summaryrefslogtreecommitdiff
path: root/src/snuffleupagus.c (follow)
AgeCommit message (Collapse)Author
2022-05-03Small code formatting fixjvoisin
2022-03-20Merge remote-tracking branch 'sektioneins/master'jvoisin
2022-02-05added config dump/export for use with other toolsBen Fuhrmannek
2022-01-12fixed compiler warning + better warning messageBen Fuhrmannek
2022-01-06prevent double checks and fixed segfault on return value accessBen Fuhrmannek
2022-01-05skip old php check for testingBen Fuhrmannek
2021-12-20added @warn/@err to config syntaxBen Fuhrmannek
2021-12-14fixed typo where execution hook may not have been activeBen Fuhrmannek
2021-11-30PHP 8.1 compatibility with streams/includes + fix for ticksBen Fuhrmannek
2021-11-19added old php version checkBen Fuhrmannek
2021-11-11inverted logic. set xxe_protection.enable() instead of disable_xxe.disable()Ben Fuhrmannek
2021-09-23config is stack allocated now + some code improvements (see details)Ben Fuhrmannek
* for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible * SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read * execution_depth is re-initialized to 0 for each request * function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1 * execution is actually hooked if recursion protection is enabled * some line breaks were removed to make the code more readable
2021-09-16ported sid min/max restriction from suhosinBen Fuhrmannek
2021-09-16ported server.strip and server.encode features from suhosinBen Fuhrmannek
2021-09-15implemented execution depth limitBen Fuhrmannek
2021-09-15changed version and version output in phpinfoBen Fuhrmannek
2021-08-18start SP as late as possible. this allows us to hook functions of extensions ↵Ben Fuhrmannek
supposed to be loaded later
2021-08-14debug log to dup'd stderr / php is closing stderr during shutdownBen Fuhrmannek
2021-08-07prevent STDERR debug output based on SP_NODEBUG environment variableBen Fuhrmannek
2021-08-06implemented ini settings protectionBen Fuhrmannek
2021-08-06debug log to dup'd stderr / php is closing stderr during shutdownBen Fuhrmannek
2021-08-02properly free memory on shutdownBen Fuhrmannek
2021-07-28Sprinkle even more `const`jvoisin
2021-05-09strtok/strtok_r is a thing from the past, don't use it.jvoisin
2021-05-09Add some checks to prevent recursion upon config reloadingjvoisin
2021-05-08Remove some memory-leaksjvoisin
2021-04-28A pass of clang-formatjvoisin
2020-11-18Make the strict mode disableablejvoisin
The global strict mode was enabled by default without any means to disable it, in certain cases. Bug reported by wedi.
2020-08-12Allow empty configuration (#342)jvoisin
This commit allows php to run (with a warning) if there is no specified snuffleupagus configuration, instead of refusing to start.
2020-08-07Move an includejvoisin
2019-02-23Try to unify the includesjvoisin
2018-10-06Remove sp_terminate and bump a bit the coveragejvoisin
2018-08-30Minor code cleanupxXx-caillou-xXx
2018-08-30Change how we're handling invalid configurationsxXx-caillou-xXx
Since our configuration format is a bit more complex than php's one, we have a `sp.allow_broken_configuration` parameter (`false` by default), that you can set to `true` if you want PHP to carry on if your Snuffleupagus' configuration contains syntax errors. You'll still get a big scary message in your logs of course. We do **not** recommend to use it of course, but sometimes it might be useful to be able to "debug in production" without breaking your website.
2018-08-29Change how we're validating certificatesxXx-caillou-xXx
2018-08-29Remove the GLOB_BRACE flagAntoine Tenart
When calling glob() to get the configuration file location, the GLOB_BRACE flag is used. This flag enables the parsing of '{a,b}', so that '/path/{a,b}' represents '/path/a' and '/path/b'. Looking at Snuffleupagus' documentation I saw nowhere this kind of path was supported. Instead the documentation shows that glob() is used for paths with wildcards. The use of GLOB_BRACE is problematic as it is glibc specific and is not supported by some other C libraries, such as Musl. Snuffleupagus cannot be used in Apline for this reason. Since the documentation does not give a valid usage of GLOB_BRACE this patch removes it, which fixes the non-glibc support. Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
2018-08-29Verify certs (#223)jvoisin
Ensure that certificates are verified in curl should close #47
2018-08-27Add whitelist support for php's wrappersxXx-caillou-xXx
2018-08-20Fix two minor issuesxXx-caillou-xXx
- Fix an infinite loop on `echo` hook - Use the correct function to compare filenames internally
2018-07-16Yet an other clang-format passjvoisin
2018-07-13Allow rules matching on echo and printxXx-caillou-xXx
2018-07-13Massively optimize how rules are handledxXx-caillou-xXx
This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*`
2018-07-09Trying to fix sloppy comparison (#186)jvoisin
* Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by modifying php's opcode
2018-05-29Support session encryptionkkadosh
Implement session encryption.
2018-01-18Improve a bit our portability wrt. windowsjvoisin
Thanks to @remicollet for the tip
2018-01-18Simplify the previous commitjvoisin
2018-01-18Clean up a bit the glob codejvoisin
2018-01-18add missing globfree()Sebastien Blot
2018-01-18Add globbing support for configuration file path (closes #125)Sebastien Blot
2018-01-17Remove useless "head" member in our linked lists implementationsimon MAGNIN-FEYSOT
This should close #85