| Age | Commit message (Collapse) | Author |
|---|
|
Adjusts casts to void dropping const qualifiers. This helps to avoid
mistakes, e.g. modifying string literals.
Also use size_t for length, similar to the upstream php interfaces.
|
|
|
|
* for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible
* SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read
* execution_depth is re-initialized to 0 for each request
* function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1
* execution is actually hooked if recursion protection is enabled
* some line breaks were removed to make the code more readable
|
|
|
|
|
|
This commit allows php to run (with a warning) if there
is no specified snuffleupagus configuration,
instead of refusing to start.
|
|
Co-authored-by: Giovanni Dante Grazioli <giovanni.dantegrazioli@nbs-system.com>
|
|
|
|
|
|
|
|
Since decrypt_zval doesn't provide a way to tell apart failed and successful decryption when used in simulation mode, we'll have to restore the original value if something goes wrong, because crypto_secretbox_open might modify the value.
|
|
* `setcookie` doesn't always return `true` anymore
* clang-format
* Cookies with invalid decryption are dropped, but the request isn't anymore
* faulty unserialize are now dumpable
|
|
|
|
|
|
This commit replace our usage of `php_log_err` with `zend_error`. This should
allow administrators to display errors in the webpage, should they want to;
and to properly manipulate the verbosity's level.
This should close #217
|
|
This commit does a lot of things:
- Use hashtables instead of lists to store the rules
- Rules that can be applied at launch time won't be tried at runtime
- Improve feedback when writing nonsensical rules
- Make intensive use of `zend_string` instead of `char*`
|
|
|
|
Implement session encryption.
|
|
Refactor the encryption process to extract encrypt/decrypt functions
|
