summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-04-25Add yet an other stupid things to the default set of rulesjvoisin
2020-04-24Add missing dependencies for Ubuntu's CIjvoisin
2020-04-24Add yet another disabled_functions bypassjvoisin
2020-04-14Typofix s/than/that/Travis Paul
2020-04-03Add an other article mentioning Snuffleupagusjvoisin
2020-04-03Add cPanel to the list of usersjvoisin
2020-04-01Document why SP doesn't provide a `.nop` actionjvoisin
2020-03-19Fix coverity integrationjvoisin
2020-03-09Mention Synacktiv's latest talkjvoisin
2020-03-04%s/nbs-system/jvoisinjvoisin
Since I'm the only one to maintain Snuffleupagus, let's adjust the links and contact addresses of my fork, to point to well… my fork.
2020-02-19Improve a bit php8 compatibilityjvoisin
PHP changed the way it exposes if a function has variadic arguments or not, hence why we need yet an other ifdef.
2020-02-19Fix some dead linksjvoisin
2019-11-03Log ip addresseskkadosh
2019-10-24Improve a bit the compatibility with php8jvoisin
- Apparently, TSRMLS_C and TSRMLS_FETCH aren't defined anymore, so we have to manually define them to nothing - PHP8 constified a bit some strings, which is great, so we should do the same to avoid warnings
2019-10-24Update the "papers" section of the documentationjvoisin
2019-10-22Revamp a bit the FAQjvoisin
2019-10-16Fix the default configurationjvoisin
ini_[sg]et first parameter is actually varname, and not var_name. Thanks to @gergo314 for flagging this!
2019-08-31Support direct syslog loggingThibault "bui" Koechlin
Add the possibility to log directly into the syslog, instead of using php's log system.
2019-07-10Use pcre3 on Debian in gitlab's CI for now.jvoisin
2019-07-10Fix the Debian build on gitlabjvoisin
Apparently, pcre isn't a hard dependency for php anymore. We're using pcre2, because pcre3 is actually pcre in Debian, because why not.
2019-07-10Improve a bit the readmejvoisin
2019-07-10Re-enable PHP7.4 supportjvoisin
It seems that the snapshot was fixed, and that the bug is gone (https://externals.io/message/105884)
2019-07-09Don't run an openssl-dependent test is openssl isn't installedRemi Collet
2019-07-09Add a stream wrapper test that doesn't depend on openssljvoisin
2019-07-09Fix the Alpine Linux buildjvoisin
pcre is not bundled with PHP anymore in AlpineLinux, so we have to install it separately.
2019-07-05Document a workaround for a gentoo-specific bugjvoisin
Thanks to infectormp for reporting the bugs, and testing the workaround.
2019-06-20Fix Alpine's build in the CIjvoisin
PCRE must now be installed, since it's not shipped with PHP by default anymore. Fedora did it too, and was fixed in 3fe0d28.
2019-06-20Fix snufflepagus_globals linking issues and one mac compatibility issuebef
2019-06-12Add failure on php7.4 snapshots, for nowjvoisin
Since PHP7.4 isn't released yet and is^w might break snuffleupagus, we're allowing the testsuite to fail on it, until there is a proper release.
2019-06-12Fix the fedora build in the CIjvoisin
2019-06-12bump debian changelogv0.5.0kka
2019-06-12bump the changelogkka
2019-06-12update snuffleupagus.h with new versionkka
2019-05-14Fix the cookie's handling for PHP7.3+jvoisin
PHP 7.3+ added a new prototype for the cookie setting mechanism, breaking our ghetto samesite-injection, this commit takes care of it.
2019-05-13Allow php > 7.4 to fail in the CIjvoisin
2019-05-13Fix VLD-related issue in the CIjvoisin
VLD isn't yet available for PHP7.4, so don't install it on PHP > 7.3
2019-04-07Protect against a now-public open_basedir bypassjvoisin
2019-02-23Try to unify the includesjvoisin
2019-02-23Fix the testsuite on php8.jvoisin
In php8, it's non-trivial to hook strlen, since this function is usually optimized away by the compiler.
2019-02-23Add php8 to travis and fix php7.4jvoisin
- Use clang-format on the code - Improve portability wrt. php8 - Fix php7.4 compatibility. See https://dustri.org/b/fixing-snuffleupagus-sloppy-comparison-on-array_keys-for-php74.html for a detailed writeup
2019-02-11Fix a warning on FreeBSDavkarenow
This should fix the following: ```C snuffleupagus/src/sp_config.c:193:10: warning: implicit declaration of function 'getline' is invalid in C99 [-Wimplicit-function-declaration] while (getline(&lineptr, &n, fd) > 0) { ^ 1 warning generated. ```
2019-01-22Fix typos and suggest more broad term for sysadminstomcodes
2019-01-21Document the point of having a black-list approach for evaljvoisin
2019-01-19Fix typo in how Snuffleupagus is spelled in doc/source/config.rsttomcodes
2019-01-16Improve a bit the default rulesjvoisin
2019-01-16Clean up a bit our .travis-ci.yml filejvoisin
Credit goes to @szepeviktor, this commit is a straight ripoff of https://github.com/nbs-system/snuffleupagus/pull/273 but without the bits that I'm not fond of, so we can move this forward while still being able to bikeshed around the bust the rest of it if we want to.
2019-01-16Fix a compilation warningjvoisin
2019-01-16Minor improvements of debian/rulesjvoisin
2019-01-14Reorganize the testsuitejvoisin
Splitting the testsuite in several components makes it easier to manage and comprehend. This was also needed some some tests aren't passing on Alpine Linux, but we still want to run as many of them as we can on this platform.
2019-01-12We're not in alpha anymore \o/jvoisin