[DOC] implement full signature support for tar-based archives. By default, data archives do
not have a signature, but can have one set via setSignatureAlgorithm()

full refactor of signatures complete - now to implement them for tar as a starting point

- Fix build (ZTS)

partial refactor - move signature verification into its own function, in preparation for tar/zip signature support.
next is signature creation

fix memleak on error

- MFB major fixes
* found felipe's segfault in util.c and fixed the segfault (3 tests fail due to odd behavior of . and .. on this machine)
* fixed serious flaws in the setting/resettin

- MFB major fixes
* found felipe's segfault in util.c and fixed the segfault (3 tests fail due to odd behavior of . and .. on this machine)
* fixed serious flaws in the setting/resetting of is_data - now it works properly. Assume
all new PharData are tar-based, and allow passing Phar::ZIP to PharData constructor to override this
* fix broken earlier commit, introduced segfault that broke 20 tests here

show more ...

major fixes
* found felipe's segfault in util.c and fixed the segfault (3 tests fail due to odd behavior of . and .. on this machine)
* fixed serious flaws in the setting/resetting of is_da

major fixes
* found felipe's segfault in util.c and fixed the segfault (3 tests fail due to odd behavior of . and .. on this machine)
* fixed serious flaws in the setting/resetting of is_data - now it works properly. Assume
all new PharData are tar-based, and allow passing Phar::ZIP to PharData constructor to override this
* fix broken earlier commit, introduced segfault that broke 20 tests here

show more ...

MFB: plug security hole of unfettered creation access to .phar magic directory

fix potentially major security hole: modification/creation of files in .phar directory enabled in many locations
which then allows easy creation of tar/zip-based phar archives with a simple renam

fix potentially major security hole: modification/creation of files in .phar directory enabled in many locations
which then allows easy creation of tar/zip-based phar archives with a simple rename even when phar.readonly=1. Plug the hole very tightly, allowing read access to
files, and also excluding them from opendir() output

show more ...

- MFH
- Make internal code forward-compatible. This included a binary cast in the default stub, hence test updates.

- Make internal code back-compatible. This included a binary cast in the default stub, hence many test updates.
- Just over a third of tests pass. Test manifests are broken currently.

- 'It builds on my box'.
- Don't expect any tests to pass.

This commit was manufactured by cvs2svn to create branch 'PHP_5_3'.

fix weird alias issues, add tests to check for new-found problems

increase code coverage in util.c

simplify phar_get_link_location and increase its coverage to 100%

increase code coverage and fix tiny bug in handling of absolute links

increase code coverage of funcinterceptors to 90%+, fix many bugs, fix errant wrong test condition in fgc_edgecases

fix serious logic error and potential security issue with phar_compiled_file and
phar_find_in_include_path. We were allowing data-based phars to be executed, and actually marking phar-based phar

fix serious logic error and potential security issue with phar_compiled_file and
phar_find_in_include_path. We were allowing data-based phars to be executed, and actually marking phar-based phar archives
without '.phar' in the name as data-based phars, which would allow modifying them even if phar.readonly=0. Add test for this sinister case

show more ...

fix alias overloading handling for archives that are not in use

fix cwd test in php 5.2, now all tests pass in 5.2 on unix

fix Bug #13786 on unix (Steph can you verify?)

fix double free

more fixes for PHAR_G(cwd)

fix crash (this area really needs code coverage)