see.

cmb69 · 2020-01-31T14:02:06Z

That would add a hard dependency on openssl, which is definitely not an option.

So this PR is not an option as well. Building ext/mysqlnd statically is also likely not an option for BC reasons. So it seems for caching_sha2_password support on Windows, we have to use the CryptoAPI. I'll try to come up with a solution, but that is highly unlikely to make into PHP 7.4.3RC1. Sorry.

nikic · 2020-01-31T15:06:41Z

So this PR is not an option as well. Building ext/mysqlnd statically is also likely not an option for BC reasons. So it seems for caching_sha2_password support on Windows, we have to use the CryptoAPI. I'll try to come up with a solution, but that is highly unlikely to make into PHP 7.4.3RC1. Sorry.

My comment was referring to making PHP have a hard dep on openssl in general. I don't really see an issue with having it as a dependency on our standard Windows builds, as long as you can still disable it if you really want to. We just shouldn't have any hard dependencies in a "minimal" PHP build, beyond libc.

cmb69 · 2020-02-01T15:59:11Z

I don't really see an issue with having it as a dependency on our standard Windows builds, as long as you can still disable it if you really want to.

To disable it, you would have to build PHP yourself, and AFAIK, almost nobody does that. And anybody using a standard Windows build, would suddenly (in a revision release) have a hard dependency on OpenSSL, even if they don't use it (nor mysqlnd). I don't think we should go this way. Run-time linking (dl() etc.) might be an option, but that is somewhat brittle per se.

SugarD-x · 2020-02-24T02:01:21Z

Was this ever fixed? I noticed PHP 7.4.3 is out, but this is something that wasn't mentioned in the changelog. (The fix for the non-Windows version wasn't mentioned in the changelog in any of the previous releases either, so it is hard to tell).

cmb69 · 2020-02-24T07:32:47Z

No, not yet fixed for Windows. See https://bugs.php.net/bug.php?id=79275 for progress.

nikic · 2020-02-24T08:35:21Z

@cmb69 Just to calibrate expectations, are there any plans to make this available on Windows in 7.4.x?

cmb69 · 2020-02-24T08:59:31Z

@nikic, yes, at least if it's possible by using native Windows crypto APIs (which seems to be).

SugarD-x · 2020-02-24T17:57:50Z

I hope that is the case. I've been waiting for this since 7.2.8! :)

cmb69 · 2020-02-25T18:23:37Z

See PR #5210.

Add Windows support for caching_sha2_password

f3831d1

This requires OpenSSL to be linked to php*.dll. We also add an `alloca()` based fallback for MSVC (and potentially other compilers), which does not support variable length arrays.

nikic reviewed Jan 29, 2020

View reviewed changes

ext/mysqlnd/mysqlnd_auth.c Outdated Show resolved Hide resolved

Don't use VLAs even if supported

855df29

cmb69 changed the base branch from master to PHP-7.4 January 30, 2020 12:28

cmb69 closed this Jan 30, 2020

cmb69 reopened this Jan 30, 2020

cmb69 closed this Jan 31, 2020

cmb69 deleted the cmb/caching_sha2_password branch February 26, 2020 15:08

cmb69 mentioned this pull request Jul 30, 2024

hash: Add SHA-NI implementation of SHA-256 #15152

Merged

1 task

Conversation

cmb69 commented Jan 29, 2020

Uh oh!

Uh oh!

nikic commented Jan 29, 2020

Uh oh!

andreyhristov commented Jan 29, 2020

Uh oh!

cmb69 commented Jan 29, 2020

Uh oh!

KalleZ commented Jan 29, 2020

Uh oh!

cmb69 commented Jan 30, 2020

Uh oh!

cmb69 commented Jan 30, 2020

Uh oh!

nikic commented Jan 30, 2020

Uh oh!

cmb69 commented Jan 30, 2020

Uh oh!

cmb69 commented Jan 31, 2020

Uh oh!

nikic commented Jan 31, 2020

Uh oh!

cmb69 commented Feb 1, 2020

Uh oh!

SugarD-x commented Feb 24, 2020

Uh oh!

cmb69 commented Feb 24, 2020

Uh oh!

nikic commented Feb 24, 2020

Uh oh!

cmb69 commented Feb 24, 2020

Uh oh!

SugarD-x commented Feb 24, 2020

Uh oh!

cmb69 commented Feb 25, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants