From e5bfea64c81ae34816479bb05d17cdffe45adddb Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Sun, 18 Nov 2018 17:10:43 -0800 Subject: Disable rsh/ssh functionality in imap by default (bug #77153) --- ext/imap/php_imap.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'ext/imap/php_imap.c') diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c index 00eae89a96..f6feebe9f7 100644 --- a/ext/imap/php_imap.c +++ b/ext/imap/php_imap.c @@ -562,6 +562,15 @@ static const zend_module_dep imap_deps[] = { }; /* }}} */ + +/* {{{ PHP_INI + */ +PHP_INI_BEGIN() +STD_PHP_INI_BOOLEAN("imap.enable_insecure_rsh", "0", PHP_INI_SYSTEM, OnUpdateBool, enable_rsh, zend_imap_globals, imap_globals) +PHP_INI_END() +/* }}} */ + + /* {{{ imap_module_entry */ zend_module_entry imap_module_entry = { @@ -835,6 +844,8 @@ PHP_MINIT_FUNCTION(imap) { unsigned long sa_all = SA_MESSAGES | SA_RECENT | SA_UNSEEN | SA_UIDNEXT | SA_UIDVALIDITY; + REGISTER_INI_ENTRIES(); + #ifndef PHP_WIN32 mail_link(&unixdriver); /* link in the unix driver */ mail_link(&mhdriver); /* link in the mh driver */ @@ -1052,6 +1063,12 @@ PHP_MINIT_FUNCTION(imap) GC_TEXTS texts */ + if (!IMAPG(enable_rsh)) { + /* disable SSH and RSH, see https://bugs.php.net/bug.php?id=77153 */ + mail_parameters (NIL, SET_RSHTIMEOUT, 0); + mail_parameters (NIL, SET_SSHTIMEOUT, 0); + } + le_imap = zend_register_list_destructors_ex(mail_close_it, NULL, "imap", module_number); return SUCCESS; } -- cgit v1.2.1 From 628df47e79aeebea4d3da1be019582f4e9c656c7 Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Sun, 18 Nov 2018 17:10:43 -0800 Subject: Disable rsh/ssh functionality in imap by default (bug #77153) --- ext/imap/php_imap.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'ext/imap/php_imap.c') diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c index 9799112e01..164af9d0f4 100644 --- a/ext/imap/php_imap.c +++ b/ext/imap/php_imap.c @@ -562,6 +562,15 @@ static const zend_module_dep imap_deps[] = { }; /* }}} */ + +/* {{{ PHP_INI + */ +PHP_INI_BEGIN() +STD_PHP_INI_BOOLEAN("imap.enable_insecure_rsh", "0", PHP_INI_SYSTEM, OnUpdateBool, enable_rsh, zend_imap_globals, imap_globals) +PHP_INI_END() +/* }}} */ + + /* {{{ imap_module_entry */ zend_module_entry imap_module_entry = { @@ -832,6 +841,8 @@ PHP_MINIT_FUNCTION(imap) { unsigned long sa_all = SA_MESSAGES | SA_RECENT | SA_UNSEEN | SA_UIDNEXT | SA_UIDVALIDITY; + REGISTER_INI_ENTRIES(); + #ifndef PHP_WIN32 mail_link(&unixdriver); /* link in the unix driver */ mail_link(&mhdriver); /* link in the mh driver */ @@ -1049,6 +1060,12 @@ PHP_MINIT_FUNCTION(imap) GC_TEXTS texts */ + if (!IMAPG(enable_rsh)) { + /* disable SSH and RSH, see https://bugs.php.net/bug.php?id=77153 */ + mail_parameters (NIL, SET_RSHTIMEOUT, 0); + mail_parameters (NIL, SET_SSHTIMEOUT, 0); + } + le_imap = zend_register_list_destructors_ex(mail_close_it, NULL, "imap", module_number); return SUCCESS; } -- cgit v1.2.1 From d8765852e0400ee2ce8ae9e2177c42731d4539d8 Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Wed, 28 Nov 2018 15:45:51 -0800 Subject: Add DISPLAY_INI_ENTRIES for imap --- ext/imap/php_imap.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ext/imap/php_imap.c') diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c index f6feebe9f7..a23e84c085 100644 --- a/ext/imap/php_imap.c +++ b/ext/imap/php_imap.c @@ -1155,6 +1155,8 @@ PHP_MINFO_FUNCTION(imap) php_info_print_table_row(2, "Kerberos Support", "enabled"); #endif php_info_print_table_end(); + + DISPLAY_INI_ENTRIES(); } /* }}} */ -- cgit v1.2.1